Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1539)

Unified Diff: net/http/http_response_headers.cc

Issue 1827243002: Fix number parsing problems with HttpResponseHeaders::GetAgeValue() to not accept invalid numbers. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@parse_refactor
Patch Set: rebase Created 4 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/http/http_response_headers.h ('k') | net/http/http_response_headers_unittest.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/http/http_response_headers.cc
diff --git a/net/http/http_response_headers.cc b/net/http/http_response_headers.cc
index 8f8ce9d38aadbda82e308f653327269e7e89d0af..659b3ca3fba820be8ef24da72c2ba4dd3d429c22 100644
--- a/net/http/http_response_headers.cc
+++ b/net/http/http_response_headers.cc
@@ -23,6 +23,7 @@
#include "base/time/time.h"
#include "base/values.h"
#include "net/base/escape.h"
+#include "net/base/parse_number.h"
#include "net/http/http_byte_range.h"
#include "net/http/http_log_util.h"
#include "net/http/http_util.h"
@@ -1155,8 +1156,20 @@ bool HttpResponseHeaders::GetAgeValue(TimeDelta* result) const {
if (!EnumerateHeader(nullptr, "Age", &value))
return false;
- int64_t seconds;
- base::StringToInt64(value, &seconds);
+ // Parse the delta-seconds as 1*DIGIT.
+ uint32_t seconds;
+ ParseIntError error;
+ if (!ParseUint32(value, &seconds, &error)) {
+ if (error == ParseIntError::FAILED_OVERFLOW) {
+ // If the Age value cannot fit in a uint32_t, saturate it to a maximum
+ // value. This is similar to what RFC 2616 says in section 14.6 for how
+ // caches should transmit values that overflow.
+ seconds = std::numeric_limits<decltype(seconds)>::max();
+ } else {
+ return false;
+ }
+ }
+
*result = TimeDelta::FromSeconds(seconds);
return true;
}
« no previous file with comments | « net/http/http_response_headers.h ('k') | net/http/http_response_headers_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698