diff --git a/src/java.base/share/classes/java/io/ObjectInputFilter.java b/src/java.base/share/classes/java/io/ObjectInputFilter.java
index d5cae8043b1..3ec164f5aea 100644
--- a/src/java.base/share/classes/java/io/ObjectInputFilter.java
+++ b/src/java.base/share/classes/java/io/ObjectInputFilter.java
@@ -27,7 +27,6 @@ package java.io;
import jdk.internal.access.SharedSecrets;
import jdk.internal.util.StaticProperty;
-import sun.security.action.GetBooleanAction;
import java.lang.reflect.InvocationTargetException;
import java.security.AccessController;
@@ -523,10 +522,15 @@ public interface ObjectInputFilter {
* {@systemProperty jdk.serialFilter}, its value is used to configure the filter.
* If the system property is not defined, and the {@link java.security.Security} property
* {@code jdk.serialFilter} is defined then it is used to configure the filter.
- * The filter is created as if {@link #createFilter(String) createFilter} is called;
- * if the filter string is invalid, an {@link ExceptionInInitializerError} is thrown.
- * Otherwise, the filter is not configured during initialization and
- * can be set with {@link #setSerialFilter(ObjectInputFilter) Config.setSerialFilter}.
+ * The filter is created as if {@link #createFilter(String) createFilter} is called,
+ * if the filter string is invalid the initialization fails and subsequent attempts to
+ * {@linkplain Config#getSerialFilter() get the filter}, {@linkplain Config#setSerialFilter set a filter},
+ * or create an {@linkplain ObjectInputStream#ObjectInputStream(InputStream) ObjectInputStream}
+ * throw {@link IllegalStateException}. Deserialization is not possible with an
+ * invalid serial filter.
+ * If the system property {@code jdk.serialFilter} or the {@link java.security.Security}
+ * property {@code jdk.serialFilter} is not set the filter can be set with
+ * {@link #setSerialFilter(ObjectInputFilter) Config.setSerialFilter}.
* Setting the {@code jdk.serialFilter} with {@link System#setProperty(String, String)
* System.setProperty} does not set the filter.
* The syntax for the property value is the same as for the
@@ -545,9 +549,12 @@ public interface ObjectInputFilter {
*
The class must be public, must have a public zero-argument constructor, implement the
* {@link BinaryOperator {@literal BinaryOperator}} interface, provide its implementation and
* be accessible via the {@linkplain ClassLoader#getSystemClassLoader() application class loader}.
- * If the filter factory constructor is not invoked successfully, an {@link ExceptionInInitializerError}
- * is thrown and subsequent use of the filter factory for deserialization fails with
- * {@link IllegalStateException}.
+ * If the filter factory constructor is not invoked successfully subsequent attempts to
+ * {@linkplain Config#getSerialFilterFactory() get the factory},
+ * {@linkplain Config#setSerialFilterFactory(BinaryOperator) set the factory}, or create an
+ * {@link ObjectInputStream#ObjectInputStream(InputStream) ObjectInputStream}
+ * throw {@link IllegalStateException}. Deserialization is not possible with an
+ * invalid serial filter factory.
* The filter factory configured using the system or security property during initialization
* can NOT be replaced with {@link #setSerialFilterFactory(BinaryOperator) Config.setSerialFilterFactory}.
* This ensures that a filter factory set on the command line is not overridden accidentally
@@ -582,12 +589,22 @@ public interface ObjectInputFilter {
*/
private static volatile ObjectInputFilter serialFilter;
+ /**
+ * Saved message if the jdk.serialFilter property is invalid.
+ */
+ private static final String invalidFilterMessage;
+
/**
* Current serial filter factory.
* @see Config#setSerialFilterFactory(BinaryOperator)
*/
private static volatile BinaryOperator serialFilterFactory;
+ /**
+ * Saved message if the jdk.serialFilterFactory property is invalid.
+ */
+ private static final String invalidFactoryMessage;
+
/**
* Boolean to indicate that the filter factory can not be set or replaced.
