Monday, September 20, 2004

Structured Exception Handling

Thursday, September 16, 2004

vtable layout and lookup

struct cA ;

struct A_vtbl
void (__stdcall* pfn_mem_fun)( struct cA* this, int v ) ;
void (__stdcall* pfn_mem_fun2)( const struct cA* this ) ;
void (__stdcall* pfn_mem_fun3)( struct cA* this ) ;
void (__stdcall* pfn_destructor)( struct cA* this ) ;

struct cA
struct A_vtbl* vptr ;
char c1 ;
int i ;
char c2[1] ;

void cfun( struct cA* pa )
//pa->mem_fun2() ;
pa->vptr->pfn_mem_fun2(pa) ;
//pa->mem_fun(100) ;

type safety importance link

From -

Why Type Safety Matters
Type safety is the most essential element of Java's security. To understand why, consider the following slightly contrived example. A calendar-management applet defines a class called Alarm. This class is represented in memory as shown in Figure 2.10. Alarm defines an operation turnOn, which sets the first field to true. The Java runtime library defines another class called Applet, whose memory layout is also shown in Figure 2.10. Note that the first field of Applet is fileAccessAllowed, which determines whether the applet is allowed access to files on the hard disk.
Figure 2.10 Type safety provides an important foundation for the Java security model.In this figure, two classes, Alarm and Applet, each include a number of fields. Setting the first field in these classes to "true" is not equivalent. Type safety checks ensure that any object a method may try to manipulate is of the proper type.
Suppose a program tried to apply the turnOn operation to an Applet object. If the operation were allowed to go ahead, it would do what turnOn was supposed to do, and set the first field of the object to true. Since the object was really in the Applet class, setting the first field to true allows the applet to access the hard disk. The applet would then be allowed (incorrectly) to delete files.
This example shows what can go wrong if type safety is violated. In our experience, every type safety violation has created an opportunity for an untrusted applet to break out of Java's security restrictions. Given the importance of type safety, the next section explains Java's strategy for ensuring type safety.

Total Pageviews