You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@activemq.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2017/04/29 20:18:04 UTC
[jira] [Commented] (ARTEMIS-1135) Overflows during integer addition
or multiplication
[ https://issues.apache.org/jira/browse/ARTEMIS-1135?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15990034#comment-15990034 ]
ASF GitHub Bot commented on ARTEMIS-1135:
-----------------------------------------
GitHub user adityasharad opened a pull request:
https://github.com/apache/activemq-artemis/pull/1237
ARTEMIS-1135: Fix lgtm.com alerts - overflows in integer addition or multiplication
This PR addresses ARTEMIS-1135, issued based on the alerts found by the "Result of integer multiplication cast to long" and "Implicit narrowing conversion in compound assignment" rules at https://lgtm.com/projects/g/apache/activemq-artemis/alerts/.
In `MySQLSQLProvider`, overflow occurs when setting the max blob size, which overflows to zero at runtime rather than the intended 4GB
In `MQTTProtocolHandler`, overflow occurs when determining the time to keep the connection alive.
These are both fixed by casting the operands to `long` first.
In `AddressControlImpl`, queue message counts are `long`s but added up in an `int`.
In `MessageCounter.DayCounter`, the `counters` array holds `int`s but its elements will have `long` message counts added to them.
These are both fixed by changing the counter variables and relevant return types to `long`.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/adityasharad/activemq-artemis fix/lgtm-alerts-int-overflow
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/activemq-artemis/pull/1237.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #1237
----
commit b8f21bf2e31e5d9d121fd763d1b058bc2de1f6af
Author: Aditya Sharad <ad...@semmle.com>
Date: 2017-04-29T14:03:51Z
ARTEMIS-1135: Fix integer multiplication overflows
Multiplication operations where the operands have type `int` but the
result is cast to `long` may lead to overflow.
Fixes two instances of this problem, by ensuring the operands are cast
to `long` during multiplication.
This resolves the "Result of integer multiplication cast to long"
alerts at https://lgtm.com/projects/g/apache/activemq-artemis/alerts.
commit bb4bee488020092eebfd0a1e6e84ab85bafd83c7
Author: Aditya Sharad <ad...@semmle.com>
Date: 2017-04-29T14:34:06Z
ARTEMIS-1135: Fix potential message count overflow
Have `AddressControlImpl::getMessageCount` use and return a `long`.
Prevents potential overflow from use of an `int` count variable.
Fixes one of the "Implicit narrowing conversion in compound assignment"
alerts at https://lgtm.com/projects/g/apache/activemq-artemis/alerts.
commit 9c10169dc3fd45d8fe9784157ed5a6dcb84b1be2
Author: Aditya Sharad <ad...@semmle.com>
Date: 2017-04-29T14:52:08Z
ARTEMIS-1135: Prevent overflow in `DayCounter`
Use `long` array for hourly counters instead of `int` array.
Prevents overflow when the number of new messages (a `long`) is added.
Fixes one of the "Implicit narrowing conversion in compound assignment"
alerts on https://lgtm.com/projects/g/apache/activemq-artemis/alerts.
----
> Overflows during integer addition or multiplication
> ---------------------------------------------------
>
> Key: ARTEMIS-1135
> URL: https://issues.apache.org/jira/browse/ARTEMIS-1135
> Project: ActiveMQ Artemis
> Issue Type: Bug
> Affects Versions: 2.0.0
> Reporter: Aditya Sharad
>
> The "Result of integer multiplication cast to long" and "Implicit narrowing conversion in compound assignment" rules at https://lgtm.com/projects/g/apache/activemq-artemis/alerts/ detect multiple instances of potential overflow during integer addition or multiplication.
> The first rule detects two instances where the result of the multiplication is cast to {{long}}, but the individual operands are {{int}}s. This may lead to overflow during the multiplication.
> - In {{MySQLSQLProvider}}, this occurs when setting the max blob size, which overflows to zero at runtime rather than the intended 4GB.
> - In {{MQTTProtocolHandler}}, this occurs when determining the time to keep the connection alive.
> The second rule detects two instances where a {{long}} value is added to an {{int}}-valued variable, forcing implicit conversion and possibly overflow.
> - In {{AddressControlImpl}}, queue message counts are {{longs}} but added up in an {{int}}.
> - In {{MessageCounter.DayCounter}}, the {{counters}} array elements will have {{long}} message counts added to them, and so should be of type {{long}}.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)