* - an ObjectInputStream has already been created using the current filter factory
@@ -630,23 +647,24 @@ public interface ObjectInputFilter {
Security.getProperty(SERIAL_FILTER_PROPNAME));
// Initialize the static filter if the jdk.serialFilter is present
- ObjectInputFilter filter = null;
+ String filterMessage = null;
if (filterString != null) {
configLog.log(DEBUG,
"Creating deserialization filter from {0}", filterString);
try {
- filter = createFilter(filterString);
+ serialFilter = createFilter(filterString);
} catch (RuntimeException re) {
configLog.log(ERROR,
"Error configuring filter: {0}", (Object) re);
- // Do not continue if configuration not initialized
- throw re;
+ // serialFilter remains null
+ filterMessage = "Invalid jdk.serialFilter: " + re.getMessage();
}
}
- serialFilter = filter;
+ invalidFilterMessage = filterMessage;
// Initialize the filter factory if the jdk.serialFilterFactory is defined
// otherwise use the builtin filter factory.
+ String factoryMessage = null;
if (factoryClassName == null) {
serialFilterFactory = new BuiltinFilterFactory();
} else {
@@ -671,10 +689,13 @@ public interface ObjectInputFilter {
Throwable th = (ex instanceof InvocationTargetException ite) ? ite.getCause() : ex;
configLog.log(ERROR,
"Error configuring filter factory: {0}", (Object)th);
- // Do not continue if configuration not initialized
- throw new ExceptionInInitializerError(th);
+ // Configuration not initialized
+ // serialFilterFactory remains null and filterFactoryNoReplace == true;
+ factoryMessage = "invalid jdk.serialFilterFactory: " +
+ factoryClassName + ": " + th.getClass().getName() + ": " + th.getMessage();
}
}
+ invalidFactoryMessage = factoryMessage;
// Setup shared secrets for RegistryImpl to use.
SharedSecrets.setJavaObjectInputFilterAccess(Config::createFilter2);
}
@@ -696,8 +717,14 @@ public interface ObjectInputFilter {
* Returns the static JVM-wide deserialization filter or {@code null} if not configured.
*
* @return the static JVM-wide deserialization filter or {@code null} if not configured
+ * @throws IllegalStateException if the initialization of the filter from the
+ * system property {@code jdk.serialFilter} or
+ * the security property {@code jdk.serialFilter} fails.
*/
public static ObjectInputFilter getSerialFilter() {
+ if (invalidFilterMessage != null) {
+ throw new IllegalStateException(invalidFilterMessage);
+ }
return serialFilter;
}
@@ -707,7 +734,9 @@ public interface ObjectInputFilter {
* @param filter the deserialization filter to set as the JVM-wide filter; not null
* @throws SecurityException if there is security manager and the
* {@code SerializablePermission("serialFilter")} is not granted
- * @throws IllegalStateException if the filter has already been set
+ * @throws IllegalStateException if the filter has already been set or the initialization
+ * of the filter from the system property {@code jdk.serialFilter} or
+ * the security property {@code jdk.serialFilter} fails.
*/
public static void setSerialFilter(ObjectInputFilter filter) {
Objects.requireNonNull(filter, "filter");
@@ -716,6 +745,9 @@ public interface ObjectInputFilter {
if (sm != null) {
sm.checkPermission(ObjectStreamConstants.SERIAL_FILTER_PERMISSION);
}
+ if (invalidFilterMessage != null) {
+ throw new IllegalStateException(invalidFilterMessage);
+ }
synchronized (serialFilterLock) {
if (serialFilter != null) {
throw new IllegalStateException("Serial filter can only be set once");
@@ -749,8 +781,10 @@ public interface ObjectInputFilter {
* @since 17
*/
public static BinaryOperator getSerialFilterFactory() {
- if (serialFilterFactory == null)
- throw new IllegalStateException("Serial filter factory initialization incomplete");
+ if (serialFilterFactory == null) {
+ // If initializing the factory failed or not yet complete, throw with the message
+ throw new IllegalStateException(invalidFilterFactoryMessage());
+ }
return serialFilterFactory;
}
@@ -812,15 +846,26 @@ public interface ObjectInputFilter {
}
if (filterFactoryNoReplace.getAndSet(true)) {
final String msg = serialFilterFactory != null
- ? serialFilterFactory.getClass().getName()
- : "initialization incomplete";
- throw new IllegalStateException("Cannot replace filter factory: " + msg);
+ ? "Cannot replace filter factory: " + serialFilterFactory.getClass().getName()
+ : invalidFilterFactoryMessage();
+ throw new IllegalStateException(msg);
}
configLog.log(DEBUG,
"Setting deserialization filter factory to {0}", filterFactory.getClass().getName());
serialFilterFactory = filterFactory;
}
+ /*
+ * Return message for an invalid filter factory configuration saved from the static init.
