[shibboleth-sp2] 68/82: SSPCPP-754 Enforce 64/32 bit coexistance
Etienne Dysli Metref
edm-guest at moszumanska.debian.org
Thu Nov 16 08:16:26 UTC 2017
This is an automated email from the git hooks/post-receive script.
edm-guest pushed a commit to branch master
in repository shibboleth-sp2.
commit 20e7abc89c1b5f5f3c9d9fbcb1a9b0a420ecdf48
Author: Rod Widdowson <rdw at steadingsoftware.com>
Date: Thu Sep 28 15:44:16 2017 +0100
SSPCPP-754 Enforce 64/32 bit coexistance
https://issues.shibboleth.net/jira/browse/SSPCPP-754
During serialization test that a "long" fits into 32 bits.
This means that a 64 bit server (shids or webserber) can safely
communicate with a 32 bit client (or just fail)
---
shibsp/remoting/impl/ddf.cpp | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/shibsp/remoting/impl/ddf.cpp b/shibsp/remoting/impl/ddf.cpp
index 3c63a12..7087aa6 100644
--- a/shibsp/remoting/impl/ddf.cpp
+++ b/shibsp/remoting/impl/ddf.cpp
@@ -826,6 +826,17 @@ void xml_encode(ostream& os, const char* start)
}
}
+static
+bool
+is32bitSafe(long what)
+{
+ if (sizeof(what) <= 4) return true;
+ unsigned long uWhat = (what < 0) ? -what : what;
+ unsigned long upperOfuWhat = uWhat >> 31;
+
+ return (0 == upperOfuWhat);
+}
+
void serialize(ddf_body_t* p, ostream& os, bool name_attr=true)
{
if (p) {
@@ -855,6 +866,7 @@ void serialize(ddf_body_t* p, ostream& os, bool name_attr=true)
break;
case ddf_body_t::DDF_INT:
+ if (is32bitSafe(p->value.integer)) throw IOException("Integer Overflow");
os << "<number";
if (name_attr && p->name) {
os << " name=\"";
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-shibboleth/shibboleth-sp2.git
More information about the Pkg-shibboleth-devel
mailing list