fix: clamp integers safely (#91)

* fix: clamp integers safely

* refactor: separate clamping logic

---------

Co-authored-by: Mitul Shah <shahmitul005@gmail.com>

Author: millia385

ferrotunnel-core/src/tunnel/client.rs

@@ -2,6 +2,7 @@ use crate::auth::validate_token_format;
 use crate::stream::{Multiplexer, PrioritizedFrame, VirtualStream};
 use crate::transport::batched_sender::run_batched_sender;
 use crate::transport::{self, TransportConfig};
+use crate::tunnel::common::clamp_u128_to_u64;
 use ferrotunnel_common::{Result, TunnelError};
 use ferrotunnel_protocol::codec::TunnelCodec;
 use ferrotunnel_protocol::constants::{MAX_PROTOCOL_VERSION, MIN_PROTOCOL_VERSION};
@@ -163,7 +164,6 @@ impl TunnelClient {
     where
         C: FnOnce(Uuid) + Send + 'static,
     {
-        #[allow(clippy::cast_possible_truncation)]
         framed
             .send(Frame::Handshake(Box::new(HandshakeFrame {
                 min_version: MIN_PROTOCOL_VERSION,
@@ -258,11 +258,12 @@ impl TunnelClient {
             let decode_start = Instant::now();
             tokio::select! {
                 _ = heartbeat_interval.tick() => {
-                    #[allow(clippy::cast_possible_truncation)]
-                    let ts = std::time::SystemTime::now()
+                    let ts = clamp_u128_to_u64(
+                        std::time::SystemTime::now()
                         .duration_since(std::time::UNIX_EPOCH)
                         .unwrap_or_default()
-                        .as_millis() as u64;
+                        .as_millis()
+                    );
                     if let Err(e) = multiplexer.send_frame(Frame::Heartbeat { timestamp: ts }).await {
                         error!("Failed to send heartbeat: {}", e);
                         return Err(e);

ferrotunnel-core/src/tunnel/common.rs

@@ -0,0 +1,3 @@
+pub fn clamp_u128_to_u64(i: u128) -> u64 {
+    i.min(u128::from(u64::MAX)) as u64
+}

ferrotunnel-core/src/tunnel/mod.rs

@@ -1,4 +1,5 @@
 pub mod client;
+mod common;
 pub mod server;
 pub mod session;
 

ferrotunnel-core/src/tunnel/server.rs

@@ -3,6 +3,7 @@ use crate::resource_limits::{ServerResourceLimits, SessionPermit};
 use crate::stream::{Multiplexer, PrioritizedFrame};
 use crate::transport::batched_sender::run_batched_sender;
 use crate::transport::{self, BoxedStream, TransportConfig};
+use crate::tunnel::common::clamp_u128_to_u64;
 use crate::tunnel::session::{Session, SessionStoreBackend, ShardedSessionStore};
 use ferrotunnel_common::{Result, TunnelError};
 use ferrotunnel_protocol::codec::TunnelCodec;
@@ -336,11 +337,12 @@ impl TunnelServer {
                 Frame::Heartbeat { .. } => {
                     multiplexer
                         .send_frame(Frame::HeartbeatAck {
-                            #[allow(clippy::cast_possible_truncation)]
-                            timestamp: std::time::SystemTime::now()
-                                .duration_since(std::time::UNIX_EPOCH)
-                                .unwrap_or_default()
-                                .as_millis() as u64,
+                            timestamp: clamp_u128_to_u64(
+                                std::time::SystemTime::now()
+                                    .duration_since(std::time::UNIX_EPOCH)
+                                    .unwrap_or_default()
+                                    .as_millis(),
+                            ),
                         })
                         .await?;
                 }