[DISPATCH-1589] Policy integer settings not properly checked for overflow - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: 1.10.0
Fix Version/s: None
Component/s: Policy Engine
Labels:
None

Description

in config code policy maxFrameSize are treated as a 64-bit integer. When processed by policy code only the bottom 32 bits are placed into a signed 32-bit integer and then checked for a value > 0 at run time.

A config file with:

"maxFrameSize": 3000000000

will set the internal policy value to

maxFrameSize: -1294967296

Since this value is negative policy code uses the default value.

If policy is using only 31 bits then the policy compilers should reject values that don't fit in 31 bits.

Attachments

Activity

People

Assignee:: Charles E. Rolke

Reporter:: Charles E. Rolke

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 06/Mar/20 22:14

Updated:: 06/Mar/20 22:14