Does Java have buffer overflows?
Managed languages such as Java and C# do not have these problems, but the specific virtual machines (JVM/CLR/etc) which actually run the code may.
Yes and no. No, in that you cannot really create mistakenly open yourself up to a buffer overflow vulnerability because it is a managed memory model. However, there can be buffer overflow vulnerabilities in the JVM and JDK. See this Secunia advisory:
http://secunia.com/advisories/25295
Or see these old advisories on several previous JDK and JRE vulnerabilities:
Integer and Buffer Overflow Vulnerabilities in the Java Runtime Environment (JRE) "unpack200" JAR Unpacking Utility May Lead to Escalation of Privileges https://download.oracle.com/sunalerts/1020225.1.html
Integer and buffer overflow vulnerabilities in the Java Runtime Environment (JRE) with unpacking applets and Java Web Start applications using the "unpack200" JAR unpacking utility may allow an untrusted applet or application to escalate privileges. For example, an untrusted applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet.
Sun acknowledges with thanks, "regenrecht" working with the iDefense VCP (http://labs.idefense.com/vcp/) and Chris Evans of Google for bringing these issues to our attention.
Multiple vulnerabilities have been identified in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE). https://security.gentoo.org/glsa/200705-23
An unspecified vulnerability involving an "incorrect use of system classes" was reported by the Fujitsu security team. Additionally, Chris Evans from the Google Security Team reported an integer overflow resulting in a buffer overflow in the ICC parser used with JPG or BMP files, and an incorrect open() call to /dev/tty when processing certain BMP files.
Since Java Strings are based on char arrays and Java automatically checks array bounds, buffer overflows are only possible in unusual scenarios:
- If you call native code via JNI
- In the JVM itself (usually written in C++)
- The interpreter or JIT compiler does not work correctly (Java bytecode mandated bounds checks)
For all intents and purposes, no.
Java has array bounds checking which will check that data cannot be accessed from area outside of the allocated array. When one tries to access area that is beyond the size of the array, an ArrayOutOfBounds exception will be thrown.
If there is a buffer-overrun, it is probably from a bug in the Java Virtual Machine, and is, to my knowledge, not the intended behavior that is written in the Java Language Specifications nor the Java Virtual Machine Specifications.