From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=0.2 required=5.0 tests=BAYES_00,INVALID_MSGID, REPLYTO_WITHOUT_TO_CC autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,f3f9104dada53163 X-Google-Attributes: gid103376,public From: Stephen Leake Subject: Re: An interesting quote on Java and C++ Date: 1997/09/10 Message-ID: <3416C84A.5BD0@gsfc.nasa.gov>#1/1 X-Deja-AN: 271334051 References: <5ujjvq$t4s@drn.zippo.com> <01bcb881$915526a0$d7000064@sim01.amst.co.at> <34157a82.81185415@news.mindspring.com> Reply-To: Stephen.Leake@gsfc.nasa.gov Organization: NASA Goddard Space Flight Center -- Greenbelt, Maryland USA Newsgroups: comp.lang.ada Date: 1997-09-10T00:00:00+00:00 List-Id: Robert A Duff wrote: > > Consider also that > Ada allows range constraints, which can help catch bugs, but provide no > particular security benefit -- so Java takes the C attitude there > (although more portable than C); Java can't say "type T is range > 1..10;". Range constraints provide significant security benefits, at least in systems without separate address spaces. If you can write "past" the end of an array, you can write to arbitrary memory, including system memory. I believe there are several Windows/DOS viruses that use this trick, but I'm not really sure. > - Bob -- - Stephe