github-advanced-security[bot] commented on code in PR #594:
URL: https://github.com/apache/syncope/pull/594#discussion_r1459001897
##########
core/idrepo/logic/src/main/java/org/apache/syncope/core/logic/CommandLogic.java:
##########
@@ -61,14 +61,14 @@
@PreAuthorize("hasRole('" + IdRepoEntitlement.IMPLEMENTATION_LIST + "')")
@Transactional(readOnly = true)
- public Pair<Integer, List<CommandTO>> search(final int page, final int
size, final String keyword) {
+ public Page<CommandTO> search(final String keyword, final Pageable
pageable) {
List<Implementation> result =
implementationDAO.findByTypeAndKeyword(IdRepoImplementationType.COMMAND,
keyword);
- int count = result.size();
+ long count = result.size();
List<CommandTO> commands = result.stream().
- skip((page - 1) * size).
- limit(size).
+ skip(pageable.getPageSize() * pageable.getPageNumber()).
Review Comment:
## Result of multiplication cast to wider type
Potential overflow in [int multiplication](1) before it is converted to long
by use in an invocation context.
[Show more
details](https://github.com/apache/syncope/security/code-scanning/1460)
##########
core/am/logic/src/main/java/org/apache/syncope/core/logic/wa/MfaTrusStorageLogic.java:
##########
@@ -105,11 +100,11 @@
return builder.build();
}).
filter(Objects::nonNull).
- collect(Collectors.toList());
+ toList();
List<MfaTrustedDevice> result = devices.stream().
- limit(itemsPerPage).
- skip(itemsPerPage * (page <= 0 ? 0L : page.longValue() - 1L)).
+ limit(pageable.getPageSize()).
+ skip(pageable.getPageSize() * pageable.getPageNumber()).
Review Comment:
## Result of multiplication cast to wider type
Potential overflow in [int multiplication](1) before it is converted to long
by use in an invocation context.
[Show more
details](https://github.com/apache/syncope/security/code-scanning/1459)
##########
core/idm/logic/src/main/java/org/apache/syncope/core/logic/ReconciliationLogic.java:
##########
@@ -620,16 +616,17 @@
if (spec.getIgnorePaging()) {
matching = new ArrayList<>();
- int count = anySearchDAO.count(base, true, adminRealms,
effectiveCond, anyType.getKind());
- int pages = (count / AnyDAO.DEFAULT_PAGE_SIZE) + 1;
+ long count = anySearchDAO.count(base, true, adminRealms,
effectiveCond, anyType.getKind());
+ long pages = (count / AnyDAO.DEFAULT_PAGE_SIZE) + 1;
- for (int p = 1; p <= pages; p++) {
- matching.addAll(anySearchDAO.search(base, true, adminRealms,
effectiveCond,
- p, AnyDAO.DEFAULT_PAGE_SIZE, orderBy,
anyType.getKind()));
+ for (int page = 0; page < pages; page++) {
Review Comment:
## Comparison of narrow type with wide type in loop condition
Comparison between [expression](1) of type int and [expression](2) of wider
type long.
[Show more
details](https://github.com/apache/syncope/security/code-scanning/1461)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
