net: use saturating_sub when substracting durations to prevent underflows (#33341)

* net: use saturating_sub when substracting durations to prevent underflows

Signed-off-by: webbeef <me@webbeef.org>

* Add regression test. (#1)

* Add regression test.

Signed-off-by: Josh Matthews <josh@joshmatthews.net>

---------

Signed-off-by: webbeef <me@webbeef.org>
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Co-authored-by: Josh Matthews <josh@joshmatthews.net>

components/net/http_cache.rs

@@ -198,10 +198,7 @@ fn get_response_expiry(response: &Response) -> Duration {
             return Duration::ZERO;
         }
         if let Some(max_age) = directives.max_age().or(directives.s_max_age()) {
-            if max_age < age {
+            return max_age.saturating_sub(age);
-                return Duration::ZERO;
-            }
-            return max_age - age;
         }
     }
     match response.headers.typed_get::<Expires>() {
@@ -221,7 +218,7 @@ fn get_response_expiry(response: &Response) -> Duration {
         // <https://tools.ietf.org/html/rfc7234#section-5.5.4>
         // Since presently we do not generate a Warning header field with a 113 warn-code,
         // 24 hours minus response age is the max for heuristic calculation.
-        let max_heuristic = Duration::from_secs(24 * 60 * 60) - age;
+        let max_heuristic = Duration::from_secs(24 * 60 * 60).saturating_sub(age);
         let heuristic_freshness = if let Some(last_modified) =
             // If the response has a Last-Modified header field,
             // caches are encouraged to use a heuristic expiration value

tests/wpt/mozilla/meta/MANIFEST.json

@@ -1,5 +1,16 @@
 {
  "items": {
+  "crashtest": {
+   "mozilla": {
+    "cache_old_response-crash.html": [
+     "d14e7c830f52bb77e81d91b533e0ce6d4a1ede82",
+     [
+      null,
+      {}
+     ]
+    ]
+   }
+  },
   "reftest": {
    "css": {
     "abs-overflow-stackingcontext.html": [
@@ -10507,6 +10518,10 @@
      "59562a8c9c39130cad411815059513c4ce0a7c04",
      []
     ],
+    "old_page.py": [
+     "3f096b6f5a6611f97f625d8a0420aaa96f2e2b01",
+     []
+    ],
     "partial_shadow_dom_layout_style_ref.html": [
      "bf40d2cc35b6b2c1e32afffa0651cb1b26e41fe8",
      []

tests/wpt/mozilla/tests/mozilla/cache_old_response-crash.html

@@ -0,0 +1,8 @@
+<!DOCTYPE html>
+<html>
+<meta charset="utf-8">
+<link rel="author" href="mailto:jdm@servo.org">
+<link rel="help" href="https://github.com/servo/servo/issues/33340">
+<meta name="assert" content="The http cache should not panic.">
+
+<iframe src="old_page.py"></iframe>

tests/wpt/mozilla/tests/mozilla/old_page.py

@@ -0,0 +1,14 @@
+# Copyright 2013 The Servo Project Developers. See the COPYRIGHT
+# file at the top-level directory of this distribution.
+#
+# Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
+# http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+# <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
+# option. This file may not be copied, modified, or distributed
+# except according to those terms.
+
+def main(request, response):
+    response.headers.set(b"Age", b"90000")
+    response.headers.set(b"Last-Modified", b"Wed, 21 Oct 2015 07:28:00 GMT")
+    response.write_status_headers()
+    response.writer.write_content(b"Body")