wsd/Auth.cpp | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
New commits:
commit fe1399fab5bc649a97b7124314210a6d0cc195f9
Author: Miklos Vajna <[email protected]>
AuthorDate: Fri Apr 3 18:01:44 2020 +0200
Commit: Miklos Vajna <[email protected]>
CommitDate: Fri Apr 3 19:20:01 2020 +0200
JWTAuth::verify: avoid working with RTTI without a reason
The purpose of the convert() function (without arguments) is to either
return fast in case the type of the JSON value and the argument match or
do a conversion.
We generate this JSON, so we know the JSON type will be always a string
and the argument type will be a size_t, so use the variant that always
does a conversion.
(Additional benefit is that I seem to hit a false alarm with
admin_fuzzer in the old code and it goes away with this change.)
Change-Id: I40851ab3ddd46fb1515ea9f0c9f40d9ec2006de7
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/91652
Tested-by: Jenkins CollaboraOffice <[email protected]>
Reviewed-by: Miklos Vajna <[email protected]>
diff --git a/wsd/Auth.cpp b/wsd/Auth.cpp
index a5f1a9fd0..8c53c367c 100644
--- a/wsd/Auth.cpp
+++ b/wsd/Auth.cpp
@@ -148,7 +148,8 @@ bool JWTAuth::verify(const std::string& accessToken)
Poco::JSON::Parser parser;
Poco::Dynamic::Var result = parser.parse(decodedPayload);
Poco::JSON::Object::Ptr object =
result.extract<Poco::JSON::Object::Ptr>();
- std::time_t decodedExptime = object->get("exp").convert<std::time_t>();
+ std::time_t decodedExptime = 0;
+ object->get("exp").convert(decodedExptime);
std::chrono::system_clock::time_point now =
std::chrono::system_clock::now();
std::time_t curtime = std::chrono::system_clock::to_time_t(now);
_______________________________________________
Libreoffice-commits mailing list
[email protected]
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
