The bytecode verifier is an internal component of the JVM and is responsible for detecting non-confirming Java code. It performs tasks such as ensuring that the class file is in proper format, illegal type casts are not performed and preventing operand stack overflows or underflows.
...
Noncompliant Code Example
In the non-compliant noncompliant code snippet shown below, two classes, Ssn and SsnVerify are defined. If at some later time, the programmer changes the access modifier of the ssn field from public to private, a possibility exists that only the modified Ssn class is recompiled but the SsnVerify class is overlooked. As a result, SsnVerify can now illegally access the private ssn field of the Ssn class.
| Code Block | ||
|---|---|---|
| ||
package ssnvault.values;
public class Ssn {
public String ssn = "001 01 0001";
}
package ssnvault.values;
public class SsnVerify {
public static void main(String[] args) {
Ssn number = new Ssn();
System.out.println("Please enter last four digits of your SSN:");
//perform verification
}
}
|
Compliant Solution
It is vital to re-compile both Ssn and SsnVerify classes so that the bytecode verifier can be applied to detect the non-conforming code.
The verification process is automatically initiated unless the -noverify flag is specified at command line. On Java 2 systems, classes loaded by the primordial class loader (that loads classes from the boot class path) are not required to perform bytecode verification.
...
Risk Assessment
TODO
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
SEC36-J | ?? | ?? | ?? | P?? | L?? |
Automated Detection
TODO
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
(h2. Ref)erences
Java Security, Scott Oaks pg. 50, The Bytecode Verifier
Enterprise Security: Building Secure J2EE Applications, 7.3 The Class File Verifier