Integrated: 8278087: Deserialization filter and filter factory property error reporting under specified

[Roger Riggs]

On Wed, 1 Dec 2021 18:19:05 GMT, Roger Riggs <rriggs at openjdk.org> wrote:

> The effects of invalid values of `jdk.serialFilter` and `jdk.serialFilterFactory` properties are 
> incompletely specified. The behavior for invalid values of the properties is different and
> use an unconventional exception type, `ExceptionInInitializerError` and leave the `OIF.Config` class
> uninitialized. 
> 
> The exceptions in the `ObjectInputFilter.Config` class initialization caused by invalid values of the two properties, 
> either by system properties supplied on the command line or security properties are logged.
> The `Config` class marks either or both the filter and filter factory values as unusable
> and remembers the exception message.
> 
> Subsequent calls to the methods that get or set the filter or filter factory or create 
> an `ObjectInputStream` throw `java.lang.IllegalStateException` with the remembered exception message.
> Constructing an `ObjectInputStream` calls both `Config.getSerialFilter` and `Config.getSerialFilterFactory`.
> The nature of the invalid property is reported as an `IllegalStateException` on first use.
> 
> This PR supercedes https://github.com/openjdk/jdk/pull/6508 Document that setting an invalid property jdk.serialFilter disables deserialization

This pull request has now been integrated.

Changeset: f90425a1
Author:    Roger Riggs <rriggs at openjdk.org>
URL:       https://git.openjdk.java.net/jdk/commit/f90425a1cbbc686045c87086af586e62f05f6c49
Stats:     219 lines in 4 files changed: 136 ins; 15 del; 68 mod

8278087: Deserialization filter and filter factory property error reporting under specified

Reviewed-by: lancea, bpb

-------------

PR: https://git.openjdk.java.net/jdk/pull/6645