You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cassandra.apache.org by "Jeremy Hanna (JIRA)" <ji...@apache.org> on 2019/06/13 18:33:03 UTC

[jira] [Updated] (CASSANDRA-14098) Potential Integer Overflow

     [ https://issues.apache.org/jira/browse/CASSANDRA-14098?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jeremy Hanna updated CASSANDRA-14098:
-------------------------------------
    Complexity: Low Hanging Fruit

> Potential Integer Overflow
> --------------------------
>
>                 Key: CASSANDRA-14098
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-14098
>             Project: Cassandra
>          Issue Type: Bug
>          Components: Legacy/Core
>            Reporter: songwanging
>            Priority: Low
>              Labels: lhf
>         Attachments: 14098-3.0.txt
>
>
> Our tool DeepTect has detected a potential integer overflow: 
> Path: cassandra/src/java/org/apache/cassandra/service/StorageService.java
> {code:java}
> ...
> long totalRowCountEstimate = cfs.estimatedKeysForRange(range);
> ...
>  int splitCount = Math.max(1, Math.min(maxSplitCount, (int)(totalRowCountEstimate / keysPerSplit)));
> {code}
> In the above code snippet, "totalRowCountEstimate" is a long variable, "keysPerSplit" is an integer variable. If "totalRowCountEstimate" is super large, directly casting "(totalRowCountEstimate / keysPerSplit" into integer will definitely lead to a potential integer overflow.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org