Index: net/http/http_security_headers.cc |
diff --git a/net/http/http_security_headers.cc b/net/http/http_security_headers.cc |
index ecb8e57d2b3e2e4c7168cc1898130cf48fd82173..5174825cc9a86a7c8f530bccf6612a9a1957904a 100644 |
--- a/net/http/http_security_headers.cc |
+++ b/net/http/http_security_headers.cc |
@@ -20,14 +20,16 @@ namespace { |
enum MaxAgeParsing { REQUIRE_MAX_AGE, DO_NOT_REQUIRE_MAX_AGE }; |
static_assert(kMaxHSTSAgeSecs <= UINT32_MAX, "kMaxHSTSAgeSecs too large"); |
+static_assert(kMaxHPKPAgeSecs <= UINT32_MAX, "kMaxHPKPAgeSecs too large"); |
-// MaxAgeToInt converts a string representation of a "whole number" of |
+// MaxAgeToLimitedInt converts a string representation of a "whole number" of |
// seconds into a uint32_t. The string may contain an arbitrarily large number, |
-// which will be clipped to kMaxHSTSAgeSecs and which is guaranteed to fit |
+// which will be clipped to a supplied limit and which is guaranteed to fit |
// within a 32-bit unsigned integer. False is returned on any parse error. |
-bool MaxAgeToInt(std::string::const_iterator begin, |
- std::string::const_iterator end, |
- uint32_t* result) { |
+bool MaxAgeToLimitedInt(std::string::const_iterator begin, |
+ std::string::const_iterator end, |
+ uint32_t limit, |
+ uint32_t* result) { |
const base::StringPiece s(begin, end); |
if (s.empty()) |
return false; |
@@ -39,15 +41,14 @@ bool MaxAgeToInt(std::string::const_iterator begin, |
// properly handle and reject negative numbers (StringToUint64 does not return |
// false on negative numbers). For values too large to be stored in an |
// int64_t, StringToInt64 will return false with i set to |
- // std::numeric_limits<int64_t>::max(), so this case is detected by the |
- // immediately following if-statement and allowed to fall through so that i |
- // gets clipped to kMaxHSTSAgeSecs. |
+ // std::numeric_limits<int64_t>::max(), so this case is allowed to fall |
+ // through so that i gets clipped to limit. |
if (!base::StringToInt64(s, &i) && i != std::numeric_limits<int64_t>::max()) |
return false; |
if (i < 0) |
return false; |
- if (i > kMaxHSTSAgeSecs) |
- i = kMaxHSTSAgeSecs; |
+ if (i > limit) |
+ i = limit; |
*result = (uint32_t)i; |
return true; |
} |
@@ -143,8 +144,9 @@ bool ParseHPKPHeaderImpl(const std::string& value, |
base::StringPiece(name_value_pairs.name_begin(), |
name_value_pairs.name_end()), |
"max-age")) { |
- if (!MaxAgeToInt(name_value_pairs.value_begin(), |
- name_value_pairs.value_end(), &max_age_candidate)) { |
+ if (!MaxAgeToLimitedInt(name_value_pairs.value_begin(), |
+ name_value_pairs.value_end(), kMaxHPKPAgeSecs, |
+ &max_age_candidate)) { |
return false; |
} |
parsed_max_age = true; |
@@ -280,7 +282,8 @@ bool ParseHSTSHeader(const std::string& value, |
if (base::IsAsciiWhitespace(*tokenizer.token_begin())) |
continue; |
unquoted = HttpUtil::Unquote(tokenizer.token()); |
- if (!MaxAgeToInt(unquoted.begin(), unquoted.end(), &max_age_candidate)) |
+ if (!MaxAgeToLimitedInt(unquoted.begin(), unquoted.end(), |
+ kMaxHSTSAgeSecs, &max_age_candidate)) |
return false; |
state = AFTER_MAX_AGE; |
break; |
@@ -304,7 +307,7 @@ bool ParseHSTSHeader(const std::string& value, |
} |
} |
- // We've consumed all the input. Let's see what state we ended up in. |
+ // We've consumed all the input. Let's see what state we ended up in. |
if (max_age_observed != 1 || |
(include_subdomains_observed != 0 && include_subdomains_observed != 1)) { |
return false; |