[
https://issues.apache.org/jira/browse/DIRSERVER-1950?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13884699#comment-13884699
]
lucas theisen commented on DIRSERVER-1950:
------------------------------------------
Given that the
[RFC|http://tools.ietf.org/html/draft-behera-ldap-password-policy-10#section-6.2]
says:
{quote}
6.2. Response Control
...
The controlType is 1.3.6.1.4.1.42.2.27.8.5.1 and the controlValue is
the BER encoding of the following type:
...
{quote}
I modified the code in the decorator to exclusively use the {{BerValue}} class
for its length calculation and encoding. I still did not use the {{encode}}
method as suggested by [Emmanuel Lecharny|#comment-13883871] for 2 reasons,
first the value of the length is cached in this decorator making the
recalculation that would be done unnecessary, second, there are parts that
cannot be encoded using that method so I think it makes more sense to use the
same approach for the entire method rather than mixing and matching.
Checked in as Revision 1562234
> Unsafe cast to int in getPwdTimeBeforeExpiry calculation of
> AuthenticationInterceptor
> -------------------------------------------------------------------------------------
>
> Key: DIRSERVER-1950
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1950
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: core
> Affects Versions: 2.0.0-M15
> Reporter: lucas theisen
> Attachments: DIRSERVER-1950.patch
>
>
> int pwdAge = ( int ) ( currentTime - changedTime ) / 1000;
> Will cast to int before the division which causes overflow of int if the
> difference is too large. Even with division, it could still be too large so
> it is unsafe to use an int value for pwdAge. As it is only used for
> comparison, we can leave it as a long.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
