Java Native Interface: Programmer's Guide and Reference
Java Native Interface: Programmer's Guide and Reference
Oil and Water? High Performance Garbage Collection in Java with MMTk
Proceedings of the 26th International Conference on Software Engineering
Proceedings of the 4th international symposium on Memory management
Checking type safety of foreign function calls
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
DieHard: probabilistic memory safety for unsafe languages
Proceedings of the 2006 ACM SIGPLAN conference on Programming language design and implementation
The DaCapo benchmarks: java benchmarking development and analysis
Proceedings of the 21st annual ACM SIGPLAN conference on Object-oriented programming systems, languages, and applications
Heap protection for Java virtual machines
PPPJ '06 Proceedings of the 4th international symposium on Principles and practice of programming in Java
PIN: a binary instrumentation tool for computer architecture research and education
WCAE '04 Proceedings of the 2004 workshop on Computer architecture education: held in conjunction with the 31st International Symposium on Computer Architecture
Jeannie: granting java native interface developers their wishes
Proceedings of the 22nd annual ACM SIGPLAN conference on Object-oriented programming systems and applications
Java heap protection for debugging native methods
Science of Computer Programming
Archipelago: trading address space for reliability and security
Proceedings of the 13th international conference on Architectural support for programming languages and operating systems
Precise memory leak detection for java software using container profiling
Proceedings of the 30th international conference on Software engineering
Finding bugs in java native interface programs
ISSTA '08 Proceedings of the 2008 international symposium on Software testing and analysis
Exterminator: Automatically correcting memory errors with high probability
Communications of the ACM - Surviving the data deluge
An empirical security study of the native code in the JDK
SS'08 Proceedings of the 17th conference on Security symposium
Debug all your code: portable mixed-environment debugging
Proceedings of the 24th ACM SIGPLAN conference on Object oriented programming systems languages and applications
Finding bugs in exceptional situations of JNI programs
Proceedings of the 16th ACM conference on Computer and communications security
Jinn: synthesizing dynamic bug detectors for foreign language interfaces
PLDI '10 Proceedings of the 2010 ACM SIGPLAN conference on Programming language design and implementation
Robusta: taming the native beast of the JVM
Proceedings of the 17th ACM conference on Computer and communications security
JNICodejail: native code isolation for Java programs
Proceedings of the 2013 International Conference on Principles and Practices of Programming on the Java Platform: Virtual Machines, Languages, and Tools
Hi-index | 0.00 |
By using Java Native Interface (JNI), programmers can integrate Java programs with legacy applications or third-party libraries written in other languages (e.g., C, C++, and Pascal). However, the use of JNI can bypass the Java boundary checking and exception-handling mechanisms. Furthermore, its use can violate Java's type-safety feature because of the type-mismatches between native programs and Java programs. As a result, such integration can cause various security issues including heap errors that can be dangerous and difficult to detect. In this paper, we introduce Quarantine, a runtime system that can identify objects accessible by native methods and then migrate these objects to a quarantine area, which is used specifically to host this type of object. The goal of Quarantine is to create a runtime platform that allows programmers to apply existing heap protection techniques that have been designed for native languages but do not work well in the Java domain. We implemented Quarantine in Jikes RVM and evaluated its performance using the optimizing compiler. Our results using nine benchmark programs indicate that Quarantine, on average, incurs execution overhead of 14% and 13% when the heap is two and five times larger than the minimum heap requirement for an application, respectively.