Fix integer overflows when dealing with templates. (#21628)

jpountz · jpountz · commit 1a40b49d1345 · 2016-11-21T10:55:20.000+01:00
The overflows were happening in two places, the parsing of the template that implicitly truncates the `order` when its value does not fall into the `integer` range, and the comparator that sorts templates in ascending order, since it returns `order2-order1`, which might overflow. Closes #21622
diff --git a/core/src/main/java/org/elasticsearch/cluster/metadata/MetaDataCreateIndexService.java b/core/src/main/java/org/elasticsearch/cluster/metadata/MetaDataCreateIndexService.java
@@ -464,12 +464,7 @@ private List<IndexTemplateMetaData> findTemplates(CreateIndexClusterStateUpdateR
             }
         }
 
-        CollectionUtil.timSort(templates, new Comparator<IndexTemplateMetaData>() {
-            @Override
-            public int compare(IndexTemplateMetaData o1, IndexTemplateMetaData o2) {
-                return o2.order() - o1.order();
-            }
-        });
+        CollectionUtil.timSort(templates, Comparator.comparingInt(IndexTemplateMetaData::order).reversed());
         return templates;
     }
 
diff --git a/core/src/main/java/org/elasticsearch/common/Numbers.java b/core/src/main/java/org/elasticsearch/common/Numbers.java
@@ -21,6 +21,9 @@
 
 import org.apache.lucene.util.BytesRef;
 
+import java.math.BigDecimal;
+import java.math.BigInteger;
+
 /**
  * A set of utilities for numbers.
  */
@@ -178,4 +181,56 @@ public static boolean isValidDouble(double value) {
         }
         return true;
     }
+
+    /** Return the long that {@code n} stores, or throws an exception if the
+     *  stored value cannot be converted to a long that stores the exact same
+     *  value. */
+    public static long toLongExact(Number n) {
+        if (n instanceof Byte || n instanceof Short || n instanceof Integer
+                || n instanceof Long) {
+            return n.longValue();
+        } else if (n instanceof Float || n instanceof Double) {
+            double d = n.doubleValue();
+            if (d != Math.round(d)) {
+                throw new IllegalArgumentException(n + " is not an integer value");
+            }
+            return n.longValue();
+        } else if (n instanceof BigDecimal) {
+            return ((BigDecimal) n).toBigIntegerExact().longValueExact();
+        } else if (n instanceof BigInteger) {
+            return ((BigInteger) n).longValueExact();
+        } else {
+            throw new IllegalArgumentException("Cannot check whether [" + n + "] of class [" + n.getClass().getName()
+                    + "] is actually a long");
+        }
+    }
+
+    /** Return the int that {@code n} stores, or throws an exception if the
+     *  stored value cannot be converted to an int that stores the exact same
+     *  value. */
+    public static int toIntExact(Number n) {
+        return Math.toIntExact(toLongExact(n));
+    }
+
+    /** Return the short that {@code n} stores, or throws an exception if the
+     *  stored value cannot be converted to a short that stores the exact same
+     *  value. */
+    public static short toShortExact(Number n) {
+        long l = toLongExact(n);
+        if (l != (short) l) {
+            throw new ArithmeticException("short overflow: " + l);
+        }
+        return (short) l;
+    }
+
+    /** Return the byte that {@code n} stores, or throws an exception if the
+     *  stored value cannot be converted to a byte that stores the exact same
+     *  value. */
+    public static byte toByteExact(Number n) {
+        long l = toLongExact(n);
+        if (l != (byte) l) {
+            throw new ArithmeticException("byte overflow: " + l);
+        }
+        return (byte) l;
+    }
 }
diff --git a/core/src/main/java/org/elasticsearch/common/xcontent/support/XContentMapValues.java b/core/src/main/java/org/elasticsearch/common/xcontent/support/XContentMapValues.java
@@ -20,6 +20,7 @@
 package org.elasticsearch.common.xcontent.support;
 
 import org.elasticsearch.ElasticsearchParseException;
+import org.elasticsearch.common.Numbers;
 import org.elasticsearch.common.Strings;
 import org.elasticsearch.common.regex.Regex;
 import org.elasticsearch.common.unit.TimeValue;
@@ -290,7 +291,7 @@ public static double nodeDoubleValue(Object node) {
 
     public static int nodeIntegerValue(Object node) {
         if (node instanceof Number) {
-            return ((Number) node).intValue();
+            return Numbers.toIntExact((Number) node);
         }
         return Integer.parseInt(node.toString());
     }
@@ -299,10 +300,7 @@ public static int nodeIntegerValue(Object node, int defaultValue) {
         if (node == null) {
             return defaultValue;
         }
-        if (node instanceof Number) {
-            return ((Number) node).intValue();
-        }
-        return Integer.parseInt(node.toString());
+        return nodeIntegerValue(node);
     }
 
