On Fri, 9 Sep 2022 15:29:22 GMT, Roger Riggs <[email protected]> wrote:
> Is the case of -Dcom.sun.jndi.ldap.object.trustSerialData (w/o a value) well
> defined.
Deserialization and reconstruction of Java objects are only allowed when the
system property is set to "true". That's how its defined in `java.naming`
module info:
> "To allow the deserialization or reconstruction of java objects from {@code
> javaSerializedData},
> {@code javaRemoteLocation} or {@code javaReferenceAddress} attributes,
> the system property value can be set to {@code true}"
>
Other values and no value do not allow deserialization and reconstruction.
> Does it need a test.
Yes - I've updated the test with additional `run` tag with no value set for
`com.sun.jndi.ldap.object.trustSerialData`, also fixed the indentation in jtreg
header.
-------------
PR: https://git.openjdk.org/jdk/pull/10228
