Integrated: JDK-8277029: JMM GetDiagnosticXXXInfo APIs should verify output array sizes

[Thomas Stuefe]

On Fri, 12 Nov 2021 08:25:04 GMT, Thomas Stuefe <stuefe at openjdk.org> wrote:

> jmm_GetDiagnosticCommandArgumentsInfo and jmm_GetDiagnosticCommandInfo are used to query the hotspot about diagnostic commands. They provide output arrays for the information:
> 
> 
> void jmm_GetDiagnosticCommandArgumentsInfo(JNIEnv *env,
>           jstring command, dcmdArgInfo* infoArray)
> 
> 
> but array size is implicitly assumed to be known to both caller and callee. Caller and callee negotiate those sizes in prior steps, but things can go wrong. E.g. I recently hunted a bug where `DCmd::number_arguments()` was off - did not reflect the real number of its jcmd parameters - which led to a hidden memory overwriter.
> 
> Thankfully, JDK-8264565 rewrote the dcmd framework to deal with this particular issue (The VM I analyzed was older). Still, it would be good if we had additional safety measures here.
> 
> -------------
> 
> Testing:
> - manual tests with artificially induced error in one dcmd for debug, release
> - GHAs (which include tier1 serviceability jcmd tests which use JMX and exercise these APIs)

This pull request has now been integrated.

Changeset: b8d33a2a
Author:    Thomas Stuefe <stuefe at openjdk.org>
URL:       https://git.openjdk.java.net/jdk/commit/b8d33a2a4e4ac1be322644102e8f09ce1435b4fb
Stats:     9 lines in 3 files changed: 3 ins; 0 del; 6 mod

8277029: JMM GetDiagnosticXXXInfo APIs should verify output array sizes

Reviewed-by: dholmes, sspitsyn

-------------

PR: https://git.openjdk.java.net/jdk/pull/6363