     public static short nodeShortValue(Object node, short defaultValue) {
@@ -314,7 +312,7 @@ public static short nodeShortValue(Object node, short defaultValue) {
 
     public static short nodeShortValue(Object node) {
         if (node instanceof Number) {
-            return ((Number) node).shortValue();
+            return Numbers.toShortExact((Number) node);
         }
         return Short.parseShort(node.toString());
     }
@@ -328,7 +326,7 @@ public static byte nodeByteValue(Object node, byte defaultValue) {
 
     public static byte nodeByteValue(Object node) {
         if (node instanceof Number) {
-            return ((Number) node).byteValue();
+            return Numbers.toByteExact((Number) node);
         }
         return Byte.parseByte(node.toString());
     }
@@ -342,7 +340,7 @@ public static long nodeLongValue(Object node, long defaultValue) {
 
     public static long nodeLongValue(Object node) {
         if (node instanceof Number) {
-            return ((Number) node).longValue();
+            return Numbers.toLongExact((Number) node);
         }
         return Long.parseLong(node.toString());
     }
diff --git a/core/src/test/java/org/elasticsearch/common/NumbersTests.java b/core/src/test/java/org/elasticsearch/common/NumbersTests.java
@@ -0,0 +1,146 @@
+/*
+ * Licensed to Elasticsearch under one or more contributor
+ * license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright
+ * ownership. Elasticsearch licenses this file to you under
+ * the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.elasticsearch.common;
+
+import org.elasticsearch.test.ESTestCase;
+
+import java.math.BigDecimal;
+import java.math.BigInteger;
+import java.util.concurrent.atomic.AtomicInteger;
+
+public class NumbersTests extends ESTestCase {
+
+    public void testToLongExact() {
+        assertEquals(3L, Numbers.toLongExact(Long.valueOf(3L)));
+        assertEquals(3L, Numbers.toLongExact(Integer.valueOf(3)));
+        assertEquals(3L, Numbers.toLongExact(Short.valueOf((short) 3)));
+        assertEquals(3L, Numbers.toLongExact(Byte.valueOf((byte) 3)));
+        assertEquals(3L, Numbers.toLongExact(3d));
+        assertEquals(3L, Numbers.toLongExact(3f));
+        assertEquals(3L, Numbers.toLongExact(BigInteger.valueOf(3L)));
+        assertEquals(3L, Numbers.toLongExact(BigDecimal.valueOf(3L)));
+
+        IllegalArgumentException e = expectThrows(IllegalArgumentException.class,
+                () -> Numbers.toLongExact(3.1d));
+        assertEquals("3.1 is not an integer value", e.getMessage());
+        e = expectThrows(IllegalArgumentException.class,
+                () -> Numbers.toLongExact(Double.NaN));
+        assertEquals("NaN is not an integer value", e.getMessage());
+        e = expectThrows(IllegalArgumentException.class,
+                () -> Numbers.toLongExact(Double.POSITIVE_INFINITY));
+        assertEquals("Infinity is not an integer value", e.getMessage());
+        e = expectThrows(IllegalArgumentException.class,
+                () -> Numbers.toLongExact(3.1f));
+        assertEquals("3.1 is not an integer value", e.getMessage());
+        e = expectThrows(IllegalArgumentException.class,
+                () -> Numbers.toLongExact(new AtomicInteger(3))); // not supported
+        assertEquals("Cannot check whether [3] of class [java.util.concurrent.atomic.AtomicInteger] is actually a long", e.getMessage());
+    }
+
+    public void testToIntExact() {
+        assertEquals(3L, Numbers.toIntExact(Long.valueOf(3L)));
+        assertEquals(3L, Numbers.toIntExact(Integer.valueOf(3)));
+        assertEquals(3L, Numbers.toIntExact(Short.valueOf((short) 3)));
+        assertEquals(3L, Numbers.toIntExact(Byte.valueOf((byte) 3)));
+        assertEquals(3L, Numbers.toIntExact(3d));
+        assertEquals(3L, Numbers.toIntExact(3f));
+        assertEquals(3L, Numbers.toIntExact(BigInteger.valueOf(3L)));
+        assertEquals(3L, Numbers.toIntExact(BigDecimal.valueOf(3L)));
+
+        IllegalArgumentException e = expectThrows(IllegalArgumentException.class,
+                () -> Numbers.toIntExact(3.1d));
+        assertEquals("3.1 is not an integer value", e.getMessage());
+        e = expectThrows(IllegalArgumentException.class,
+                () -> Numbers.toLongExact(Double.NaN));
+        assertEquals("NaN is not an integer value", e.getMessage());
+        e = expectThrows(IllegalArgumentException.class,
