![]() ![]() Having compiled the code with the stack protector in place, the implementations of either the runtime library or the OS may detect this situation in some conditions and terminate the program to prevent unexpected behavior. The available safety nets will vary significantly from compiler to compiler, and even between different versions of the same compiler, but here’s an example: gcc -fstack-protector CheckSumCalculator.c -o CheckSumCalculator.so Other than using the much safer snprintf that takes buffer length and does not write past that, you can also ask the compiler to add stack protectors, or memory sanitization to the compiled code. This will indeed result in stack smashing and opens doors for potential hacks or just leaving the application to an unpredictable state.įor C-developers, the underlying stack protector mechanism is well-known, but for Java developers, it might need a bit more explanation. With longer inputs the remaining characters will be written past its end. Sprintf(dst_filename, "%s.digested", src_filename) įrom the above it is clear that the buffer can only hold a fixed number characters. The underlying problem is not too complex and is probably immediately visible in the C code: char dst_filename #Stack smashing detected mac os#You should be aware of the fact that I only tested the examples on Linux and Mac OS X, and it might behave differently on Windows. Instead, the JVM is crashed without so much as a crash log. So the native method finished its execution just fine, but the control was not returned to Java. *** stack smashing detected ***: java terminated The not-so straightforward part is exposed when you discover yourself staring at the output with a slightly different (longer) filename used for input: $ java -jar build/libs/checksum.jar 123456789012.txt Got checksum from native method: 1804289383 $ java -jar build/libs/checksum.jar 123.txtĮxiting native method with checksum: 1804289383 You would just need to clone the repository and launch it similar to the following example: $. The code is simple and straightforward and so is running it. ![]() To achieve Awesome Performance (TM), I decided to implement the checksum calculation part using native implementation. It consists of a simple Java class, calculating checksums for files. To walk you through the experience, I have created a small test case. Or in more detail, how using native methods can result in JVM crashing silently without any reasonable traces in log files. ![]() This post is about a recent experience with native methods. I am also sure that the surprise has later vanished over the years with coming to understand how the JVM handles calls to native implementations via JNI. I bet every Java developer has been surprised at some point in the beginning of their career when they first encounter native methods in Java code. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |