From c0e4f3af7f552b01260102ac4afa3736d3512e6b Mon Sep 17 00:00:00 2001
From: Babneet Singh <sbabneet@ca.ibm.com>
Date: Wed, 2 Feb 2022 09:32:00 -0500
Subject: [PATCH] Explicitly handle null arguments in System.setSecurityManager

setSecurityManager should do nothing if the input argument is null and no
security manager has been established.

Before, this was being enforced implicitly. The implicit check no longer
works. There is error handling code and code to print a warning message,
which needs to avoided in the above "do nothing" scenario. So, an explicit
null check has been added to enforce the "no nothing" scenario.

Signed-off-by: Babneet Singh <sbabneet@ca.ibm.com>
---
 jcl/src/java.base/share/classes/java/lang/System.java | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/jcl/src/java.base/share/classes/java/lang/System.java b/jcl/src/java.base/share/classes/java/lang/System.java
index 06b96827948..fdf9236a1c2 100644
--- a/jcl/src/java.base/share/classes/java/lang/System.java
+++ b/jcl/src/java.base/share/classes/java/lang/System.java
@@ -1118,6 +1118,11 @@ public static void setSecurityManager(final SecurityManager s) {
 	@SuppressWarnings("removal")
 	final SecurityManager currentSecurity = security;
 
+	if ((currentSecurity == null) && (s == null)) {
+		/* Return if the input argument is null and no security manager has been established. */
+		return;
+	}
+
 	/*[IF JAVA_SPEC_VERSION > 11]*/
 	if (throwUOEFromSetSM) {
 		/*[MSG "K0B00", "The Security Manager is deprecated and will be removed in a future release"]*/