Bug ID: JDK-7174250 Calling JSObject.getMember(null) in an applet crashes the plugin and the browser

Versions (Unresolved/Resolved/Fixed)

The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.

JDK 6	JDK 7	JDK 8
6u38Fixed	7u6Fixed	8 b44Fixed

FULL PRODUCT VERSION :
java version "1.7.0_04"
Java(TM) SE Runtime Environment (build 1.7.0_04-b22)
Java HotSpot(TM) Client VM (build 23.0-b21, mixed mode, sharing)

Java(TM) Platform SE 7 U4  10.4.0.22

ADDITIONAL OS VERSION INFORMATION :
Windows 7 64-bit [Version 6.1.7601]

EXTRA RELEVANT SYSTEM CONFIGURATION :
Firefox 13.0 (32-bit)

A DESCRIPTION OF THE PROBLEM :
If an applet uses netscape.javascript.JSObject to interact with JavaScript/DOM objects in its host web page, but passes null to one of JSObject's methods where a property name is expected, the browser process will crash due to a null pointer dereference in jvm.dll.

STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Load an applet that calls netscape.javascript.JSObject.getMember(String) with a null member name argument.

EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
The method call gracefully returns null or throws an appropriate exception.
ACTUAL -
An access violation occurs in jvm.dll, terminating the browser process.

REPRODUCIBILITY :
This bug can be reproduced always.

---------- BEGIN SOURCE ----------
public class CrashApplet extends java.applet.Applet {

    public void start() {
        netscape.javascript.JSObject.getWindow(this).getMember(null);
    }

}
---------- END SOURCE ----------

CUSTOMER SUBMITTED WORKAROUND :
Null-check "name" arguments before passing them to JSObject.