directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Emmanuel Lecharny (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DIRSERVER-1950) Unsafe cast to int in getPwdTimeBeforeExpiry calculation of AuthenticationInterceptor
Date Thu, 30 Jan 2014 04:36:13 GMT

    [ https://issues.apache.org/jira/browse/DIRSERVER-1950?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13886251#comment-13886251
] 

Emmanuel Lecharny commented on DIRSERVER-1950:
----------------------------------------------

There are a lot of things we con fix here. While debugging last night, I realized we called
the computeLength method more than once, which is a waste of CPU. This has to be corrected.

The BerValue.encode() methods has to be used when it's possible, for teh sake of clarity and
to avoid the kind of problem we have had. When it's not possible (lack of existing method
for tags which are not UNIVERSAL), we can add the missing method in BerValue. This is obviously
possible for simple types only...

> Unsafe cast to int in getPwdTimeBeforeExpiry calculation of AuthenticationInterceptor
> -------------------------------------------------------------------------------------
>
>                 Key: DIRSERVER-1950
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1950
>             Project: Directory ApacheDS
>          Issue Type: Bug
>          Components: core
>    Affects Versions: 2.0.0-M15
>            Reporter: lucas theisen
>         Attachments: DIRSERVER-1950.patch
>
>
>         int pwdAge = ( int ) ( currentTime - changedTime ) / 1000;
> Will cast to int before the division which causes overflow of int if the difference is
too large.  Even with division, it could still be too large so it is unsafe to use an int
value for pwdAge.  As it is only used for comparison, we can leave it as a long.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Mime
View raw message