+                () -> Numbers.toLongExact(Double.POSITIVE_INFINITY));
+        assertEquals("Infinity is not an integer value", e.getMessage());
+        e = expectThrows(IllegalArgumentException.class,
+                () -> Numbers.toIntExact(3.1f));
+        assertEquals("3.1 is not an integer value", e.getMessage());
+        ArithmeticException ae = expectThrows(ArithmeticException.class,
+                () -> Numbers.toIntExact(1L << 40));
+        assertEquals("integer overflow", ae.getMessage());
+        e = expectThrows(IllegalArgumentException.class,
+                () -> Numbers.toIntExact(new AtomicInteger(3))); // not supported
+        assertEquals("Cannot check whether [3] of class [java.util.concurrent.atomic.AtomicInteger] is actually a long", e.getMessage());
+    }
+
+    public void testToShortExact() {
+        assertEquals(3L, Numbers.toShortExact(Long.valueOf(3L)));
+        assertEquals(3L, Numbers.toShortExact(Integer.valueOf(3)));
+        assertEquals(3L, Numbers.toShortExact(Short.valueOf((short) 3)));
+        assertEquals(3L, Numbers.toShortExact(Byte.valueOf((byte) 3)));
+        assertEquals(3L, Numbers.toShortExact(3d));
+        assertEquals(3L, Numbers.toShortExact(3f));
+        assertEquals(3L, Numbers.toShortExact(BigInteger.valueOf(3L)));
+        assertEquals(3L, Numbers.toShortExact(BigDecimal.valueOf(3L)));
+
+        IllegalArgumentException e = expectThrows(IllegalArgumentException.class,
+                () -> Numbers.toShortExact(3.1d));
+        assertEquals("3.1 is not an integer value", e.getMessage());
+        e = expectThrows(IllegalArgumentException.class,
+                () -> Numbers.toLongExact(Double.NaN));
+        assertEquals("NaN is not an integer value", e.getMessage());
+        e = expectThrows(IllegalArgumentException.class,
+                () -> Numbers.toLongExact(Double.POSITIVE_INFINITY));
+        assertEquals("Infinity is not an integer value", e.getMessage());
+        e = expectThrows(IllegalArgumentException.class,
+                () -> Numbers.toShortExact(3.1f));
+        assertEquals("3.1 is not an integer value", e.getMessage());
+        ArithmeticException ae = expectThrows(ArithmeticException.class,
+                () -> Numbers.toShortExact(100000));
+        assertEquals("short overflow: " + 100000, ae.getMessage());
+        e = expectThrows(IllegalArgumentException.class,
+                () -> Numbers.toShortExact(new AtomicInteger(3))); // not supported
+        assertEquals("Cannot check whether [3] of class [java.util.concurrent.atomic.AtomicInteger] is actually a long", e.getMessage());
+    }
+
+    public void testToByteExact() {
+        assertEquals(3L, Numbers.toByteExact(Long.valueOf(3L)));
+        assertEquals(3L, Numbers.toByteExact(Integer.valueOf(3)));
+        assertEquals(3L, Numbers.toByteExact(Short.valueOf((short) 3)));
+        assertEquals(3L, Numbers.toByteExact(Byte.valueOf((byte) 3)));
+        assertEquals(3L, Numbers.toByteExact(3d));
+        assertEquals(3L, Numbers.toByteExact(3f));
+        assertEquals(3L, Numbers.toByteExact(BigInteger.valueOf(3L)));
+        assertEquals(3L, Numbers.toByteExact(BigDecimal.valueOf(3L)));
+
+        IllegalArgumentException e = expectThrows(IllegalArgumentException.class,
+                () -> Numbers.toByteExact(3.1d));
+        assertEquals("3.1 is not an integer value", e.getMessage());
+        e = expectThrows(IllegalArgumentException.class,
+                () -> Numbers.toLongExact(Double.NaN));
+        assertEquals("NaN is not an integer value", e.getMessage());
+        e = expectThrows(IllegalArgumentException.class,
+                () -> Numbers.toLongExact(Double.POSITIVE_INFINITY));
+        assertEquals("Infinity is not an integer value", e.getMessage());
+        e = expectThrows(IllegalArgumentException.class,
+                () -> Numbers.toByteExact(3.1f));
+        assertEquals("3.1 is not an integer value", e.getMessage());
+        ArithmeticException ae = expectThrows(ArithmeticException.class,
+                () -> Numbers.toByteExact(300));
+        assertEquals("byte overflow: " + 300, ae.getMessage());
+        e = expectThrows(IllegalArgumentException.class,
+                () -> Numbers.toByteExact(new AtomicInteger(3))); // not supported
+        assertEquals("Cannot check whether [3] of class [java.util.concurrent.atomic.AtomicInteger] is actually a long", e.getMessage());
+    }
+}

