Closed
Bug 1247912
Opened 8 years ago
Closed 8 years ago
[Static Analysis][Unintentional integer overflow] In function nsCookiePermission::PrefChanged
Categories
(Core :: Networking: Cookies, defect)
Core
Networking: Cookies
Tracking
()
RESOLVED
FIXED
mozilla47
Tracking | Status | |
---|---|---|
firefox47 | --- | fixed |
People
(Reporter: andi, Assigned: andi)
References
(Blocks 1 open bug)
Details
(Keywords: coverity, Whiteboard: CID 1286649)
Attachments
(1 file)
The Static Analysis tool Coverity added that an unintentional int32 overflow may happen:
>> mCookiesLifetimeSec = val * 24 * 60 * 60;
mCookiesLifetimeSec is int64_t but the result of right side expression will be int32_t and afterwards will be casted to int64_t. Now the impact is minor since the maximum value that can would be stored in mCookieLifetimeSec would be 2^31 - 1 but i guess this think can't hurt to have it in the code.
Assignee | ||
Comment 1•8 years ago
|
||
Review commit: https://reviewboard.mozilla.org/r/34751/diff/#index_header See other reviews: https://reviewboard.mozilla.org/r/34751/
Attachment #8718800 -
Flags: review?(josh)
Comment 2•8 years ago
|
||
Comment on attachment 8718800 [details] MozReview Request: Bug 1247912 - convert left side expression to int64_t when assigning to mCookiesLifetimeSec in order to avoid overflow. r?jdm https://reviewboard.mozilla.org/r/34751/#review32193 Makes sense. Thanks!
Attachment #8718800 -
Flags: review?(josh) → review+
Comment 4•8 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/022e3fe6f4b6
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla47
You need to log in
before you can comment on or make changes to this bug.
Description
•