Return-Path: X-Original-To: apmail-directory-dev-archive@www.apache.org Delivered-To: apmail-directory-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 2740A10765 for ; Thu, 30 Jan 2014 04:36:22 +0000 (UTC) Received: (qmail 12703 invoked by uid 500); 30 Jan 2014 04:36:21 -0000 Delivered-To: apmail-directory-dev-archive@directory.apache.org Received: (qmail 12157 invoked by uid 500); 30 Jan 2014 04:36:15 -0000 Mailing-List: contact dev-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Apache Directory Developers List" Delivered-To: mailing list dev@directory.apache.org Received: (qmail 12136 invoked by uid 99); 30 Jan 2014 04:36:13 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 30 Jan 2014 04:36:13 +0000 Date: Thu, 30 Jan 2014 04:36:13 +0000 (UTC) From: "Emmanuel Lecharny (JIRA)" To: dev@directory.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (DIRSERVER-1950) Unsafe cast to int in getPwdTimeBeforeExpiry calculation of AuthenticationInterceptor MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/DIRSERVER-1950?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13886251#comment-13886251 ] Emmanuel Lecharny commented on DIRSERVER-1950: ---------------------------------------------- There are a lot of things we con fix here. While debugging last night, I realized we called the computeLength method more than once, which is a waste of CPU. This has to be corrected. The BerValue.encode() methods has to be used when it's possible, for teh sake of clarity and to avoid the kind of problem we have had. When it's not possible (lack of existing method for tags which are not UNIVERSAL), we can add the missing method in BerValue. This is obviously possible for simple types only... > Unsafe cast to int in getPwdTimeBeforeExpiry calculation of AuthenticationInterceptor > ------------------------------------------------------------------------------------- > > Key: DIRSERVER-1950 > URL: https://issues.apache.org/jira/browse/DIRSERVER-1950 > Project: Directory ApacheDS > Issue Type: Bug > Components: core > Affects Versions: 2.0.0-M15 > Reporter: lucas theisen > Attachments: DIRSERVER-1950.patch > > > int pwdAge = ( int ) ( currentTime - changedTime ) / 1000; > Will cast to int before the division which causes overflow of int if the difference is too large. Even with division, it could still be too large so it is unsafe to use an int value for pwdAge. As it is only used for comparison, we can leave it as a long. -- This message was sent by Atlassian JIRA (v6.1.5#6160)