+ * It can be called before the static initializer is complete and has set the message/null.
+ */
+ private static String invalidFilterFactoryMessage() {
+ assert serialFilterFactory == null; // undefined if a filter factory has been set
+ return (invalidFactoryMessage != null)
+ ? invalidFactoryMessage
+ : "Serial filter factory initialization incomplete";
+ }
+
/**
* Returns an ObjectInputFilter from a string of patterns.
*
diff --git a/src/java.base/share/classes/java/io/ObjectInputStream.java b/src/java.base/share/classes/java/io/ObjectInputStream.java
index 1545db08385..4c2e91b24c3 100644
--- a/src/java.base/share/classes/java/io/ObjectInputStream.java
+++ b/src/java.base/share/classes/java/io/ObjectInputStream.java
@@ -384,6 +384,8 @@ public class ObjectInputStream
*
The constructor initializes the deserialization filter to the filter returned
* by invoking the {@link Config#getSerialFilterFactory()} with {@code null} for the current filter
* and the {@linkplain Config#getSerialFilter() static JVM-wide filter} for the requested filter.
+ * If the serial filter or serial filter factory properties are invalid
+ * an {@link IllegalStateException} is thrown.
*
*
If a security manager is installed, this constructor will check for
* the "enableSubclassImplementation" SerializablePermission when invoked
@@ -396,6 +398,8 @@ public class ObjectInputStream
* @throws IOException if an I/O error occurs while reading stream header
* @throws SecurityException if untrusted subclass illegally overrides
* security-sensitive methods
+ * @throws IllegalStateException if the initialization of {@link ObjectInputFilter.Config}
+ * fails due to invalid serial filter or serial filter factory properties.
* @throws NullPointerException if {@code in} is {@code null}
* @see ObjectInputStream#ObjectInputStream()
* @see ObjectInputStream#readFields()
@@ -421,6 +425,8 @@ public class ObjectInputStream
*
The constructor initializes the deserialization filter to the filter returned
* by invoking the {@link Config#getSerialFilterFactory()} with {@code null} for the current filter
* and the {@linkplain Config#getSerialFilter() static JVM-wide filter} for the requested filter.
+ * If the serial filter or serial filter factory properties are invalid
+ * an {@link IllegalStateException} is thrown.
*
*
If there is a security manager installed, this method first calls the
* security manager's {@code checkPermission} method with the
@@ -431,6 +437,8 @@ public class ObjectInputStream
* {@code checkPermission} method denies enabling
* subclassing.
* @throws IOException if an I/O error occurs while creating this stream
+ * @throws IllegalStateException if the initialization of {@link ObjectInputFilter.Config}
+ * fails due to invalid serial filter or serial filter factory properties.
* @see SecurityManager#checkPermission
* @see java.io.SerializablePermission
*/
diff --git a/test/jdk/java/io/Serializable/serialFilter/InvalidGlobalFilterTest.java b/test/jdk/java/io/Serializable/serialFilter/InvalidGlobalFilterTest.java
index a00f42f6565..a017354b103 100644
--- a/test/jdk/java/io/Serializable/serialFilter/InvalidGlobalFilterTest.java
+++ b/test/jdk/java/io/Serializable/serialFilter/InvalidGlobalFilterTest.java
@@ -21,67 +21,100 @@
* questions.
