directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "lucas theisen (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (DIRSERVER-1950) Unsafe cast to int in getPwdTimeBeforeExpiry calculation of AuthenticationInterceptor
Date Tue, 28 Jan 2014 18:35:42 GMT

    [ https://issues.apache.org/jira/browse/DIRSERVER-1950?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13884333#comment-13884333
] 

lucas theisen edited comment on DIRSERVER-1950 at 1/28/14 6:35 PM:
-------------------------------------------------------------------

They don't _really_ do the same thing...  The TLV version can have the values of 1 through
5, the BerValue version only 1 through 4.  Also the TLV version appears to ignore negative
values where the BerValue version doesnt.  They also break the size calculations down at different
spots.  So the integer value {{70000}} would be calculated as length 3 by BerValue.getNbBytes
and length 4 by TLV.getNbBytes.  So clearly there is a difference, but not sure which of the
2 is correct.


was (Author: ltheisen@mitre.org):
The don't _really_ do the same thing...  The TLV version can have the values of 1 through
5, the BerValue version only 1 through 4.  Also the TLV version appears to ignore negative
values where the BerValue version doesnt.  They also break the size calculations down at different
spots.  So the integer value {{70000}} would be calculated as length 3 by BerValue.getNbBytes
and length 4 by TLV.getNbBytes.  So clearly there is a difference, but not sure which of the
2 is correct.

> Unsafe cast to int in getPwdTimeBeforeExpiry calculation of AuthenticationInterceptor
> -------------------------------------------------------------------------------------
>
>                 Key: DIRSERVER-1950
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1950
>             Project: Directory ApacheDS
>          Issue Type: Bug
>          Components: core
>    Affects Versions: 2.0.0-M15
>            Reporter: lucas theisen
>         Attachments: DIRSERVER-1950.patch
>
>
>         int pwdAge = ( int ) ( currentTime - changedTime ) / 1000;
> Will cast to int before the division which causes overflow of int if the difference is
too large.  Even with division, it could still be too large so it is unsafe to use an int
value for pwdAge.  As it is only used for comparison, we can leave it as a long.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Mime
View raw message