commit b5066965098371c3a876e1279b7890257cf46a31
author Vitaly Buka <vitalybuka@google.com> Tue Mar 08 21:07:18 2016 -0800
committer Vitaly Buka <vitalybuka@google.com> Wed Mar 09 18:02:04 2016 +0000
tree 619ded47b63a21a06d2a547d82200bec9af4082b
parent e733c38c669ec83c0778e74fc4f8d2af70173e02

Bound j2000 timestamps into [0, <int32_t>::max()] interval

We use j2000 timestamps in base::Values and macaroon tokens.
base::Values use int32_t and macaroon use uint32_t, so this interval should be
safe.

Change-Id: Ibcd7a8b8749ace62c561b2c03f3ccfdac2e74706
Reviewed-on: https://weave-review.googlesource.com/2882
Reviewed-by: Alex Vakulenko <avakulenko@google.com>

src/utils.cc

diff --git a/src/utils.cc b/src/utils.cc
index 5d1c3e3..bd15e61 100644
--- a/src/utils.cc
+++ b/src/utils.cc
@@ -4,6 +4,8 @@
 
 #include "src/utils.h"
 
+#include <limits>
+
 #include <base/bind_helpers.h>
 #include <base/json/json_reader.h>
 
@@ -72,10 +74,14 @@
 }
 
 uint32_t ToJ2000Time(const base::Time& time) {
-  return std::max(time.ToTimeT(), kJ2000ToTimeT) - kJ2000ToTimeT;
+  return std::min<int64_t>(
+      std::numeric_limits<int32_t>::max(),
+      std::max<int64_t>(kJ2000ToTimeT, time.ToTimeT()) - kJ2000ToTimeT);
 }
 
 base::Time FromJ2000Time(uint32_t time) {
+  if (time >= static_cast<uint32_t>(std::numeric_limits<int32_t>::max()))
+    return base::Time::Max();
   return base::Time::FromTimeT(time + kJ2000ToTimeT);
 }