[
https://issues.apache.org/jira/browse/OAK-7228?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
angela resolved OAK-7228.
-------------------------
Resolution: Duplicate
:-)
> Potential long overflow in MountPermissionProvider.getNumEntries
> -----------------------------------------------------------------
>
> Key: OAK-7228
> URL: https://issues.apache.org/jira/browse/OAK-7228
> Project: Jackrabbit Oak
> Issue Type: Bug
> Components: core, security
> Reporter: angela
> Priority: Major
>
> [~stillalex], just came across {{MountPermissionProvider.getNumEntries}},
> which looks as follows:
> {code}
> @Override
> public long getNumEntries(String principalName, long max) {
> long num = 0;
> for (PermissionStoreImpl store : stores) {
> num += store.getNumEntries(principalName, max);
> if (num >= max) {
> break;
> }
> }
> return num;
> }
> {code}
> If I am not mistaken this may lead to long overflow similar to the one we
> spotted it in {{PermissionEntryProviderImpl.init}}.
> Proposed (but untested fix) could look as follows:
> {code}
> @Override
> public long getNumEntries(String principalName, long max) {
> long num = 0;
> for (PermissionStoreImpl store : stores) {
> num = LongUtils.safeAdd(num,
> store.getNumEntries(principalName, max))
> if (num >= max) {
> break;
> }
> }
> return num;
> }
> {code}
> wdyt?
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
