[jira] [Resolved] (KAFKA-19569) Potential Long.MAX_VALUE overflow in sessionExpirationTimeNanos calculation in SaslServerAuthenticator

Luke Chen (Jira) Thu, 31 Jul 2025 19:31:11 -0700


     [ 
https://issues.apache.org/jira/browse/KAFKA-19569?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Luke Chen resolved KAFKA-19569.
-------------------------------
    Resolution: Duplicate

Duplicated with KAFKA-14604

> Potential Long.MAX_VALUE overflow in sessionExpirationTimeNanos calculation 
> in SaslServerAuthenticator 
> -------------------------------------------------------------------------------------------------------
>
>                 Key: KAFKA-19569
>                 URL: https://issues.apache.org/jira/browse/KAFKA-19569
>             Project: Kafka
>          Issue Type: Bug
>          Components: security
>    Affects Versions: 3.9.1, 4.0.0
>            Reporter: dyingjiecai
>            Assignee: dyingjiecai
>            Priority: Minor
>         Attachments: image-2025-08-01-10-12-04-784.png
>
>
> There is a potential risk of Long.MAX_VALUE overflow in the 
> sessionExpirationTimeNanos calculation within the SaslServerAuthenticator 
> class.
> Location:
>  !image-2025-08-01-10-12-04-784.png! 
> The calculation sessionExpirationTimeNanos = authenticationEndNanos + 1000 * 
> 1000 * retvalSessionLifetimeMs can potentially overflow when:
> retvalSessionLifetimeMs is very large 
> authenticationEndNanos is already a large value
> The multiplication 1000 * 1000 * retvalSessionLifetimeMs exceeds 
> Long.MAX_VALUE - authenticationEndNanos



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Resolved] (KAFKA-19569) Potential Long.MAX_VALUE overflow in sessionExpirationTimeNanos calculation in SaslServerAuthenticator

Reply via email to