> The defect has been detected and confirmed in the function > OGLBlitToSurfaceViaTexture() located in the file > src/java.desktop/share/native/common/java2d/opengl/OGLBlitLoops.c with static > code analysis. This defect can potentially lead to a null pointer dereference. > > The pointer pf is dereferenced in line 324 without checking for nullptr, > although earlier in line 274 the same pointer is checked for nullptr, which > indicates that it can be null. > > In the same file, line 551 calls OGLBlitToSurfaceViaTexture() from line 263, > where NULL is passed in place of pf. > All other calls are fine. > > Also, another function with a similar issue from the same file, > OGLBlitSwToTexture() from line 396. > > In src/java.desktop/unix/native/libawt_xawt/awt/gtk3_interface.c gtk3_load() > The pointer fp_glib_check_version can be null, but it is dereferenced without > any check. Although in the same file, for example, line 280 contains a check, > this check does not lead to termination of execution. > > > In src/java.desktop/share/native/libsplashscreen/splashscreen_gif.c > SplashDecodeGif() > The pointer colorMap is dereferenced after it has been checked against > nullptr in lines 151 and 206. Moreover, between these checks and the > mentioned location (line 282), the pointer is not modified in any way. > > According to > [this](https://github.com/openjdk/jdk/pull/26002#issuecomment-3023050372) > comment, this PR contains fixes for similar cases in other places.
Artem Semenov has updated the pull request incrementally with two additional commits since the last revision: - Updated fix fore src/java.desktop/unix/native/libawt_xawt/awt/gtk3_interface.c gtk3_load() - Revert "The same issue is present in src/java.desktop/unix/native/libawt_xawt/awt/gtk3_interface.c gtk3_load()" This reverts commit a369e3af3abb11eb1163c1ea461e1558b8838551. ------------- Changes: - all: https://git.openjdk.org/jdk/pull/26799/files - new: https://git.openjdk.org/jdk/pull/26799/files/a369e3af..a7307652 Webrevs: - full: https://webrevs.openjdk.org/?repo=jdk&pr=26799&range=01 - incr: https://webrevs.openjdk.org/?repo=jdk&pr=26799&range=00-01 Stats: 14 lines in 1 file changed: 0 ins; 6 del; 8 mod Patch: https://git.openjdk.org/jdk/pull/26799.diff Fetch: git fetch https://git.openjdk.org/jdk.git pull/26799/head:pull/26799 PR: https://git.openjdk.org/jdk/pull/26799
