qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rob Godfrey (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (QPID-8059) Potential Integer Overflow
Date Wed, 06 Dec 2017 16:53:00 GMT

     [ https://issues.apache.org/jira/browse/QPID-8059?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Rob Godfrey updated QPID-8059:
------------------------------
    Affects Version/s:     (was: qpid-python-1.37.0)

> Potential Integer Overflow
> --------------------------
>
>                 Key: QPID-8059
>                 URL: https://issues.apache.org/jira/browse/QPID-8059
>             Project: Qpid
>          Issue Type: Bug
>          Components: Broker-J
>            Reporter: songwanging
>            Priority: Minor
>
> Our tool DeepTect has detected a potential integer overflow:
> Path: qpid-broker-j/broker-core/src/main/java/org/apache/qpid/server/queue/MessageContentJsonConverter.java
> {code:java}
> class MessageContentJsonConverter
> {
> ...
> private long _remaining;
> ...
> private Object copyString(final String source) throws IOException{
> ...
> limit=Math.min((int)_remaining,source.length())
> ..
> }
> ...
> }
> {code}
> In the above code snippet, "_remaining" is a long variable, if it is super large, directly
casting "_remaining" into integer will definitely lead to a potential integer overflow.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org


Mime
View raw message