RFR: 8332589: ubsan: unix/native/libjava/ProcessImpl_md.c:562:5: runtime error: null pointer passed as argument 2, which is declared to never be null

[Roger Riggs]

On Tue, 21 May 2024 14:28:38 GMT, Matthias Baesken <mbaesken at openjdk.org> wrote:

> When building with ubsan enabled (--enable-uban) on Linux x86_64 and doing jtreg tests afterwards I run into this error :
> 
> /jdk/src/java.base/unix/native/libjava/ProcessImpl_md.c:562:5: runtime error: null pointer passed as argument 2, which is declared to never be null
>     #0 0x7fd95bec78d8 in spawnChild /jdk/src/java.base/unix/native/libjava/ProcessImpl_md.c:562
>     #1 0x7fd95bec78d8 in startChild /jdk/src/java.base/unix/native/libjava/ProcessImpl_md.c:612
>     #2 0x7fd95bec78d8 in Java_java_lang_ProcessImpl_forkAndExec /jdk/src/java.base/unix/native/libjava/ProcessImpl_md.c:712
>     #3 0x7fd93797a06d (<unknown module>)
> 
> this is the memcpy call getting an unexpected null pointer :
>     memcpy(buf+offset, c->pdir, sp.dirlen); gets a second parameter null.
> Something similar was discussed and fixed here https://bugs.python.org/issue27570 for Python .
> 
> Similar issue in OpenJDK _ 
> https://bugs.openjdk.org/browse/JDK-8332473
> 8332473: ubsan: growableArray.hpp:290:10: runtime error: null pointer passed as argument 1, which is declared to never be null

src/java.base/unix/native/libjava/ProcessImpl_md.c line 565:

> 563:         memcpy(buf+offset, c->pdir, sp.dirlen);
> 564:     }
> 565:     offset += sp.dirlen;

I'd be inclined to check sp.dirlen > 0 in the `if` and move the offset += inside too. Like:
Suggestion:

    if (sp.dirlen > 0 && c->pdir != NULL) {
        memcpy(buf+offset, c->pdir, sp.dirlen);
        offset += sp.dirlen;
    }

The behavior is correct either way.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/19329#discussion_r1610170951