*/
-import jdk.test.lib.process.OutputAnalyzer;
-import jdk.test.lib.process.ProcessTools;
+import org.testng.Assert;
+import org.testng.annotations.DataProvider;
+import org.testng.annotations.Test;
-import java.io.File;
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
import java.io.ObjectInputFilter;
+import java.io.ObjectInputStream;
+import java.util.Map;
/*
* @test
- * @bug 8269336
+ * @bug 8278087
* @summary Test that an invalid pattern value for the jdk.serialFilter system property causes an
- * exception to be thrown in the class initialization of java.io.ObjectInputFilter.Config class
- * @library /test/lib
- * @run driver InvalidGlobalFilterTest
+ * exception to be thrown when an attempt is made to use the filter or deserialize.
+ * A subset of invalid filter patterns is tested.
+ * @run testng/othervm -Djdk.serialFilter=.* InvalidGlobalFilterTest
+ * @run testng/othervm -Djdk.serialFilter=! InvalidGlobalFilterTest
+ * @run testng/othervm -Djdk.serialFilter=/ InvalidGlobalFilterTest
+ *
*/
+@Test
public class InvalidGlobalFilterTest {
private static final String serialPropName = "jdk.serialFilter";
+ private static final String serialFilter = System.getProperty(serialPropName);
+
+ static {
+ // Enable logging
+ System.setProperty("java.util.logging.config.file",
+ System.getProperty("test.src", ".") + "/logging.properties");
+ }
/**
- * Launches multiple instances of a Java program by passing each instance an invalid value
- * for the {@code jdk.serialFilter} system property. The launched program then triggers the
- * class initialization of {@code ObjectInputFilter.Config} class to have it parse the (invalid)
- * value of the system property. The launched program is expected to propagate the exception
- * raised by the {@code ObjectInputFilter.Config} initialization and the test asserts that the
- * launched program did indeed fail with this expected exception.
+ * Map of invalid patterns to the expected exception message.
*/
- public static void main(final String[] args) throws Exception {
- final String[] invalidPatterns = {".*", ".**", "!", "/java.util.Hashtable", "java.base/", "/"};
- for (final String invalidPattern : invalidPatterns) {
- final ProcessBuilder processBuilder = ProcessTools.createJavaProcessBuilder(
- "-D" + serialPropName + "=" + invalidPattern,
- "-Djava.util.logging.config.file=" + System.getProperty("test.src")
- + File.separator + "logging.properties",
- ObjectInputFilterConfigLoader.class.getName());
- // launch a process by passing it an invalid value for -Djdk.serialFilter
- final OutputAnalyzer outputAnalyzer = ProcessTools.executeProcess(processBuilder);
- try {
- // we expect the JVM launch to fail
- outputAnalyzer.shouldNotHaveExitValue(0);
- // do an additional check to be sure it failed for the right reason
- outputAnalyzer.stderrShouldContain("java.lang.ExceptionInInitializerError");
- } finally {
- // fail or pass, we print out the generated output from the launched program
- // for any debugging
- System.err.println("Diagnostics from process " + outputAnalyzer.pid() + ":");
- // print out any stdout/err that was generated in the launched program
- outputAnalyzer.reportDiagnosticSummary();
- }
+ private static final Map invalidMessages =
+ Map.of(".*", "Invalid jdk.serialFilter: package missing in: \".*\"",
+ ".**", "Invalid jdk.serialFilter: package missing in: \".**\"",
+ "!", "Invalid jdk.serialFilter: class or package missing in: \"!\"",
+ "/java.util.Hashtable", "Invalid jdk.serialFilter: module name is missing in: \"/java.util.Hashtable\"",
+ "java.base/", "Invalid jdk.serialFilter: class or package missing in: \"java.base/\"",
+ "/", "Invalid jdk.serialFilter: module name is missing in: \"/\"");
+
+ @DataProvider(name = "MethodsToCall")
+ private Object[][] cases() {
+ return new Object[][] {
+ {serialFilter, "getSerialFilter", (Assert.ThrowingRunnable) () -> ObjectInputFilter.Config.getSerialFilter()},
+ {serialFilter, "setSerialFilter", (Assert.ThrowingRunnable) () -> ObjectInputFilter.Config.setSerialFilter(new NoopFilter())},
+ {serialFilter, "new ObjectInputStream(is)", (Assert.ThrowingRunnable) () -> new ObjectInputStream(new ByteArrayInputStream(new byte[0]))},
+ {serialFilter, "new OISSubclass()", (Assert.ThrowingRunnable) () -> new OISSubclass()},
+ };
+ }
+
+ /**
+ * Test each method that should throw IllegalStateException based on
+ * the invalid arguments it was launched with.
