From 6fdc4cae53bc2a7db5f02c5e02a3ca1041cc5dbb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 13 Feb 2015 17:15:18 +0000 Subject: [PATCH] Fix potential signedness issue --- ChangeLog | 2 ++ library/asn1parse.c | 9 +++++---- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/ChangeLog b/ChangeLog index 5d44eb118..43b861246 100644 --- a/ChangeLog +++ b/ChangeLog @@ -14,6 +14,8 @@ Bugfix * Fix hardclock() (only used in the benchmarking program) with some versions of mingw64 (found by kxjhlele). * Fix warnings from mingw64 in timing.c (found by kxjklele). + * Fix potential unintended sign extension in asn1_get_len() on 64-bit + platforms. Changes * Move from SHA-1 to SHA-256 in example programs using signatures diff --git a/library/asn1parse.c b/library/asn1parse.c index 678214045..763f32ad5 100644 --- a/library/asn1parse.c +++ b/library/asn1parse.c @@ -77,7 +77,7 @@ int asn1_get_len( unsigned char **p, if( ( end - *p ) < 3 ) return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); - *len = ( (*p)[1] << 8 ) | (*p)[2]; + *len = ( (size_t)(*p)[1] << 8 ) | (*p)[2]; (*p) += 3; break; @@ -85,7 +85,8 @@ int asn1_get_len( unsigned char **p, if( ( end - *p ) < 4 ) return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); - *len = ( (*p)[1] << 16 ) | ( (*p)[2] << 8 ) | (*p)[3]; + *len = ( (size_t)(*p)[1] << 16 ) | + ( (size_t)(*p)[2] << 8 ) | (*p)[3]; (*p) += 4; break; @@ -93,8 +94,8 @@ int asn1_get_len( unsigned char **p, if( ( end - *p ) < 5 ) return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); - *len = ( (*p)[1] << 24 ) | ( (*p)[2] << 16 ) | ( (*p)[3] << 8 ) | - (*p)[4]; + *len = ( (size_t)(*p)[1] << 24 ) | ( (size_t)(*p)[2] << 16 ) | + ( (size_t)(*p)[3] << 8 ) | (*p)[4]; (*p) += 5; break;