# HG changeset patch # User mgerdin # Date 1373952809 -7200 # Node ID 34f568c7e7ca4db946dad176b4c20ecffc2cff62 # Parent 5e18fd279f7de66829b981733dc5dbd1eb359d41 6671508: JNI GetPrimitiveArrayCritical should not be callable on object arrays Summary: Checked JNI now reports error for Get/ReleasePrimitiveArrayCritical on object arrays Reviewed-by: dholmes, acorn Contributed-by: david.simms@oracle.com diff -r 5e18fd279f7d -r 34f568c7e7ca hotspot/src/share/vm/prims/jniCheck.cpp --- a/hotspot/src/share/vm/prims/jniCheck.cpp Mon Jul 15 23:23:15 2013 -0400 +++ b/hotspot/src/share/vm/prims/jniCheck.cpp Tue Jul 16 07:33:29 2013 +0200 @@ -126,6 +126,7 @@ static const char * fatal_non_weak_method = "non-weak methodID passed to JNI call"; static const char * fatal_unknown_array_object = "Unknown array object passed to JNI array operations"; static const char * fatal_object_array_expected = "Object array expected but not received for JNI array operation"; +static const char * fatal_prim_type_array_expected = "Primitive type array expected but not received for JNI array operation"; static const char * fatal_non_array = "Non-array passed to JNI array operations"; static const char * fatal_element_type_mismatch = "Array element type mismatch in JNI"; static const char * fatal_should_be_static = "Non-static field ID passed to JNI"; @@ -278,30 +279,53 @@ ReportJNIFatalError(thr, fatal_non_string); } -static inline void -checkArray(JavaThread* thr, jarray jArray, int elementType) +static inline arrayOop +check_is_array(JavaThread* thr, jarray jArray) { ASSERT_OOPS_ALLOWED; arrayOop aOop; aOop = (arrayOop)jniCheck::validate_object(thr, jArray); - if (aOop == NULL || !aOop->is_array()) + if (aOop == NULL || !aOop->is_array()) { ReportJNIFatalError(thr, fatal_non_array); + } + return aOop; +} + +static inline arrayOop +check_is_primitive_array(JavaThread* thr, jarray jArray) { + arrayOop aOop = check_is_array(thr, jArray); - if (elementType != -1) { - if (aOop->is_typeArray()) { - BasicType array_type = TypeArrayKlass::cast(aOop->klass())->element_type(); - if (array_type != elementType) - ReportJNIFatalError(thr, fatal_element_type_mismatch); - } else if (aOop->is_objArray()) { - if ( T_OBJECT != elementType) - ReportJNIFatalError(thr, fatal_object_array_expected); - } else { - ReportJNIFatalError(thr, fatal_unknown_array_object); - } + if (!aOop->is_typeArray()) { + ReportJNIFatalError(thr, fatal_prim_type_array_expected); + } + return aOop; +} + +static inline void +check_primitive_array_type(JavaThread* thr, jarray jArray, BasicType elementType) +{ + BasicType array_type; + arrayOop aOop; + + aOop = check_is_primitive_array(thr, jArray); + array_type = TypeArrayKlass::cast(aOop->klass())->element_type(); + if (array_type != elementType) { + ReportJNIFatalError(thr, fatal_element_type_mismatch); } } +static inline void +check_is_obj_array(JavaThread* thr, jarray jArray) { + BasicType array_type; + arrayOop aOop; + + aOop = check_is_array(thr, jArray); + array_type = TypeArrayKlass::cast(aOop->klass())->element_type(); + if (array_type != T_OBJECT) { + ReportJNIFatalError(thr, fatal_object_array_expected); + } +} oop jniCheck::validate_handle(JavaThread* thr, jobject obj) { if (JNIHandles::is_frame_handle(thr, obj) || @@ -1417,7 +1441,7 @@ jarray array)) functionEnter(thr); IN_VM( - checkArray(thr, array, -1); + check_is_array(thr, array); ) jsize result = UNCHECKED()->GetArrayLength(env,array); functionExit(env); @@ -1441,7 +1465,7 @@ jsize index)) functionEnter(thr); IN_VM( - checkArray(thr, array, T_OBJECT); + check_is_obj_array(thr, array); ) jobject result = UNCHECKED()->GetObjectArrayElement(env,array,index); functionExit(env); @@ -1455,7 +1479,7 @@ jobject val)) functionEnter(thr); IN_VM( - checkArray(thr, array, T_OBJECT); + check_is_obj_array(thr, array); ) UNCHECKED()->SetObjectArrayElement(env,array,index,val); functionExit(env); @@ -1487,7 +1511,7 @@ jboolean *isCopy)) \ functionEnter(thr); \ IN_VM( \ - checkArray(thr, array, ElementTag); \ + check_primitive_array_type(thr, array, ElementTag); \ ) \ ElementType *result = UNCHECKED()->Get##Result##ArrayElements(env, \ array, \ @@ -1513,7 +1537,7 @@ jint mode)) \ functionEnterExceptionAllowed(thr); \ IN_VM( \ - checkArray(thr, array, ElementTag); \ + check_primitive_array_type(thr, array, ElementTag); \ ASSERT_OOPS_ALLOWED; \ typeArrayOop a = typeArrayOop(JNIHandles::resolve_non_null(array)); \ /* cannot check validity of copy, unless every request is logged by @@ -1543,7 +1567,7 @@ ElementType *buf)) \ functionEnter(thr); \ IN_VM( \ - checkArray(thr, array, ElementTag); \ + check_primitive_array_type(thr, array, ElementTag); \ ) \ UNCHECKED()->Get##Result##ArrayRegion(env,array,start,len,buf); \ functionExit(env); \ @@ -1567,7 +1591,7 @@ const ElementType *buf)) \ functionEnter(thr); \ IN_VM( \ - checkArray(thr, array, ElementTag); \ + check_primitive_array_type(thr, array, ElementTag); \ ) \ UNCHECKED()->Set##Result##ArrayRegion(env,array,start,len,buf); \ functionExit(env); \ @@ -1669,7 +1693,7 @@ jboolean *isCopy)) functionEnterCritical(thr); IN_VM( - checkArray(thr, array, -1); + check_is_primitive_array(thr, array); ) void *result = UNCHECKED()->GetPrimitiveArrayCritical(env, array, isCopy); functionExit(env); @@ -1683,7 +1707,7 @@ jint mode)) functionEnterCriticalExceptionAllowed(thr); IN_VM( - checkArray(thr, array, -1); + check_is_primitive_array(thr, array); ) /* The Hotspot JNI code does not use the parameters, so just check the * array parameter as a minor sanity check