About Question enthuware.ocpjp.v11.2.3420 :

Help and support on OCA OCP Java Programmer Certification Questions
1Z0-808, 1Z0-809, 1Z0-815, 1Z0-816, 1Z0-817

Moderator: admin

Post Reply
peterz
Posts: 6
Joined: Tue Jan 26, 2021 9:24 am
Contact:
Contact peterz

Re: About Question enthuware.ocpjp.v11.2.3420 :

Post by peterz »

Could someone explain, why the code violates "Resource limit checks should not suffer from integer overflow"? I don't see any resource limit checks in the code. I undestand that the code might crash if the length becomes smaller due to overflow, but I don't see the security problem here.
Top
Online
admin
Site Admin
Posts: 10443
Joined: Fri Sep 10, 2010 9:26 pm
Contact:
Contact admin

Re: About Question enthuware.ocpjp.v11.2.3420 :

Post by admin »

It may not exactly be a security problem but it does violate the Guideline 1-3 / DOS-3: "Resource limit checks should not suffer from integer overflow".
A method that allocates large chunks of memory is prone to denial of service attacks as well.
Top
Post Reply

Return to “OCA OCP Java Programmer Certification Questions Discussion”

Who is online

Users browsing this forum: No registered users and 24 guests