Potential sensitive information leak through JVM crash logs
Alexandr Miloslavskiy
alexandr.miloslavskiy at syntevo.com
Sat Jan 14 11:01:23 UTC 2023
Hi,
> Sure, but registers may contain parts of a string, e.g. when processing
> strings, or accidentally reading from text. How do you want to prevent
> that, or do you consider unlikely enough to live with it?
We consider it unlikely enough:
* In order to have something sensitive in registers, JVM must crash
exactly while handling something sensitive. This is already "unlikely
enough".
* Having something sensitive in stack values is even more unlikely,
because Java don't usually write strings/data directly on stack and
rather writes it to heap objects.
* Even if it does happen, a single register may contain up to 8
characters only.
Object dumps include all direct members of the object and their values,
which increases the probability significantly.
More information about the hotspot-dev
mailing list