Thu, 05 May 2016 13:28:49 +0100
8036630: Null ProtectionDomain in JVM can cause NPE because principals field is not initialized to an empty array
Summary: Call ProtectionDomain constructor instead of making all fields null.
Reviewed-by: fparain, zgu
src/share/vm/classfile/vmSymbols.hpp | file | annotate | diff | comparison | revisions | |
src/share/vm/prims/jvm.cpp | file | annotate | diff | comparison | revisions |
1.1 --- a/src/share/vm/classfile/vmSymbols.hpp Tue Apr 26 02:49:59 2016 +0100 1.2 +++ b/src/share/vm/classfile/vmSymbols.hpp Thu May 05 13:28:49 2016 +0100 1.3 @@ -1,5 +1,5 @@ 1.4 /* 1.5 - * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved. 1.6 + * Copyright (c) 1997, 2016, Oracle and/or its affiliates. All rights reserved. 1.7 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 1.8 * 1.9 * This code is free software; you can redistribute it and/or modify it 1.10 @@ -517,6 +517,7 @@ 1.11 template(int_StringBuffer_signature, "(I)Ljava/lang/StringBuffer;") \ 1.12 template(char_StringBuffer_signature, "(C)Ljava/lang/StringBuffer;") \ 1.13 template(int_String_signature, "(I)Ljava/lang/String;") \ 1.14 + template(codesource_permissioncollection_signature, "(Ljava/security/CodeSource;Ljava/security/PermissionCollection;)V") \ 1.15 /* signature symbols needed by intrinsics */ \ 1.16 VM_INTRINSICS_DO(VM_INTRINSIC_IGNORE, VM_SYMBOL_IGNORE, VM_SYMBOL_IGNORE, template, VM_ALIAS_IGNORE) \ 1.17 \
2.1 --- a/src/share/vm/prims/jvm.cpp Tue Apr 26 02:49:59 2016 +0100 2.2 +++ b/src/share/vm/prims/jvm.cpp Thu May 05 13:28:49 2016 +0100 2.3 @@ -1290,18 +1290,22 @@ 2.4 // and null permissions - which gives no permissions. 2.5 oop create_dummy_access_control_context(TRAPS) { 2.6 InstanceKlass* pd_klass = InstanceKlass::cast(SystemDictionary::ProtectionDomain_klass()); 2.7 - // new ProtectionDomain(null,null); 2.8 - oop null_protection_domain = pd_klass->allocate_instance(CHECK_NULL); 2.9 - Handle null_pd(THREAD, null_protection_domain); 2.10 + Handle obj = pd_klass->allocate_instance_handle(CHECK_NULL); 2.11 + // Call constructor ProtectionDomain(null, null); 2.12 + JavaValue result(T_VOID); 2.13 + JavaCalls::call_special(&result, obj, KlassHandle(THREAD, pd_klass), 2.14 + vmSymbols::object_initializer_name(), 2.15 + vmSymbols::codesource_permissioncollection_signature(), 2.16 + Handle(), Handle(), CHECK_NULL); 2.17 2.18 // new ProtectionDomain[] {pd}; 2.19 objArrayOop context = oopFactory::new_objArray(pd_klass, 1, CHECK_NULL); 2.20 - context->obj_at_put(0, null_pd()); 2.21 + context->obj_at_put(0, obj()); 2.22 2.23 // new AccessControlContext(new ProtectionDomain[] {pd}) 2.24 objArrayHandle h_context(THREAD, context); 2.25 - oop result = java_security_AccessControlContext::create(h_context, false, Handle(), CHECK_NULL); 2.26 - return result; 2.27 + oop acc = java_security_AccessControlContext::create(h_context, false, Handle(), CHECK_NULL); 2.28 + return acc; 2.29 } 2.30 2.31 JVM_ENTRY(jobject, JVM_DoPrivileged(JNIEnv *env, jclass cls, jobject action, jobject context, jboolean wrapException))