Skip to content
This repository was archived by the owner on Sep 19, 2021. It is now read-only.

Commit 851e5cd

Browse files
vaagevaage
committed
Correct Bad Int to Long Conversion
In the serializer for Time, there was a problem with the low bits where the source integer was negative leading to the long being negative. The change adds a serializer for longs that should help protect bad custom long serialization.
1 parent ee3663f commit 851e5cd

2 files changed

Lines changed: 33 additions & 14 deletions

File tree

src/codeu/chat/common/Time.java

Lines changed: 2 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -30,18 +30,14 @@ public final class Time implements Comparable<Time> {
3030
@Override
3131
public void write(OutputStream out, Time value) throws IOException {
3232

33-
Serializers.INTEGER.write(out, (int)(0xFFFFFFFF & (value.totalMs >>> 32)));
34-
Serializers.INTEGER.write(out, (int)(0xFFFFFFFF & (value.totalMs >>> 0)));
33+
Serializers.LONG.write(out, value.totalMs);
3534

3635
}
3736

3837
@Override
3938
public Time read(InputStream in) throws IOException {
4039

41-
final long high = (long)Serializers.INTEGER.read(in);
42-
final long low = (long)Serializers.INTEGER.read(in);
43-
44-
return Time.fromMs((high << 32) | low);
40+
return Time.fromMs(Serializers.LONG.read(in));
4541

4642
}
4743
};

src/codeu/chat/util/Serializers.java

Lines changed: 31 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -40,10 +40,9 @@ public Boolean read(InputStream in) throws IOException {
4040
@Override
4141
public void write(OutputStream out, Integer value) throws IOException {
4242

43-
out.write(0xFF & (value >> 24));
44-
out.write(0xFF & (value >> 16));
45-
out.write(0xFF & (value >> 8));
46-
out.write(0xFF & (value >> 0));
43+
for (int i = 24; i >= 0; i -= 8) {
44+
out.write(0xFF & (value >>> i));
45+
}
4746

4847
}
4948

@@ -52,10 +51,34 @@ public Integer read(InputStream in) throws IOException {
5251

5352
int value = 0;
5453

55-
value = (value << 8) | in.read();
56-
value = (value << 8) | in.read();
57-
value = (value << 8) | in.read();
58-
value = (value << 8) | in.read();
54+
for (int i = 0; i < 4; i++) {
55+
value = (value << 8) | in.read();
56+
}
57+
58+
return value;
59+
60+
}
61+
};
62+
63+
public static final Serializer<Long> LONG = new Serializer<Long>() {
64+
65+
@Override
66+
public void write(OutputStream out, Long value) throws IOException {
67+
68+
for (int i = 56; i >= 0; i -= 8) {
69+
out.write((int)(0xFF & (value >>> i)));
70+
}
71+
72+
}
73+
74+
@Override
75+
public Long read(InputStream in) throws IOException {
76+
77+
long value = 0;
78+
79+
for (int i = 0; i < 8; i++) {
80+
value = (value << 8) | in.read();
81+
}
5982

6083
return value;
6184

0 commit comments

Comments
 (0)