Careful Analysis of Type Spoofing

Tozawa, Akihiko; Hagiya, Masami

doi:10.1007/978-3-642-60247-4_27

Careful Analysis of Type Spoofing

Akihiko Tozawa³ &
Masami Hagiya³

Conference paper

68 Accesses
1 Citations

Part of the book series: Informatik aktuell ((INFORMAT))

Abstract

Saraswat’s type spoofing was one of the most long-lasting bugs in the JVM. Recently, its solution was proposed and implemented in JDK 1.2. The correctness of this new feature, however, is non-trivial and required the formal soundness proof. Actually, during our work on it, two flaws inside the new JVM implementation were found. This paper briefly reports our work and results.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 54.99; Price excludes VAT (USA)

Softcover Book: USD 69.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

A. Tozawa and M.Hagiya, New Formalization of the JVM, in preparation. Draft. available from http://nicosia.is.s.u-tokyo.ac.jp/members/miles/papers/cl-99.ps
T. Lindholm and F. Yellin, The Java Virtual Machine Specification, The Java Series, Addison-Wesley Longman, 1996. http://j.
V. Saraswat, Java is not type-safe, 1997. http://www.research.att.com/.
Sheng Liang, Gilad Bracha,Dynamic Class Loading in the Java Virtual Machine, OOPSLA’98, proc, pp. 36–43, 1998.
Google Scholar
M. Hagiya and A. Tozawa, On a New Method for Dataflow Analysis of Java Virtual Machine Subroutines, SAS’98, Proc, LNCS 1503, Springer-Verlag, pp. 17–32, 1998. ftp://nicosia.is.s.u-tokyo.ac.jp/pub/staff/hagiya/pro98/jvm-pro.ps.
R.Stata and M.Abadi, A Type System for Java Bytecode Subroutines, POPL’98, proc, pp. 149–160, 1998.
Google Scholar
D.Dean, The Security of Static Typing with Dynamic Linking, 4th Conference on Computer and Communications Security, ACM, proc, 1997.
Google Scholar
A. Goldberg, A specification of Java Loading and Bytecode Verification, 1998 http://www..
T. Jensen, D. Le Metayer and T. Thorn, Security and Dynamic Class Loading in Java: A Formalisation, Proceedings of IEEE International Conference on Computer Languages, pp. 4–15, 1998.
Google Scholar
S.Freund and J.C.Mitchell, A Type System for Object Initialization in the Java Bytecode Language, ACM Symp. OOPSLA’98, Proceedings, pp. 310–327, 1998.
Google Scholar
Z. Qian, A Formal Specification of Java Virtual Machine Instruction, 1997 http://www.infomatik.uni-bremen..

Download references

Author information

Authors and Affiliations

Department of Information Science, Graduate School of Science, University of Tokyo, Japan
Akihiko Tozawa & Masami Hagiya

Authors

Akihiko Tozawa
View author publications
You can also search for this author in PubMed Google Scholar
Masami Hagiya
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Lehrstuhl für Informations- und Kommunikationsdienste Fachbereich Informatik, Universität Rostock, Albert-Einstein-Strasse 21, 18059, Rostock, Germany
Clemens H. Cap

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Tozawa, A., Hagiya, M. (1999). Careful Analysis of Type Spoofing. In: Cap, C.H. (eds) JIT’99. Informatik aktuell. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-60247-4_27

Download citation

DOI: https://doi.org/10.1007/978-3-642-60247-4_27
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-66464-2
Online ISBN: 978-3-642-60247-4
eBook Packages: Springer Book Archive

Publish with us

Policies and ethics