RFR: 8325002: Exceptions::fthrow needs to ensure it truncates to a valid utf8 string [v4]

[David Holmes]

On Fri, 26 Jul 2024 21:39:16 GMT, David Holmes <dholmes at openjdk.org> wrote:

>> src/hotspot/share/utilities/exceptions.cpp line 277:
>> 
>>> 275:   if ((ret == -1 || ret >= max_msg_size) && strlen(msg) > 0) {
>>> 276:     assert(msg[max_msg_size - 1] == '\0', "should be null terminated");
>>> 277:     UTF8::truncate_to_legal_utf8((unsigned char*)msg, max_msg_size);
>> 
>> Ah, I misread your patch and thought you pass in the strlen of the message to the truncation function, when in fact you pass in the hard coded message buffer size. 
>> 
>> But that begs the question of why you test strlen above, and more importantly, whether all cases where snprintf returns an error are truncation problems. It could have detected an invalid UTF8 sequence and aborted in the middle of it.
>
> The `strlen` check is to skip the empty buffer you can get on Windows if vsnprintf returns -1 due to overflow of INT_MAX.
> 
> We are assuming/requiring that we start with a valid UTF8 sequence and the worst that will happen is that vsnprintf will truncate it.
> 
> If we actually got -1 for a conversion error (no way to tell the difference in the two cases) then we would unnecessarily truncate, but we do not expect any such conversion errors - in part because we type check the format specifiers and args and so should never get a mismatch.

Note this has been updated now to pass `strlen(msg)`.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/20345#discussion_r1696264323