diff --git a/src/share/classes/java/lang/System.java b/src/share/classes/java/lang/System.java
index 7bc235beff7410ba56dcf28f37237119430deed9..c568f02ee662f90f65aa3a8a56264e49a6b8ccf9 100644
--- a/src/share/classes/java/lang/System.java
+++ b/src/share/classes/java/lang/System.java
@@ -43,6 +43,8 @@ import sun.reflect.Reflection;
import sun.security.util.SecurityConstants;
import sun.reflect.annotation.AnnotationType;
+import jdk.internal.util.StaticProperty;
+
/**
* The System
class contains several useful class fields
* and methods. It cannot be instantiated.
@@ -1183,6 +1185,7 @@ public final class System {
lineSeparator = props.getProperty("line.separator");
+ StaticProperty.jdkSerialFilter(); // Load StaticProperty to cache the property values
sun.misc.Version.init();
FileInputStream fdIn = new FileInputStream(FileDescriptor.in);
diff --git a/src/share/classes/jdk/internal/util/StaticProperty.java b/src/share/classes/jdk/internal/util/StaticProperty.java
new file mode 100644
index 0000000000000000000000000000000000000000..1ac81df42ca692fcf356b0c061c8cd748c729efc
--- /dev/null
+++ b/src/share/classes/jdk/internal/util/StaticProperty.java
@@ -0,0 +1,58 @@
+/*
+ * Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package jdk.internal.util;
+
+/**
+ * System Property access for internal use only.
+ * Read-only access to System property values initialized during Phase 1
+ * are cached. Setting, clearing, or modifying the value using
+ * {@link System#setProperty) or {@link System#getProperties()} is ignored.
+ * {@link SecurityManager#checkPropertyAccess} is NOT checked
+ * in these access methods. The caller of these methods should take care to ensure
+ * that the returned property is not made accessible to untrusted code.
+ */
+public final class StaticProperty {
+
+ // The class static initialization is triggered to initialize these final
+ // fields during init Phase 1 and before a security manager is set.
+ private static final String JDK_SERIAL_FILTER = System.getProperty("jdk.serialFilter");
+
+ private StaticProperty() {}
+
+ /**
+ *
+ * Return the {@code jdk.serialFilter} system property.
+ *
+ * {@link SecurityManager#checkPropertyAccess} is NOT checked
+ * in this method. The caller of this method should take care to ensure
+ * that the returned property is not made accessible to untrusted code.
+ *
+ * @return the {@code user.name} system property
+ */
+ public static String jdkSerialFilter() {
+ return JDK_SERIAL_FILTER;
+ }
+}
diff --git a/src/share/classes/sun/misc/ObjectInputFilter.java b/src/share/classes/sun/misc/ObjectInputFilter.java
index 9b2c6891d69b6805045739d9b53ffa811b8c6071..af21c740013b1e9cd212dc0e3e6e700adc1bad74 100644
--- a/src/share/classes/sun/misc/ObjectInputFilter.java
+++ b/src/share/classes/sun/misc/ObjectInputFilter.java
@@ -37,6 +37,8 @@ import java.util.Optional;
import java.util.function.Function;
import sun.util.logging.PlatformLogger;
+import jdk.internal.util.StaticProperty;
+
/**
* Filter classes, array lengths, and graph metrics during deserialization.
* If set on an {@link ObjectInputStream}, the {@link #checkInput checkInput(FilterInfo)}
@@ -247,7 +249,7 @@ public interface ObjectInputFilter {
static {
configuredFilter = AccessController
.doPrivileged((PrivilegedAction) () -> {
- String props = System.getProperty(SERIAL_FILTER_PROPNAME);
+ String props = StaticProperty.jdkSerialFilter();
if (props == null) {
props = Security.getProperty(SERIAL_FILTER_PROPNAME);
}
diff --git a/src/share/lib/security/java.security-aix b/src/share/lib/security/java.security-aix
index a752a070739bdd4f2680c00731eab8d11de0dde5..7ae1abdac9279afd2a231c76c004a7392e8fc9bc 100644
--- a/src/share/lib/security/java.security-aix
+++ b/src/share/lib/security/java.security-aix
@@ -886,8 +886,8 @@ jdk.xml.dsig.secureValidationPolicy=\
# Patterns are separated by ";" (semicolon).
# Whitespace is significant and is considered part of the pattern.
#
-# If the system property jdk.serialFilter is also specified, it supersedes
-# the security property value defined here.
