JDK-8036630 : Null ProtectionDomain in JVM can cause NPE because principals field is not initialized to an empty array
  • Type: Bug
  • Component: hotspot
  • Sub-Component: runtime
  • Affected Version: 5.0u51,6u51,7u45,8
  • Priority: P4
  • Status: Closed
  • Resolution: Fixed
  • Submitted: 2014-03-04
  • Updated: 2016-10-13
  • Resolved: 2014-03-18
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
7u111Fixed 8u112Fixed 9 b08Fixed
Related Reports
Relates :  
Hotspot creates a "null" ProtectionDomain object (basically a PD with a null CodeSource and no permissions) when we do the isAuthorized check. An NPE is thrown if code subsequently calls getPrincipals() on that PD, because hotspot is initializing the principals field to null instead of initializing it with an empty array, like the two public ProtectionDomain constructors do. Right now I can only find a code path affecting debug code, so it is not a critical bug. Attached is a test case, compile and run as: 

java -Djava.security.debug=all Test 

You will see the NPE and stack towards the end of the debug log: 

Exception in thread "main" java.lang.NullPointerException 
at java.security.ProtectionDomain.getPrincipals(ProtectionDomain.java:222) 
at sun.security.provider.PolicyFile.printPD(PolicyFile.java:1774) 
at sun.security.provider.PolicyFile.getPermissions(PolicyFile.java:1178) 
at sun.security.provider.PolicyFile.getPermissions(PolicyFile.java:1132) 
at java.security.ProtectionDomain$2.run(ProtectionDomain.java:367) 
at java.security.ProtectionDomain$2.run(ProtectionDomain.java:364) 

Thanks Sean - as I suspected no explicit construction. We either need to call the constructor or else fabricate the empty array ourselves.