Google has open sourced a project called “Contracts for Java” or “Cofoja” that is dedicated to building a new set of extensions for Java. The features would serve dual purposes of making programming easier and protecting against buffer overflow attacks. The technique is borrowed from the Eiffel language, where it is known as “DBC (Design-By-Contract).”
“By annotating your code with contracts you are much more likely to reveal bugs in earlier phases of development,” said Google’s Andreas Leitner. Some of those bugs could “be exploited by attackers to gain ownership of data or machines.”
