StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
primarykey
Id
755012
data
AcceptedAnswerId
0
AnswerCount
0
ClosedDate
CommentCount
3
CommunityOwnedDate
CreationDate
2009-04-16T06:45:43.740
FavoriteCount
0
LastActivityDate
2014-09-15T09:27:03.663
LastEditDate
2014-09-15T09:27:03.663
LastEditorUserId
14860
OwnerUserId
14860
ParentId
755005
PostTypeId
2
Score
19
ViewCount
0
LastEditorDisplayName
text
Body
Oracle themselves have a little snippet page on how it works <a href="http://www.oracle.com/technetwork/java/security-136118.html" rel="nofollow noreferrer">here</a>. Basically, the JRE doesn't trust the JDK. That's because it has no knowledge of which JDK compiler created the class file. It treats the class file as hostile until verified. Expanding on that, the bytecode verification is a necessary step to protect from what Sun call a "hostile compiler". Sun's own Java compiler ensures that Java source code doesn't violate the safety rules but, when an application imports a code fragment, it doesn't actually know if the code fragment follows Java language rules for safety. In other words, the code may not have been produced by a trustworthy Java compiler. In that case, the Java run time system on your machine has to assume the fragment is bad and subjects it to bytecode verification. The Java virtual machine does not even see the bytecode until it's been through this verification process. Doing this as the bytecode is loaded also has the advantage that a whole lot of run time checks don't need to be performed every time the code is executed. Because it's been verified as correct, it can, once it starts running, run faster than would otherwise be possible. A rendition of the linked diagram is below: <pre><code> <<<=== Unsafe / Safe ===>>> \ +---------------+ +-------------------+ | Java source | +--> | Class loader | --+ +---------------+ | | Bytecode verifier | | | | +-------------------+ | V | / | +---------------+ | \ V | Java compiler | Network / +-------------------+ +---------------+ | \ | JVM/JIT | | | / +-------------------+ V | \ | +---------------+ | / V | Java bytecode | --+ \ +-------------------+ +---------------+ / | Operating system | \ +-------------------+ / | \ V / +-------------------+ \ | Hardware | / +-------------------+ \ <<<=== Unsafe / Safe ===>>> </code></pre>
Tags
Title
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. POHow does bytecode get verified in the JVM?
 singulars
 PostTypePostTypeId
 PTQuestion
PostTypePostTypeId
1. PTAnswer
UserLastEditorUserId
1. USpaxdiablo
UserOwnerUserId
1. USpaxdiablo
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. POHow does bytecode get verified in the JVM?
 singulars
 PostTypePostTypeId
 PTQuestion
PostsParentIdCreationDate
1. This table or related slice is empty.
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
2. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
3. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId
1. COThe problem isn't just malicious compilers. If someone is really trying to write an exploit, they'd likely write the bytecode by hand, or at least the important part.
 singulars
 PostPostId
 PO
 UserUserId
 USAntimony

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.