Fix number parsing for max-age for HSTS/HPKP.

net/http/http_security_headers.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include <limits>
 
 #include "base/base64.h"
-#include "base/strings/string_number_conversions.h"
 #include "base/strings/string_piece.h"
 #include "base/strings/string_tokenizer.h"
 #include "base/strings/string_util.h"
+#include "net/base/parse_number.h"
 #include "net/http/http_security_headers.h"
 #include "net/http/http_util.h"
 #include "url/gurl.h"
 
 namespace net {
 
 namespace {
 
 enum MaxAgeParsing { REQUIRE_MAX_AGE, DO_NOT_REQUIRE_MAX_AGE };
 
-static_assert(kMaxHSTSAgeSecs <= UINT32_MAX, "kMaxHSTSAgeSecs too large");
-static_assert(kMaxHPKPAgeSecs <= UINT32_MAX, "kMaxHPKPAgeSecs too large");
-
 // MaxAgeToLimitedInt converts a string representation of a "whole number" of
 // seconds into a uint32_t. The string may contain an arbitrarily large number,
 // which will be clipped to a supplied limit and which is guaranteed to fit
 // within a 32-bit unsigned integer. False is returned on any parse error.
 bool MaxAgeToLimitedInt(std::string::const_iterator begin,
                         std::string::const_iterator end,
                         uint32_t limit,
                         uint32_t* result) {
   const base::StringPiece s(begin, end);
-  if (s.empty())
-    return false;
 
-  int64_t i = 0;
+  ParseIntError error;
+  if (!ParseUint32(s, result, &error)) {
+    if (error == ParseIntError::FAILED_OVERFLOW) {
+      *result = limit;
+    } else {
+      return false;
+    }
+  }
 
-  // Return false on any StringToInt64 parse errors *except* for int64_t
-  // overflow. StringToInt64 is used, rather than StringToUint64, in order to
-  // properly handle and reject negative numbers (StringToUint64 does not return
-  // false on negative numbers). For values too large to be stored in an
-  // int64_t, StringToInt64 will return false with i set to
-  // std::numeric_limits<int64_t>::max(), so this case is allowed to fall
-  // through so that i gets clipped to limit.
-  if (!base::StringToInt64(s, &i) && i != std::numeric_limits<int64_t>::max())
-    return false;
-  if (i < 0)
-    return false;
-  if (i > limit)
-    i = limit;
-  *result = (uint32_t)i;
+  if (*result > limit)
+    *result = limit;
+
   return true;
 }
 
 // Returns true iff there is an item in |pins| which is not present in
 // |from_cert_chain|. Such an SPKI hash is called a "backup pin".
 bool IsBackupPinPresent(const HashValueVector& pins,
                         const HashValueVector& from_cert_chain) {
   for (HashValueVector::const_iterator i = pins.begin(); i != pins.end();
        ++i) {
     HashValueVector::const_iterator j =
@@ skipping 309 matching lines @@
                                bool* include_subdomains,
                                HashValueVector* hashes,
                                GURL* report_uri) {
   // max-age is irrelevant for Report-Only headers.
   base::TimeDelta unused_max_age;
   return ParseHPKPHeaderImpl(value, DO_NOT_REQUIRE_MAX_AGE, &unused_max_age,
                              include_subdomains, hashes, report_uri);
 }
 
 }  // namespace net