RFR: 8365609: Null pointer dereference in src/java.desktop/share/native/common/java2d/opengl/OGLBlitLoops.c OGLBlitToSurfaceViaTexture()
Phil Race
prr at openjdk.org
Thu Aug 21 22:40:01 UTC 2025
On Fri, 15 Aug 2025 13:04:35 GMT, Artem Semenov <asemenov at openjdk.org> wrote:
> The defect has been detected and confirmed in the function OGLBlitToSurfaceViaTexture() located in the file src/java.desktop/share/native/common/java2d/opengl/OGLBlitLoops.c with static code analysis. This defect can potentially lead to a null pointer dereference.
>
> The pointer pf is dereferenced in line 324 without checking for nullptr, although earlier in line 274 the same pointer is checked for nullptr, which indicates that it can be null.
>
> According to [this](https://github.com/openjdk/jdk/pull/26002#issuecomment-3023050372) comment, this PR contains fixes for similar cases in other places.
src/java.desktop/share/native/libsplashscreen/splashscreen_gif.c line 282:
> 280: rgbquad_t fillColor = 0; // 0 is transparent
> 281:
> 282: if (((colorMap != NULL) && (colorMap->Colors != NULL)) &&
I can't easily verify that this is an impossible place to be if colorMap == null
so I guess this is OK
src/java.desktop/unix/native/libawt_xawt/awt/gtk3_interface.c line 618:
> 616: fp_g_string_free = dl_symbol("g_string_free");
> 617:
> 618: if (fp_glib_check_version != NULL) {
I don't know why we don't treat failing to find this symbol as a fatal error like we do for others such as this first one. dl_symbol will do a longjmp
fp_gtk_check_version = dl_symbol("gtk_check_version");
but for this one we just clear the error.
/* GLib */
fp_glib_check_version = dlsym(gtk3_libhandle, "glib_check_version");
if (!fp_glib_check_version) {
dlerror();
}
@azvegint any idea ?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/26799#discussion_r2292275064
PR Review Comment: https://git.openjdk.org/jdk/pull/26799#discussion_r2292273980
More information about the client-libs-dev
mailing list