directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kiran Ayyagari (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DIRSERVER-1950) Unsafe cast to int in getPwdTimeBeforeExpiry calculation of AuthenticationInterceptor
Date Tue, 28 Jan 2014 16:57:38 GMT

    [ https://issues.apache.org/jira/browse/DIRSERVER-1950?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13884324#comment-13884324
] 

Kiran Ayyagari commented on DIRSERVER-1950:
-------------------------------------------

Basically they both do the same, the second version looks clean, the length needs to be computed
anyway.

> Unsafe cast to int in getPwdTimeBeforeExpiry calculation of AuthenticationInterceptor
> -------------------------------------------------------------------------------------
>
>                 Key: DIRSERVER-1950
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1950
>             Project: Directory ApacheDS
>          Issue Type: Bug
>          Components: core
>    Affects Versions: 2.0.0-M15
>            Reporter: lucas theisen
>         Attachments: DIRSERVER-1950.patch
>
>
>         int pwdAge = ( int ) ( currentTime - changedTime ) / 1000;
> Will cast to int before the division which causes overflow of int if the difference is
too large.  Even with division, it could still be too large so it is unsafe to use an int
value for pwdAge.  As it is only used for comparison, we can leave it as a long.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Mime
View raw message