+ */
+ @Test(dataProvider = "MethodsToCall")
+ public void initFaultTest(String pattern, String method, Assert.ThrowingRunnable runnable) {
+
+ IllegalStateException ex = Assert.expectThrows(IllegalStateException.class,
+ runnable);
+
+ String expected = invalidMessages.get(serialFilter);
+ if (expected == null) {
+ Assert.fail("No expected message for filter: " + serialFilter);
+ }
+ System.out.println(ex.getMessage());
+ Assert.assertEquals(ex.getMessage(), expected, "wrong message");
+ }
+
+ private static class NoopFilter implements ObjectInputFilter {
+ /**
+ * Returns UNDECIDED.
+ *
+ * @param filter the FilterInfo
+ * @return Status.UNDECIDED
+ */
+ public ObjectInputFilter.Status checkInput(FilterInfo filter) {
+ return ObjectInputFilter.Status.UNDECIDED;
+ }
+
+ public String toString() {
+ return "NoopFilter";
}
}
- // A main() class which just triggers the class initialization of ObjectInputFilter.Config
- private static final class ObjectInputFilterConfigLoader {
+ /**
+ * Subclass of ObjectInputStream to test subclassing constructor.
+ */
+ private static class OISSubclass extends ObjectInputStream {
- public static void main(final String[] args) throws Exception {
- System.out.println("JVM was launched with " + serialPropName
- + " system property set to " + System.getProperty(serialPropName));
- // this call is expected to fail and we aren't interested in the result.
- // we just let the exception propagate out of this call and fail the
- // launched program. The test which launched this main, then asserts
- // that the exception was indeed thrown.
- ObjectInputFilter.Config.getSerialFilter();
+ protected OISSubclass() throws IOException {
}
}
+
}
diff --git a/test/jdk/java/io/Serializable/serialFilter/SerialFactoryFaults.java b/test/jdk/java/io/Serializable/serialFilter/SerialFactoryFaults.java
index 30d35aa888e..1d35306a426 100644
--- a/test/jdk/java/io/Serializable/serialFilter/SerialFactoryFaults.java
+++ b/test/jdk/java/io/Serializable/serialFilter/SerialFactoryFaults.java
@@ -22,10 +22,14 @@
*/
import org.testng.Assert;
+import org.testng.annotations.DataProvider;
import org.testng.annotations.Test;
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
import java.io.ObjectInputFilter;
import java.io.ObjectInputFilter.Config;
+import java.io.ObjectInputStream;
import java.util.function.BinaryOperator;
/* @test
@@ -39,33 +43,47 @@ import java.util.function.BinaryOperator;
@Test
public class SerialFactoryFaults {
+ // Sample the serial factory class name
+ private static final String factoryName = System.getProperty("jdk.serialFilterFactory");
+
static {
// Enable logging
System.setProperty("java.util.logging.config.file",
System.getProperty("test.src", ".") + "/logging.properties");
}
- public void initFaultTest() {
- String factoryName = System.getProperty("jdk.serialFilterFactory");
- ExceptionInInitializerError ex = Assert.expectThrows(ExceptionInInitializerError.class,
- () -> Config.getSerialFilterFactory());
- Throwable cause = ex.getCause();
+ @DataProvider(name = "MethodsToCall")
+ private Object[][] cases() {
+ return new Object[][] {
+ {"getSerialFilterFactory", (Assert.ThrowingRunnable) () -> Config.getSerialFilterFactory()},
+ {"setSerialFilterFactory", (Assert.ThrowingRunnable) () -> Config.setSerialFilterFactory(new NoopFactory())},
+ {"new ObjectInputStream(is)", (Assert.ThrowingRunnable) () -> new ObjectInputStream(new ByteArrayInputStream(new byte[0]))},
+ {"new OISSubclass()", (Assert.ThrowingRunnable) () -> new OISSubclass()},
+ };
+ }
+
+ /**
+ * Test each method that should throw IllegalStateException based on
+ * the invalid arguments it was launched with.
