Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(7)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 1039263003: Prevent integer overflow when (de)serializing BackoffEntry

Created:
5 years, 9 months ago by johnme
Modified:
5 years, 9 months ago
Reviewers:
davidben
CC:
chromium-reviews, cbentzel+watch_chromium.org, Ryan Sleevi
Base URL:
https://chromium.googlesource.com/chromium/src.git@backoff
Target Ref:
refs/pending/heads/master
Project:
chromium
Visibility:
Public.

Description

Prevent integer overflow when (de)serializing BackoffEntry DEPENDS ON https://codereview.chromium.org/1023473003 Patch https://codereview.chromium.org/1023473003/ added methods for the serialization/deserialization of BackoffEntrys, but they are vulnerable to integer overflow. This patch makes the implementation never overflow; instead, times will be clamped to the nearest representable time. BUG=465399

Patch Set 1 #

Unified diffs Side-by-side diffs Delta from patch set Stats (+161 lines, -16 lines) Patch
M net/base/backoff_entry.cc View 2 chunks +31 lines, -13 lines 0 comments Download
M net/base/backoff_entry_unittest.cc View 4 chunks +130 lines, -3 lines 0 comments Download

Messages

Total messages: 4 (2 generated)
johnme
See also similar issue https://codereview.chromium.org/337803004 in the past.
5 years, 9 months ago (2015-03-27 20:11:09 UTC) #2
Ryan Sleevi
5 years, 9 months ago (2015-03-27 20:27:28 UTC) #4 
Still noting my general unease at this; I don't think this belongs in
BackoffEntry

Powered by Google App Engine
This is Rietveld 408576698