[DIRSERVER-1950] Unsafe cast to int in getPwdTimeBeforeExpiry calculation of AuthenticationInterceptor - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 2.0.0-M15
Fix Version/s: None
Component/s: core
Labels:
None

Description

int pwdAge = ( int ) ( currentTime - changedTime ) / 1000;

Will cast to int before the division which causes overflow of int if the difference is too large. Even with division, it could still be too large so it is unsafe to use an int value for pwdAge. As it is only used for comparison, we can leave it as a long.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

DIRSERVER-1950.patch
24/Jan/14 15:57
4 kB
lucas theisen

Activity

People

Assignee:: Unassigned

Reporter:: lucas theisen

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 23/Jan/14 19:45

Updated:: 30/Jan/14 04:34

Resolved:: 28/Jan/14 00:19