The current code detects that an invalid type is specified and tries to create an SQLException to report it. When creating the SQLException, it calls toString() on the type object in order to produce the message text. Since the object is null, a NullPointerException is thrown.
The factory methods that create SQLExceptions don't require message arguments to be strings, they could be any object type. Eventually, MessageFormat will call toString() on them, but it will first check for null values in order to prevent NullPointerExceptions.
The attached patch changes the code that produces the SQLException so that it simply passes the SQLType object to the message formatter without calling toString() on it first. This prevents the NullPointerException and makes setObject() and updateObject() produce an SQLException with the following message text instead:
java.sql.SQLFeatureNotSupportedException: The data type 'null' is not supported.
The patch adds test cases to PreparedStatementTest42. This test fails with NPE without the suggested fix, and runs cleanly when the fix is applied. I've started the full regression test suite on JDK 8. Will report back when it has completed.