Java is a very safe language if used in a normal way, however just like the CLR it can be used in an unsafe manor.<\/p>\n
The main reason for using Java in a unsafe manor is performance, some unsafe operations are optimised by the JVM itself.<\/p>\n
The boot class loader grants enough permissions to access a key undocumented class sun.misc.Unsafe. As I will state, this is an undocumented class and as the name implies it’s unsafe<\/b>.<\/p>\n
This class provides methods that allows you to manipulate objects and the memory of the objects directly.<\/p>\n
For example, you could use it to access the object itself, lets look at an example to manipulate a String object.. not nice I hear you say…. and boy are you are so right. The purpose of this example is to demonstrate the power of the JVM if used to the extreme but not to demonstrate how to destroy the JVM.<\/p>\n
\/\/ To Compile: javac BadBoy.java public class BadBoy public static void main(String args[]) throws Exception \/\/ Find the memory offset within the field... field = String.class.getDeclaredField(\"offset\"); \/\/ Lets read the memory directory... int length = unsafe.getInt(object, countOffset); System.out.println(\"1- The 'object' contains : \"); unsafe.putInt(object, offset4Offset, 17); Then, the output of the example on my little macbook is:<\/p>\n As you can see the String object is changed but the hashCode remains the same. \ud83d\ude42<\/p>\n Even if the above example seems weird to the extreme and it is, I offer you one take home from this blog…<\/p>\n Be very careful what you place on your “bootclasspath!”<\/p>\n \n","protected":false},"excerpt":{"rendered":" Java is a very safe language if used in a normal way, however just like the CLR it can be used in an unsafe manor. The main reason for using Java in a unsafe manor is performance, some unsafe operations … Continue reading
\nimport sun.misc.Unsafe;
\nimport java.lang.reflect.Field;<\/p>\n
\n\/\/ To Run: java -Xbootclasspath\/p:. BadBoy<\/p>\n
\n{
\n private final static Unsafe unsafe = Unsafe.getUnsafe();<\/p>\n
\n {
\n \/\/ Find the field \"count\" inside java.lang.String
\n Field field = String.class.getDeclaredField(\"count\");<\/p>\n
\n long countOffset = unsafe.objectFieldOffset(field);<\/p>\n
\n long offset4Offset = unsafe.objectFieldOffset(field);<\/p>\n
\n Object object = \"Hello World from Java, the ultra safe language... or is it..\";<\/p>\n
\n System.out.println(\"The original Length is length: \" + length);<\/p>\n
\n System.out.println(\" -> \"+object);
\n System.out.println(\" hashCode is : \" + object.hashCode());<\/p>\n
\n unsafe.putInt(object, countOffset, 32);
\n System.out.println(\"2- The 'object' contains : \");
\n System.out.println(\" -> \"+object);
\n System.out.println(\" hashCode is : \" + object.hashCode());
\n }
\n}
\n<\/code><\/p>\n
\nstephen-gennards-macbook:blob spg$ java -Xbootclasspath\/p:. BadBoy
\nThe original Length is length: 60
\n1- The 'object' contains :
\n -> Hello World from Java, the ultra safe language... or is it..
\n hashCode is : 573430574
\n2- The 'object' contains :
\n -> Java, the ultra safe language...
\n hashCode is : 573430574
\n<\/code><\/p>\n