Original file line number	Diff line number	Diff line change
`@@ -464,12 +464,7 @@ private List<IndexTemplateMetaData> findTemplates(CreateIndexClusterStateUpdateR`
`464`	`464`	`}`
`465`	`465`	`}`
`466`	`466`
`467`		`- CollectionUtil.timSort(templates, new Comparator<IndexTemplateMetaData>() {`
`468`		`- @Override`
`469`		`- public int compare(IndexTemplateMetaData o1, IndexTemplateMetaData o2) {`
`470`		`- return o2.order() - o1.order();`
`471`		`- }`
`472`		`- });`
	`467`	`+ CollectionUtil.timSort(templates, Comparator.comparingInt(IndexTemplateMetaData::order).reversed());`
`473`	`468`	`return templates;`
`474`	`469`	`}`
`475`	`470`
Original file line number	Diff line number	Diff line change
`@@ -20,6 +20,7 @@`
`20`	`20`	`package org.elasticsearch.common.xcontent.support;`
`21`	`21`
`22`	`22`	`import org.elasticsearch.ElasticsearchParseException;`
	`23`	`+import org.elasticsearch.common.Numbers;`
`23`	`24`	`import org.elasticsearch.common.Strings;`
`24`	`25`	`import org.elasticsearch.common.regex.Regex;`
`25`	`26`	`import org.elasticsearch.common.unit.TimeValue;`
`@@ -290,7 +291,7 @@ public static double nodeDoubleValue(Object node) {`
`290`	`291`
`291`	`292`	`public static int nodeIntegerValue(Object node) {`
`292`	`293`	`if (node instanceof Number) {`
`293`		`- return ((Number) node).intValue();`
	`294`	`+ return Numbers.toIntExact((Number) node);`
`294`	`295`	`}`
`295`	`296`	`return Integer.parseInt(node.toString());`
`296`	`297`	`}`
`@@ -299,10 +300,7 @@ public static int nodeIntegerValue(Object node, int defaultValue) {`
`299`	`300`	`if (node == null) {`
`300`	`301`	`return defaultValue;`
`301`	`302`	`}`
`302`		`- if (node instanceof Number) {`
`303`		`- return ((Number) node).intValue();`
`304`		`- }`
`305`		`- return Integer.parseInt(node.toString());`
	`303`	`+ return nodeIntegerValue(node);`
`306`	`304`	`}`
`307`	`305`
`308`	`306`	`public static short nodeShortValue(Object node, short defaultValue) {`
`@@ -314,7 +312,7 @@ public static short nodeShortValue(Object node, short defaultValue) {`
`314`	`312`
`315`	`313`	`public static short nodeShortValue(Object node) {`
`316`	`314`	`if (node instanceof Number) {`
`317`		`- return ((Number) node).shortValue();`
	`315`	`+ return Numbers.toShortExact((Number) node);`
`318`	`316`	`}`
`319`	`317`	`return Short.parseShort(node.toString());`
`320`	`318`	`}`
`@@ -328,7 +326,7 @@ public static byte nodeByteValue(Object node, byte defaultValue) {`
`328`	`326`
`329`	`327`	`public static byte nodeByteValue(Object node) {`
`330`	`328`	`if (node instanceof Number) {`
`331`		`- return ((Number) node).byteValue();`
	`329`	`+ return Numbers.toByteExact((Number) node);`
`332`	`330`	`}`
`333`	`331`	`return Byte.parseByte(node.toString());`
`334`	`332`	`}`
`@@ -342,7 +340,7 @@ public static long nodeLongValue(Object node, long defaultValue) {`
`342`	`340`
`343`	`341`	`public static long nodeLongValue(Object node) {`
`344`	`342`	`if (node instanceof Number) {`
`345`		`- return ((Number) node).longValue();`
	`343`	`+ return Numbers.toLongExact((Number) node);`
`346`	`344`	`}`
`347`	`345`	`return Long.parseLong(node.toString());`
`348`	`346`	`}`