Hacker News new | ask | show | jobs
by alblue 1636 days ago
TL;DR Microsoft released a virus definition file with a timestamp/serial 220101001, and is unable to parse it into a (signed) long value since the largest value is 2,147,483,647 and it’s possible that there’s a factor of 10 in the deserialisation logic.
2 comments
Flocular 1636 days ago
The error message " Can’t Convert “2201010001” to long." makes it seem like that was the timestamp/serial used (Would be yymmddHHMM format). No factor 10 in deserialisation needed for an overflow.
link
ginko 1636 days ago
But 220,101,001 isn't larger than 2,147,483,647.. Did they get the number slightly wrong?
link
cnorthwood 1636 days ago
It also included a serial number following the date part of 001 (also 002, etc)
link
jonny_eh 1636 days ago
Clearly this should stay a string. But I suspect they’re converting to an int to compare which definition is newer.
link
genocidicbunny 1636 days ago
Comparing with strings ain't no panacea either. There's some suspicion that Windows 9 was skipped because a lot of old software checked for Windows 95 or 98 by just doing a string compare against "Windows 9". (For the record, I kind of doubt this was much of a concern by the time Windows '9' was being worked on, but there's a certain logic to it.)
link
turminal 1636 days ago
That would work just fine with a string comparison.
link
priansh 1636 days ago
Yeah my first thought was, well you could lay out the timestamp in a way that supports lexicographical sorting, and then realized they had already done so. No reason this shouldn’t be a string!
link
petee 1636 days ago
It can be both. DNS serial numbers are YYYYMMDDnn, and it works just fine for humans, it is easy to convert, more compact, and you can compare in a single operation. Internally, there is no reason for it to be a string.
link
mark-r 1635 days ago
I think the point is that a 3 digit serial wouldn't be enough to cause overflow, it would need to be 4 digits. But who makes a post like that without using copy/paste to get it exactly right?
link
Cycl0ps 1636 days ago
There's three 0s before the last 1. That pushes it over the edge of what a long int can handle
link
mark-r 1635 days ago
I've gone back to the original just to double check. It's very consistent about having only 2 zeros before the last digit, not 3.
link