BasePackPushConnection#readStringLongTimeout() was setting a timeout 10 times bigger than some other timeout or the pack transfer time. This could lead to negative integer values when we hit an arithmetic overflow. Add a check for this situation and set the timeout to Integer.MAX_VALUE when overflow happens. Bug: 484352 CC: Eugene Petrenko <eugene.petrenko@gmail.com> Change-Id: Ie2a86312c1bcb1ec3e6388fa490ab3c845d41808tags/v4.2.0.201601211800-r
@@ -385,7 +385,8 @@ public abstract class BasePackPushConnection extends BasePackConnection implemen | |||
final int oldTimeout = timeoutIn.getTimeout(); | |||
final int sendTime = (int) Math.min(packTransferTime, 28800000L); | |||
try { | |||
timeoutIn.setTimeout(10 * Math.max(sendTime, oldTimeout)); | |||
int timeout = 10 * Math.max(sendTime, oldTimeout); | |||
timeoutIn.setTimeout((timeout < 0) ? Integer.MAX_VALUE : timeout); | |||
return pckIn.readString(); | |||
} finally { | |||
timeoutIn.setTimeout(oldTimeout); |