On Wed, 1 Apr 2026 17:19:57 GMT, Kevin Rushforth <[email protected]> wrote:
> This PR fixes a bug in `GlassViewDelegate::convertNSStringToJString` where it > can return an uninitialized `jstring` value in one case. > > The macOS `convertNSStringToJString` function defines a local `jstring jStr` > variable and returns it from the function. This variable is not initialized > in one code path if the call to malloc fails, so garbage can be returned. > Additionally, the length parameter isn't validated and could overflow. > > The fix for the first problem is to initialize the `jStr` variable to `NULL`, > which will be used as the return value in the case where the malloc fails > (the caller already handles a `NULL` return value). The fix for the second is > a simple check to ensure the value passed to malloc does not overflow. For > good measure, I explicitly cast length to (size_t) although that isn't > strictly necessary. This pull request has now been integrated. Changeset: c835a249 Author: Kevin Rushforth <[email protected]> URL: https://git.openjdk.org/jfx/commit/c835a24920e4caaa2228225a4f1ffd992109e10b Stats: 6 lines in 1 file changed: 4 ins; 0 del; 2 mod 8381517: GlassViewDelegate::convertNSStringToJString can return uninitialized value Reviewed-by: angorya, jdv ------------- PR: https://git.openjdk.org/jfx/pull/2135
