[opensaml2] 06/08: CPPXT-121 Fix potential signed overflow
Ferenc Wágner
wferi at moszumanska.debian.org
Sat Sep 9 20:48:18 UTC 2017
This is an automated email from the git hooks/post-receive script.
wferi pushed a commit to branch master
in repository opensaml2.
commit 41f767a9508e1752af2cb8beb42b1565d4365fa1
Author: Rod Widdowson <rdw at steadingsoftware.com>
Date: Tue Aug 15 17:32:38 2017 +0100
CPPXT-121 Fix potential signed overflow
https://issues.shibboleth.net/jira/browse/CPPXT-121
---
saml/saml2/metadata/impl/DynamicMetadataProvider.cpp | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/saml/saml2/metadata/impl/DynamicMetadataProvider.cpp b/saml/saml2/metadata/impl/DynamicMetadataProvider.cpp
index 86631bb..7ca8d6e 100644
--- a/saml/saml2/metadata/impl/DynamicMetadataProvider.cpp
+++ b/saml/saml2/metadata/impl/DynamicMetadataProvider.cpp
@@ -50,9 +50,14 @@ using namespace xmltooling::logging;
using namespace xmltooling;
using namespace std;
+#include <limits>
+
# ifndef min
# define min(a,b) (((a) < (b)) ? (a) : (b))
# endif
+# ifdef max
+# undef max
+# endif
static const XMLCh id[] = UNICODE_LITERAL_2(i,d);
static const XMLCh cleanupInterval[] = UNICODE_LITERAL_15(c,l,e,a,n,u,p,I,n,t,e,r,v,a,l);
@@ -301,7 +306,10 @@ pair<const EntityDescriptor*,const RoleDescriptor*> DynamicMetadataProvider::get
doFilters(*entity2);
time_t now = time(nullptr);
- if (entity2->getValidUntil() && entity2->getValidUntilEpoch() < now + 60)
+ time_t cmp = now;
+ if (cmp < (std::numeric_limits<int>::max() - 60))
+ cmp += 60;
+ if (entity2->getValidUntil() && entity2->getValidUntilEpoch() < cmp)
throw MetadataException("Metadata was already invalid at the time of retrieval.");
log.info("caching resolved metadata for (%s)", name.c_str());
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-shibboleth/opensaml2.git
More information about the Pkg-shibboleth-devel
mailing list