8025922: JNI access to Strings need to check if the value field is non-null

Reviewed-by: dholmes, dcubed
2025-09-20 02:54:35 +02:00 · 2013-10-05 15:18:57 +02:00 · 2013-10-05 15:18:57 +02:00 · dcbbb4d37b
commit dcbbb4d37b
parent 738af149a2
2 changed files with 57 additions and 41 deletions
--- a/hotspot/src/share/vm/prims/jni.cpp
+++ b/hotspot/src/share/vm/prims/jni.cpp
@ -3210,7 +3210,11 @@ JNI_QUICK_ENTRY(jsize, jni_GetStringLength(JNIEnv *env, jstring string))
  HOTSPOT_JNI_GETSTRINGLENGTH_ENTRY(
                                    env, string);
 #endif /* USDT2 */
-  jsize ret = java_lang_String::length(JNIHandles::resolve_non_null(string));
+  jsize ret = 0;
+  oop s = JNIHandles::resolve_non_null(string);
+  if (java_lang_String::value(s) != NULL) {
+    ret = java_lang_String::length(s);
+  }
 #ifndef USDT2
  DTRACE_PROBE1(hotspot_jni, GetStringLength__return, ret);
 #else /* USDT2 */
@ -3230,20 +3234,23 @@ JNI_QUICK_ENTRY(const jchar*, jni_GetStringChars(
 HOTSPOT_JNI_GETSTRINGCHARS_ENTRY(
                                  env, string, (uintptr_t *) isCopy);
 #endif /* USDT2 */
+  jchar* buf = NULL;
  oop s = JNIHandles::resolve_non_null(string);
-  int s_len = java_lang_String::length(s);
  typeArrayOop s_value = java_lang_String::value(s);
-  int s_offset = java_lang_String::offset(s);
-  jchar* buf = NEW_C_HEAP_ARRAY_RETURN_NULL(jchar, s_len + 1, mtInternal);  // add one for zero termination
-  /* JNI Specification states return NULL on OOM */
-  if (buf != NULL) {
-    if (s_len > 0) {
-      memcpy(buf, s_value->char_at_addr(s_offset), sizeof(jchar)*s_len);
-    }
-    buf[s_len] = 0;
-    //%note jni_5
-    if (isCopy != NULL) {
-      *isCopy = JNI_TRUE;
+  if (s_value != NULL) {
+    int s_len = java_lang_String::length(s);
+    int s_offset = java_lang_String::offset(s);
+    buf = NEW_C_HEAP_ARRAY_RETURN_NULL(jchar, s_len + 1, mtInternal);  // add one for zero termination
+    /* JNI Specification states return NULL on OOM */
+    if (buf != NULL) {
+      if (s_len > 0) {
+        memcpy(buf, s_value->char_at_addr(s_offset), sizeof(jchar)*s_len);
+      }
+      buf[s_len] = 0;
+      //%note jni_5
+      if (isCopy != NULL) {
+        *isCopy = JNI_TRUE;
+      }
    }
  }
 #ifndef USDT2
@ -3313,7 +3320,11 @@ JNI_ENTRY(jsize, jni_GetStringUTFLength(JNIEnv *env, jstring string))
 HOTSPOT_JNI_GETSTRINGUTFLENGTH_ENTRY(
                                      env, string);
 #endif /* USDT2 */
-  jsize ret = java_lang_String::utf8_length(JNIHandles::resolve_non_null(string));
+  jsize ret = 0;
+  oop java_string = JNIHandles::resolve_non_null(string);
+  if (java_lang_String::value(java_string) != NULL) {
+    ret = java_lang_String::utf8_length(java_string);
+  }
 #ifndef USDT2
  DTRACE_PROBE1(hotspot_jni, GetStringUTFLength__return, ret);
 #else /* USDT2 */
@ -3332,14 +3343,17 @@ JNI_ENTRY(const char*, jni_GetStringUTFChars(JNIEnv *env, jstring string, jboole
 HOTSPOT_JNI_GETSTRINGUTFCHARS_ENTRY(
                                     env, string, (uintptr_t *) isCopy);
 #endif /* USDT2 */
+  char* result = NULL;
  oop java_string = JNIHandles::resolve_non_null(string);
-  size_t length = java_lang_String::utf8_length(java_string);
-  /* JNI Specification states return NULL on OOM */
-  char* result = AllocateHeap(length + 1, mtInternal, 0, AllocFailStrategy::RETURN_NULL);
-  if (result != NULL) {
-    java_lang_String::as_utf8_string(java_string, result, (int) length + 1);
-    if (isCopy != NULL) {
-      *isCopy = JNI_TRUE;
+  if (java_lang_String::value(java_string) != NULL) {
+    size_t length = java_lang_String::utf8_length(java_string);
+    /* JNI Specification states return NULL on OOM */
+    result = AllocateHeap(length + 1, mtInternal, 0, AllocFailStrategy::RETURN_NULL);
+    if (result != NULL) {
+      java_lang_String::as_utf8_string(java_string, result, (int) length + 1);
+      if (isCopy != NULL) {
+        *isCopy = JNI_TRUE;
+      }
    }
  }
 #ifndef USDT2