+# If the system property jdk.serialFilter is also specified on the command
+# line, it supersedes the security property value defined here.
#
# If a pattern includes a "=", it sets a limit.
# If a limit appears more than once the last value is used.
diff --git a/src/share/lib/security/java.security-linux b/src/share/lib/security/java.security-linux
index c8c8232df3509d5645ba9a2b60848ab91a59abbe..507b78044be18a46050acc3ed51a26ce413ea6ac 100644
--- a/src/share/lib/security/java.security-linux
+++ b/src/share/lib/security/java.security-linux
@@ -887,8 +887,8 @@ jdk.xml.dsig.secureValidationPolicy=\
# Patterns are separated by ";" (semicolon).
# Whitespace is significant and is considered part of the pattern.
#
-# If the system property jdk.serialFilter is also specified, it supersedes
-# the security property value defined here.
+# If the system property jdk.serialFilter is also specified on the command
+# line, it supersedes the security property value defined here.
#
# If a pattern includes a "=", it sets a limit.
# If a limit appears more than once the last value is used.
diff --git a/src/share/lib/security/java.security-macosx b/src/share/lib/security/java.security-macosx
index 55aa65933a25a27aa437d9d45acb247e23d729d6..d2229db52846a73696884a56cbe0242527337ced 100644
--- a/src/share/lib/security/java.security-macosx
+++ b/src/share/lib/security/java.security-macosx
@@ -890,8 +890,8 @@ jdk.xml.dsig.secureValidationPolicy=\
# Patterns are separated by ";" (semicolon).
# Whitespace is significant and is considered part of the pattern.
#
-# If the system property jdk.serialFilter is also specified, it supersedes
-# the security property value defined here.
+# If the system property jdk.serialFilter is also specified on the command
+# line, it supersedes the security property value defined here.
#
# If a pattern includes a "=", it sets a limit.
# If a limit appears more than once the last value is used.
diff --git a/src/share/lib/security/java.security-solaris b/src/share/lib/security/java.security-solaris
index a3a796d4ddb39bb0c2e46f2562520a4933e14175..ed3d0c5f4d1b3929d4acb6f7a44084f30f505b28 100644
--- a/src/share/lib/security/java.security-solaris
+++ b/src/share/lib/security/java.security-solaris
@@ -889,8 +889,8 @@ jdk.xml.dsig.secureValidationPolicy=\
# Patterns are separated by ";" (semicolon).
# Whitespace is significant and is considered part of the pattern.
#
-# If the system property jdk.serialFilter is also specified, it supersedes
-# the security property value defined here.
+# If the system property jdk.serialFilter is also specified on the command
+# line, it supersedes the security property value defined here.
#
# If a pattern includes a "=", it sets a limit.
# If a limit appears more than once the last value is used.
diff --git a/src/share/lib/security/java.security-windows b/src/share/lib/security/java.security-windows
index 623d02e4f5d817c871e1ccd08717ae4a14bc2463..5069b9f1c3d18f2a696045698c1535517e63794f 100644
--- a/src/share/lib/security/java.security-windows
+++ b/src/share/lib/security/java.security-windows
@@ -890,8 +890,8 @@ jdk.xml.dsig.secureValidationPolicy=\
# Patterns are separated by ";" (semicolon).
# Whitespace is significant and is considered part of the pattern.
#
-# If the system property jdk.serialFilter is also specified, it supersedes
-# the security property value defined here.
+# If the system property jdk.serialFilter is also specified on the command
+# line, it supersedes the security property value defined here.
