https://bugs.openldap.org/show_bug.cgi?id=10401
--- Comment #2 from Howard Chu <[email protected]> --- It's a bit of an oddball case since the normal DER encoding of an integer -1 is just a single byte 0xff. As such, no left-shift occurs when decoding this value. We can force it by explicitly encoding -1 in multiple bytes, but while that's valid BER it is not valid DER. Anyway, we can generate a simple test case using echo "-1" | liblber/etest i > int This produces a 1-byte integer of value -1. The output in hex is 30 03 02 01 ff We can then feed this sequence into liblber/dtest to exercise the relevant function. liblber/dtest i < int There will be no errors from that data. We can test a 4-byte integer of value -1 using this hex sequence 30 06 02 04 ff ff ff ff And again feed that to liblber/dtest. When liblber is compiled with -fsanitize=undefined there will be an assert failure due to the left-shift of -1. With the patch applied, the assert no longer occurs. -- You are receiving this mail because: You are on the CC list for the issue.
