RFR: [XS] 8215411: some GetByteArrayElements calls miss corresponding Release

David Holmes david.holmes at oracle.com
Mon Dec 17 22:25:01 UTC 2018


Hi Matthias,

On 17/12/2018 6:59 pm, Baesken, Matthias wrote:
> Hello, please review the following change.
> I noticed that we miss at some places (for example in case of early returns)
> where GetByteArrayElements is used,  the corresponding ReleaseByteArrayElements  call.
> 
> In VirtualMachineImpl.c  I also removed a check for isCopy (is the returned byte array a copy ?)
> because from what I read at
> 
> https://docs.oracle.com/javase/8/docs/technotes/guides/jni/spec/functions.html
> 
> the ReleaseByteArrayElements  routine should always be called.

That's not clear to me. My reading is that you only need to release if 
you have changes you need to ensure are written back and that is only 
needed if a copy was made.

That said, the change seem semantically correct and harmless in this case.

---

src/jdk.hotspot.agent/windows/native/libsaproc/sawindbg.cpp

AFAICS there are still multiple exit paths via CHECK_EXCEPTION_(0) and 
THROW_NEW_DEBUGGER_EXCEPTION_ that won't release the buffer.

Also you change seem wrong to me because it will commit the changes in 
the buffer even if we "abort" here:

735   if (bytesRead != numBytes) {
  736      return 0;
  737   }

so it seems to me if you really want to release on all paths then the 
error paths should use a mode of JNI_ABORT and only the success path 
should use mode 0.

---

  src/java.base/macosx/native/libosxsecurity/KeystoreImpl.m

This change seems okay, though again potentially not necessary - as we 
never commit any changes.

Thanks,
David
-----

> 
> bug/webrev :
> 
> https://bugs.openjdk.java.net/browse/JDK-8215411
> 
> http://cr.openjdk.java.net/~mbaesken/webrevs/8215411.0/
> 
> 
> Thanks, Matthias
> 


More information about the security-dev mailing list