Fix for BZ# 230011 (https://bugzilla.novell.com/show_bug.cgi?id=230011) - add checks for passing "" or NULL as hatname in the ChangeHatValve and JNI changehat wrapper function

changehat/tomcat_apparmor/tomcat_5_0/src/com/novell/apparmor/catalina/valves/ChangeHatValve.java

@@ -155,9 +155,14 @@ public final class ChangeHatValve extends ValveBase {
         */
  
         cookie = getCookie();
+        if ( hatname == null || "".equals(hatname) ) {
+            hatname = ChangeHatValve.DEFAULT_HAT;
+        } 
         container.getLogger().log("[APPARMOR] ChangeHat to [" + hatname 
           + "] cookie [" + cookie + "]", container.getLogger().DEBUG);
+        
         result = changehat_wrapper.changehat_in(hatname, cookie);
+        
         if ( result == JNIChangeHat.EPERM ) {
             container.getLogger().log("[APPARMOR] change_hat valve " +
               "configured but Tomcat process is not confined by an " +

changehat/tomcat_apparmor/tomcat_5_0/src/jni_src/JNIChangeHat.c

@@ -22,8 +22,13 @@ JNIEXPORT jint Java_com_novell_apparmor_JNIChangeHat_changehat_1in
   (JNIEnv *env, jobject obj, jstring hatnameUTF, jint token)
 {
 
-  int len = (*env)->GetStringLength(env, hatnameUTF);
+  int len;
   jint result = 0;
+  
+  if ( hatnameUTF == NULL ) {
+  	  	return ( EINVAL );
+  } 
+  len = (*env)->GetStringLength(env, hatnameUTF);
   if ( len > 0 ) {
      if ( len > 128 ) {
        len = 128;