no, a browser written in java would not have buffer overflow/stack issues. the jvm is specifically designed to prevent it ...
-- Michael On 3/29/06, Pavel Kankovsky <[EMAIL PROTECTED]> wrote: > On Mon, 27 Mar 2006, Brian Eaton wrote: > > > If I run a pure-java browser, for example, no web site's HTML code is > > going to cause a buffer overflow in the parser. > > Even a "pure-java browser" would rest on the top of a huge pile of native > code (OS, JRE, native libraries). A seemingly innocent piece of data > passed to that native code might trigger a bug (perhaps even a buffer > overflow) in it... > > Unlikely (read: less likely than a direct attack vector) but still > possible. > > --Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ] > "Resistance is futile. Open your source code and prepare for assimilation." > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php
