Details
-
Bug
-
Status: Awaiting Feedback
-
Low
-
Resolution: Unresolved
-
None
-
Low
-
Low Hanging Fruit
Description
Our tool DeepTect has detected a potential integer overflow:
Path: cassandra/src/java/org/apache/cassandra/service/StorageService.java
... long totalRowCountEstimate = cfs.estimatedKeysForRange(range); ... int splitCount = Math.max(1, Math.min(maxSplitCount, (int)(totalRowCountEstimate / keysPerSplit)));
In the above code snippet, "totalRowCountEstimate" is a long variable, "keysPerSplit" is an integer variable. If "totalRowCountEstimate" is super large, directly casting "(totalRowCountEstimate / keysPerSplit" into integer will definitely lead to a potential integer overflow.