This is an automated email from the ASF dual-hosted git repository. bcall pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push: new ffed68edb6 Coverity 1508901: Use of 32-bit time_t in access_control plugin (#10506) ffed68edb6 is described below commit ffed68edb690c4819dac10b4305ef61add0bcb2d Author: Bryan Call <bc...@apache.org> AuthorDate: Mon Sep 25 14:48:20 2023 -0700 Coverity 1508901: Use of 32-bit time_t in access_control plugin (#10506) --- plugins/experimental/access_control/access_control.cc | 6 +++--- plugins/experimental/access_control/access_control.h | 6 +++--- plugins/experimental/access_control/common.cc | 15 ++++++++++++++- plugins/experimental/access_control/common.h | 1 + 4 files changed, 21 insertions(+), 7 deletions(-) diff --git a/plugins/experimental/access_control/access_control.cc b/plugins/experimental/access_control/access_control.cc index 5ed48f7212..5ed93e0ca5 100644 --- a/plugins/experimental/access_control/access_control.cc +++ b/plugins/experimental/access_control/access_control.cc @@ -143,7 +143,7 @@ AccessToken::validateTiming(time_t time) /* Validate and check not before timestamp */ if (!_notBefore.empty()) { - if (0 == (t = string2int(_notBefore))) { + if (0 == (t = string2time(_notBefore))) { return _state = INVALID_FIELD_VALUE; } else { if (time <= t) { @@ -154,7 +154,7 @@ AccessToken::validateTiming(time_t time) /* Validate and check expiration timestamp */ if (!_expiration.empty()) { - if (0 == (t = string2int(_expiration))) { + if (0 == (t = string2time(_expiration))) { return _state = INVALID_FIELD_VALUE; } else { if (time > t) { @@ -164,7 +164,7 @@ AccessToken::validateTiming(time_t time) } /* "issued at" time-stamp is currently only for info, so check if the time-stamp is valid only */ - if (!_issuedAt.empty() && 0 == string2int(_issuedAt)) { + if (!_issuedAt.empty() && 0 == string2time(_issuedAt)) { return _state = INVALID_FIELD_VALUE; } diff --git a/plugins/experimental/access_control/access_control.h b/plugins/experimental/access_control/access_control.h index 7aefefc5bd..079a201da6 100644 --- a/plugins/experimental/access_control/access_control.h +++ b/plugins/experimental/access_control/access_control.h @@ -125,19 +125,19 @@ public: time_t getExpiration() const { - return string2int(_expiration); + return string2time(_expiration); } time_t getNotBefore() const { - return string2int(_notBefore); + return string2time(_notBefore); } time_t getIssuedAt() const { - return string2int(_issuedAt); + return string2time(_issuedAt); } StringView diff --git a/plugins/experimental/access_control/common.cc b/plugins/experimental/access_control/common.cc index dbbd17c2e6..4f71c1f7e5 100644 --- a/plugins/experimental/access_control/common.cc +++ b/plugins/experimental/access_control/common.cc @@ -45,10 +45,23 @@ DbgCtl dbg_ctl{PLUGIN_NAME}; int string2int(const StringView &s) +{ + int t = 0; + try { + t = std::stoi(String(s)); + } catch (...) { + /* Failed to convert return impossible value */ + return 0; + } + return t; +} + +time_t +string2time(const StringView &s) { time_t t = 0; try { - t = static_cast<time_t>(std::stoi(String(s))); + t = static_cast<time_t>(std::stol(String(s))); } catch (...) { /* Failed to convert return impossible value */ return 0; diff --git a/plugins/experimental/access_control/common.h b/plugins/experimental/access_control/common.h index 0b7f922c41..82d92528fb 100644 --- a/plugins/experimental/access_control/common.h +++ b/plugins/experimental/access_control/common.h @@ -74,3 +74,4 @@ using namespace access_control_ns; #endif /* ACCESS_CONTROL_UNIT_TEST */ int string2int(const StringView &s); +time_t string2time(const StringView &s);