Ravi Nori has uploaded a new change for review. Change subject: restapi : ints and shorts overflow ......................................................................
restapi : ints and shorts overflow int and short values are overflown[1] before they even reach the business code, allowing for wrong values to be set. Handles the case where negative values are passed for unsignedInt and unsignedShort Change-Id: I40115f1938a6263317d77ae2be0618d905e29664 Bug-Url: https://bugzilla.redhat.com/1000796 Signed-off-by: Ravi Nori <[email protected]> --- M backend/manager/modules/restapi/interface/definition/src/main/java/org/ovirt/engine/api/utils/IntegerParser.java 1 file changed, 6 insertions(+), 0 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/25/25425/1 diff --git a/backend/manager/modules/restapi/interface/definition/src/main/java/org/ovirt/engine/api/utils/IntegerParser.java b/backend/manager/modules/restapi/interface/definition/src/main/java/org/ovirt/engine/api/utils/IntegerParser.java index 195ce14..ea76e66 100644 --- a/backend/manager/modules/restapi/interface/definition/src/main/java/org/ovirt/engine/api/utils/IntegerParser.java +++ b/backend/manager/modules/restapi/interface/definition/src/main/java/org/ovirt/engine/api/utils/IntegerParser.java @@ -33,6 +33,9 @@ if (result.compareTo(MAX_UNSIGNED_SHORT) > 0) { throw new InvalidValueException("Value " + value + " is greater than maximum unsigned short " + MAX_UNSIGNED_SHORT); } + if (result.intValue() < 0) { + throw new InvalidValueException("Negative value " + value + " not allowed for unsigned short, valid values are between 0 and " + MAX_UNSIGNED_SHORT); + } return result.intValue(); } @@ -55,6 +58,9 @@ if (result.compareTo(MAX_UNSIGNED_INT) > 0) { throw new InvalidValueException("Value " + value + " is greater than maximum unsigned integer " + MAX_UNSIGNED_INT); } + if (result.intValue() < 0) { + throw new InvalidValueException("Negative value " + value + " not allowed for unsigned integers, valid values are between 0 and " + MAX_UNSIGNED_INT); + } return result.longValue(); } } -- To view, visit http://gerrit.ovirt.org/25425 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I40115f1938a6263317d77ae2be0618d905e29664 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Ravi Nori <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
