CVS commit: src/crypto/external/bsd/netpgp/dist/src/netpgpverify

[Kamil Rytarowski]

Module Name:    src
Committed By:   kamil
Date:           Thu Jul 26 00:26:45 UTC 2018

Modified Files:
        src/crypto/external/bsd/netpgp/dist/src/netpgpverify: pgpsum.c

Log Message:
Avoid undefined behavior in netpgpverify

Do not change the signedness bit with a left shift operation.
Cast to unsigned integer to prevent this.

pgpsum.c:187:18, left shift of 130 by 24 places cannot be represented in type 
'int'

Detected with micro-UBSan in the user mode.


To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 \
    src/crypto/external/bsd/netpgp/dist/src/netpgpverify/pgpsum.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/pgpsum.c
diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/pgpsum.c:1.3 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/pgpsum.c:1.4
--- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/pgpsum.c:1.3	Mon Apr 17 19:50:28 2017
+++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/pgpsum.c	Thu Jul 26 00:26:45 2018
@@ -175,7 +175,7 @@ swap16(uint16_t in)
 	u16	u;
 
 	u.i16 = in;
-	return (u.i8[0] << 8) | u.i8[1];
+	return ((uint16_t)u.i8[0] << 8) | u.i8[1];
 }
 
 static inline uint32_t
@@ -184,7 +184,7 @@ swap32(uint32_t in)
 	u32	u;
 
 	u.i32 = in;
-	return (u.i8[0] << 24) | (u.i8[1] << 16) | (u.i8[2] << 8) | u.i8[3];
+	return ((uint32_t)u.i8[0] << 24) | (u.i8[1] << 16) | (u.i8[2] << 8) | u.i8[3];
 }
 
 static inline int