Hi Ranchers, Since Java is written in C++ (more details on this link), does it mean that Java may have buffer overflows and memory leaks? (Which may explain a Volano security advisory report that some Java VM implementations are vulnerable to a denial-of-service attack.) Any opinions/statements of facts about this? Ex Animo Java! -- Val [ August 28, 2002: Message edited by: Val Pecaoco ]
"Knowledge is power, but enthusiasm is the key." -- Lavern Barn
Memory leaks are not a property of any one language -- not even C++. It is certainly possible to create memory leaks in a running Java program, but it has nothing to do with native code libraries. It has everything to do with careless programming.
Val Pecaoco
Ranch Hand
Joined: Dec 05, 2001
Posts: 156
posted
0
Originally posted by Michael Ernest: It is certainly possible to create memory leaks in a running Java program, but it has nothing to do with native code libraries. It has everything to do with careless programming.
So, it's like, a carelessly-programmed Java virtual machine in C++, for example, may be a potential source of memory leaks?
sridhar satuloori
Ranch Hand
Joined: Nov 05, 2001
Posts: 144
posted
0
Originally posted by Michael Ernest: Memory leaks are not a property of any one language -- not even C++. It is certainly possible to create memory leaks in a running Java program, but it has nothing to do with native code libraries. It has everything to do with careless programming.
Michael, My understanding is that Java never creates a memory leak how bad your program could be. If at all if there are any memory leaks they are because oof the faulty implementation of JVM. It is certainly possible to create memory leaks in a running Java program I am just curious here. can you write a single example which creates a memory leak on any JVM. --sridhar
David Weitzman
Ranch Hand
Joined: Jul 27, 2001
Posts: 1365
posted
0
Basically the thing to keep in mind is that Sun's implementatation of Java is really good. There are a few bugs in the standard libraries, but I can count on the fingers of one hand the number of times that Sun's virtual machine has unexpectedly halted running a pure Java application -- and I've been using java since 1.1. Just go to securityfocus.net and look for security bugs in Sun's virtual machine. In response to sridhar: You can maintain references to unused objects and clog the memory -- read: you can create memory leaks. Here's an example of a memory leak that's in Effective Java by Joshua Bloch -- an array based stack. I know it's a good example because I saw with my own eyes a grad student instructor make this exact same stack leak mistake this summer.
Do you see the memory leak? It's in the pop() method. Once I put something into the stack, it won't be garbage collected until the entire stack is. I don't delete the reference from the array -- I just change a pointer. Here's the fix:
It's just important to remember that when an object isn't going to be used ever again, any references to it should either go out of scope at the end of the current code block or be specifically set to null. [ August 29, 2002: Message edited by: David Weitzman ]
So, it's like, a carelessly-programmed Java virtual machine in C++, for example, may be a potential source of memory leaks?
Like, that's totally not my point, but you're not wrong either?
sridhar satuloori
Ranch Hand
Joined: Nov 05, 2001
Posts: 144
posted
0
thanks, Michel and David, Now i accept that u can create a memory leaks in java. I was under impression that Java doesnt allow you to create "memory leak". --sridhar
Thomas Paul
mister krabs
Ranch Hand
Joined: May 05, 2000
Posts: 13974
posted
0
Those of us who are C++ programmers can tell you that the example is not a true memory leak in the classic term. Back in the old days we used to write programs that would never free memeory even after they terminated. You'd have to reboot your windows PC to get your memory back. Now that was a memory leak!!!
Isn't C++ memory reclaimed when the program exits?
Thomas Paul
mister krabs
Ranch Hand
Joined: May 05, 2000
Posts: 13974
posted
0
Originally posted by David Weitzman: Isn't C++ memory reclaimed when the program exits?
Not in the old days when we ran on Win 3.1! We had one program that would run for about 2 hours and then lock up a Win 3.1 PC. The only fix was Ctrl-Alt-Delete!
Ron Newman
Ranch Hand
Joined: Jun 06, 2002
Posts: 1056
posted
0
But when a C or C++ program exits, doesn't its entire address space go away because the process exits?
Ron Newman - SCJP 1.2 (100%, 7 August 2002)
Thomas Paul
mister krabs
Ranch Hand
Joined: May 05, 2000
Posts: 13974
posted
0
You obviously never worked with 16 bit versions of Windows!
Ron Newman
Ranch Hand
Joined: Jun 06, 2002
Posts: 1056
posted
0
Nope -- my C and C++ work was all on various flavors of Unix.
I agree. Here's the link: http://ej-technologies/jprofiler - if it wasn't for jprofiler, we would need to
run our stuff on 16 servers instead of 3.
subject: Does Java have buffer overflows and memory leaks?
0