#
# If a pattern includes a "=", it sets a limit.
# If a limit appears more than once the last value is used.
diff --git a/test/java/io/Serializable/serialFilter/GlobalFilterTest.java b/test/java/io/Serializable/serialFilter/GlobalFilterTest.java
index 20503d19ea16a3265047e8c062883f73c865cf17..3810f38d878fde660a51b8cb3162fb7a6ec17aff 100644
--- a/test/java/io/Serializable/serialFilter/GlobalFilterTest.java
+++ b/test/java/io/Serializable/serialFilter/GlobalFilterTest.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2016, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -42,9 +42,11 @@ import org.testng.annotations.DataProvider;
import sun.misc.ObjectInputFilter;
/* @test
+ * @bug 8231422
* @build GlobalFilterTest SerialFilterTest
* @run testng/othervm GlobalFilterTest
- * @run testng/othervm -Djdk.serialFilter=java.** GlobalFilterTest
+ * @run testng/othervm -Djdk.serialFilter=java.**
+ * -Dexpected-jdk.serialFilter=java.** GlobalFilterTest
* @run testng/othervm/policy=security.policy GlobalFilterTest
* @run testng/othervm/policy=security.policy
* -Djava.security.properties=${test.src}/java.security-extra1
@@ -54,6 +56,10 @@ import sun.misc.ObjectInputFilter;
*/
@Test
public class GlobalFilterTest {
+ private static final String serialPropName = "jdk.serialFilter";
+ private static final String badSerialFilter = "java.lang.StringBuffer;!*";
+ private static final String origSerialFilterProperty =
+ System.setProperty(serialPropName, badSerialFilter);
/**
* DataProvider of patterns and objects derived from the configured process-wide filter.
@@ -62,8 +68,8 @@ public class GlobalFilterTest {
@DataProvider(name="globalPatternElements")
Object[][] globalPatternElements() {
String globalFilter =
- System.getProperty("jdk.serialFilter",
- Security.getProperty("jdk.serialFilter"));
+ System.getProperty("expected-" + serialPropName,
+ Security.getProperty(serialPropName));
if (globalFilter == null) {
return new Object[0][];
}
@@ -100,12 +106,20 @@ public class GlobalFilterTest {
*/
@Test()
static void globalFilter() {
- String pattern =
- System.getProperty("jdk.serialFilter",
- Security.getProperty("jdk.serialFilter"));
ObjectInputFilter filter = ObjectInputFilter.Config.getSerialFilter();
+
+ // Check that the System.setProperty(jdk.serialFilter) DOES NOT affect the filter.
+ String asSetSystemProp = System.getProperty(serialPropName,
+ Security.getProperty(serialPropName));
+ Assert.assertNotEquals(Objects.toString(filter, null), asSetSystemProp,
+ "System.setProperty(\"jdk.serialfilter\", ...) should not change filter: " +
+ asSetSystemProp);
+
+ String pattern =
+ System.getProperty("expected-" + serialPropName,
+ Security.getProperty(serialPropName));
System.out.printf("global pattern: %s, filter: %s%n", pattern, filter);
- Assert.assertEquals(pattern, Objects.toString(filter, null),
+ Assert.assertEquals(Objects.toString(filter, null), pattern,
"process-wide filter pattern does not match");
}
diff --git a/test/java/io/Serializable/serialFilter/security.policy b/test/java/io/Serializable/serialFilter/security.policy
index f986e255e99a7a44ff9fa720876c65d7ecce62d0..a79251b3ecd3a951c9efca6799bda020a59bd22e 100644
--- a/test/java/io/Serializable/serialFilter/security.policy
+++ b/test/java/io/Serializable/serialFilter/security.policy
@@ -3,7 +3,7 @@ grant {
// Specific permission under test
permission java.security.SerializablePermission "serialFilter";
// Permissions needed to run the test
- permission java.util.PropertyPermission "*", "read";
+ permission java.util.PropertyPermission "*", "read,write";
permission java.io.FilePermission "<>", "read,write,delete";
permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
permission java.security.SecurityPermission "*";