JDK-6470320 : (smartcardio) RI's implementation of Card.transmitControlCommand(int, byte[]) may cause JVM failure
  • Type: Bug
  • Component: security-libs
  • Sub-Component: javax.smartcardio
  • Affected Version: 6
  • Priority: P3
  • Status: Closed
  • Resolution: Fixed
  • OS: windows_xp
  • CPU: x86
  • Submitted: 2006-09-13
  • Updated: 2012-10-23
  • Resolved: 2011-03-07
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 6 JDK 7
6u1Fixed 7 b05Fixed
Description
Problem description:
====================
Sun's implementation of "PC/SC" smartcard reader I/O engine may cause JVM failure.
If to the "byte[] Card.transmitControlCommand(int controlCode, byte[] command)" a null value as a "command" parameter is passed then JVM is failed.
For this case spec for "byte[] Card.transmitControlCommand(int controlCode, byte[] command)" says clear:
---Quote from spec---
Throws: 
	SecurityException - if a SecurityManager exists and the caller does not have the 		required permission 
	NullPointerException - if command is null 
	CardException - if the card operation failed 
---Quote from spec---

So method should throw NullPointerException but it does not.

There is a failure log created by JVM in the attachment.

Please run the minimized test to reproduce failure on machine with enabled card reader with inserted card.
Issue appears on Windows XP with Gemplus "GemPCTwin" smart card reader for serial port.

Minimized test:
===============
---Test.java---

import javax.smartcardio.*;

public class Test {

    public static void main(String[] args) {
        CardTerminals terminals = TerminalFactory.getDefault().terminals();
        
        try {
            if (!terminals.list(CardTerminals.State.CARD_PRESENT).isEmpty()) {
                CardTerminal terminal = 
                    terminals.list(CardTerminals.State.CARD_PRESENT).get(0);
                Card card = terminal.connect("*");
                try {
                        
                    byte[] retBytes = 
                        card.transmitControlCommand(0x00, null);
                } catch (NullPointerException e) {
                    System.out.println("Bug is absent");
                }
            } else {
                System.out.println("Bug cannot be reproduced due" +
                        " to terminals with card inserted absence");
            }
        } catch (CardException e) {
            System.out.println("Bug cannot be reproduced due" +
            " unexepcted CardException" + e);
        }
    }

}
---Test.java---

Minimized test output:
====================== 
D:\temp\CardTerminal>javac test.java

D:\temp\CardTerminal>java -cp ./ Test
#
# An unexpected error has been detected by Java Runtime Environment:
#
#  EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x6d891f85, pid=4044, tid=4052
#
# Java VM: Java HotSpot(TM) Client VM (1.6.0-rc-b98 mixed mode, sharing)
# Problematic frame:
# V  [jvm.dll+0xd1f85]
#
# An error report file with more information is saved as hs_err_pid4044.log
#
# If you would like to submit a bug report, please visit:
#   http://java.sun.com/webapps/bugreport/crash.jsp
#

D:\temp\CardTerminal>

Comments
EVALUATION Missing null check.
18-09-2006