From a2d5f4d93130a16d0580ce1bb61b8366b5dd54f0 Mon Sep 17 00:00:00 2001 From: Vinu Bhagavath Date: Fri, 20 Mar 2026 12:37:36 -0400 Subject: [PATCH] Fix long overflow in CachedSupplier.maxStaleFailureJitter() When numFailures reaches 58, (1L << 57) * 100 overflows signed long, producing a negative duration that bypasses the 10-second cap in ComparableUtils.minimum(). This permanently sets the cached value's stale time to millions of years in the future, preventing any further credential refresh for the lifetime of the process. Clamp overflowed values to Long.MAX_VALUE so the 10-second cap is always respected. --- .../software/amazon/awssdk/utils/cache/CachedSupplier.java | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/utils/src/main/java/software/amazon/awssdk/utils/cache/CachedSupplier.java b/utils/src/main/java/software/amazon/awssdk/utils/cache/CachedSupplier.java index 32d14ca48a97..5ce75eaae7ba 100644 --- a/utils/src/main/java/software/amazon/awssdk/utils/cache/CachedSupplier.java +++ b/utils/src/main/java/software/amazon/awssdk/utils/cache/CachedSupplier.java @@ -334,7 +334,10 @@ private Duration maxPrefetchJitter(RefreshResult result) { } private Duration maxStaleFailureJitter(int numFailures) { - long exponentialBackoffMillis = (1L << numFailures - 1) * 100; + long exponentialBackoffMillis = (1L << (numFailures - 1)) * 100; + if (exponentialBackoffMillis <= 0) { + exponentialBackoffMillis = Long.MAX_VALUE; + } return ComparableUtils.minimum(Duration.ofMillis(exponentialBackoffMillis), Duration.ofSeconds(10)); }