On Fri, 15 Aug 2025 13:04:35 GMT, Artem Semenov <[email protected]> wrote:
> The defect has been detected and confirmed in the function > OGLBlitToSurfaceViaTexture() located in the file > src/java.desktop/share/native/common/java2d/opengl/OGLBlitLoops.c with static > code analysis. This defect can potentially lead to a null pointer dereference. > > The pointer pf is dereferenced in line 324 without checking for nullptr, > although earlier in line 274 the same pointer is checked for nullptr, which > indicates that it can be null. > > In the same file, line 551 calls OGLBlitToSurfaceViaTexture() from line 263, > where NULL is passed in place of pf. > All other calls are fine. > > Also, another function with a similar issue from the same file, > OGLBlitSwToTexture() from line 396. > > In src/java.desktop/unix/native/libawt_xawt/awt/gtk3_interface.c gtk3_load() > The pointer fp_glib_check_version can be null, but it is dereferenced without > any check. Although in the same file, for example, line 280 contains a check, > this check does not lead to termination of execution. > > > In src/java.desktop/share/native/libsplashscreen/splashscreen_gif.c > SplashDecodeGif() > The pointer colorMap is dereferenced after it has been checked against > nullptr in lines 151 and 206. Moreover, between these checks and the > mentioned location (line 282), the pointer is not modified in any way. > > According to > [this](https://github.com/openjdk/jdk/pull/26002#issuecomment-3023050372) > comment, this PR contains fixes for similar cases in other places. This pull request has now been integrated. Changeset: aed42a16 Author: Artem Semenov <[email protected]> URL: https://git.openjdk.org/jdk/commit/aed42a16bacb24753a536d07fedd736d64cde3be Stats: 7 lines in 2 files changed: 2 ins; 3 del; 2 mod 8365609: Fix several potential NULL native pointer dereferences in the desktop module Found by Linux Verification Center (linuxtesting.org) with SVACE. Signed-off-by: Artem Semenov Artem Semenov <[email protected]> Reviewed-by: azvegint, prr, serb ------------- PR: https://git.openjdk.org/jdk/pull/26799