+ */
+ @Test(dataProvider = "MethodsToCall")
+ public void initFaultTest(String name, Assert.ThrowingRunnable runnable) {
+ IllegalStateException ex = Assert.expectThrows(IllegalStateException.class,
+ runnable);
+ final String msg = ex.getMessage();
if (factoryName.equals("ForcedError_NoSuchClass")) {
- Assert.assertEquals(cause.getClass(),
- ClassNotFoundException.class, "wrong exception");
+ Assert.assertEquals(msg,
+ "invalid jdk.serialFilterFactory: ForcedError_NoSuchClass: java.lang.ClassNotFoundException: ForcedError_NoSuchClass", "wrong exception");
} else if (factoryName.equals("SerialFactoryFaults$NoPublicConstructor")) {
- Assert.assertEquals(cause.getClass(),
- NoSuchMethodException.class, "wrong exception");
+ Assert.assertEquals(msg,
+ "invalid jdk.serialFilterFactory: SerialFactoryFaults$NoPublicConstructor: java.lang.NoSuchMethodException: SerialFactoryFaults$NoPublicConstructor.()", "wrong exception");
} else if (factoryName.equals("SerialFactoryFaults$ConstructorThrows")) {
- Assert.assertEquals(cause.getClass(),
- IllegalStateException.class, "wrong exception");
+ Assert.assertEquals(msg,
+ "invalid jdk.serialFilterFactory: SerialFactoryFaults$ConstructorThrows: java.lang.RuntimeException: constructor throwing a runtime exception", "wrong exception");
} else if (factoryName.equals("SerialFactoryFaults$FactorySetsFactory")) {
- Assert.assertEquals(cause.getClass(),
- IllegalStateException.class, "wrong exception");
- Assert.assertEquals(cause.getMessage(),
- "Cannot replace filter factory: initialization incomplete",
- "wrong message");
+ Assert.assertEquals(msg,
+ "invalid jdk.serialFilterFactory: SerialFactoryFaults$FactorySetsFactory: java.lang.IllegalStateException: Serial filter factory initialization incomplete", "wrong exception");
} else {
Assert.fail("No test for filter factory: " + factoryName);
}
@@ -90,7 +108,7 @@ public class SerialFactoryFaults {
public static final class ConstructorThrows
implements BinaryOperator {
public ConstructorThrows() {
- throw new IllegalStateException("SerialFactoryFaults$ConstructorThrows");
+ throw new RuntimeException("constructor throwing a runtime exception");
}
public ObjectInputFilter apply(ObjectInputFilter curr, ObjectInputFilter next) {
@@ -112,4 +130,21 @@ public class SerialFactoryFaults {
}
}
+ public static final class NoopFactory implements BinaryOperator {
+ public NoopFactory() {}
+
+ public ObjectInputFilter apply(ObjectInputFilter curr, ObjectInputFilter next) {
+ throw new RuntimeException("NYI");
+ }
+ }
+
+ /**
+ * Subclass of ObjectInputStream to test subclassing constructor.
+ */
+ private static class OISSubclass extends ObjectInputStream {
+
+ protected OISSubclass() throws IOException {
+ }
+ }
+
}