Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixing an Integer Overflow Issue #121

Merged
merged 4 commits into from Aug 28, 2017
Merged

Fixing an Integer Overflow Issue #121

merged 4 commits into from Aug 28, 2017

Conversation

hiranya911
Copy link
Contributor

If the token server responds with a large expires_in value to the token refresh request, the ServiceAccountCredential class runs into an integer overflow. I've added more information at #120.

This patch fixes the issue, and provides a test case (test case fails without the fix). This is not a critical issue, as we can expect most token servers to be well behaved. But it would be nice if the credentials were able to handle the case where the server responds with a large expires_in value.

lesv
lesv reviewed Aug 23, 2017
View reviewed changes
Copy link
Contributor

@lesv lesv left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@garrettjonesgoogle FYI

One Q, then I can approve. (I read the comment, but I'm not sure it makes sense.

oauth2_http/javatests/com/google/auth/oauth2/ServiceAccountCredentialsTest.java
assertEquals(3600 * 1000L, accessToken.getExpirationTimeMillis().longValue());

// Test for large expires_in values (should not overflow).
transport.setExpiresInSeconds(3600 * 1000);

This comment was marked as spam.

Sign in to view

This comment was marked as spam.

Sign in to view

@lesv lesv merged commit 3c5fabd into googleapis:master Aug 28, 2017
@lesv
Copy link
Contributor

lesv commented Aug 28, 2017

@garrettjonesgoogle I've merged, but can revert if you wish.

@chingor13 chingor13 mentioned this pull request Jun 19, 2018
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lesv lesv lesv approved these changes

@garrettjonesgoogle garrettjonesgoogle Awaiting requested review from garrettjonesgoogle

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@hiranya911 @lesv