common: Use iobuf_get_noeof to avoid undefined behaviors.
authorNIIBE Yutaka <gniibe@fsij.org>
Mon, 10 Sep 2018 04:44:47 +0000 (13:44 +0900)
committerNIIBE Yutaka <gniibe@fsij.org>
Mon, 10 Sep 2018 04:44:47 +0000 (13:44 +0900)
* common/iobuf.c (block_filter): Use iobuf_get_noeof.

--

When singed integer has negative value, left shift computation is
undefined in C.

GnuPG-bug-id: 4093
Reported-by: Philippe Antoine
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
common/iobuf.c

index 02c9b49..8f52f7f 100644 (file)
@@ -878,9 +878,9 @@ block_filter (void *opaque, int control, iobuf_t chain, byte * buffer,
                    }
                  else if (c == 255)
                    {
-                     a->size = (size_t)iobuf_get (chain) << 24;
-                     a->size |= iobuf_get (chain) << 16;
-                     a->size |= iobuf_get (chain) << 8;
+                     a->size = iobuf_get_noeof (chain) << 24;
+                     a->size |= iobuf_get_noeof (chain) << 16;
+                     a->size |= iobuf_get_noeof (chain) << 8;
                      if ((c = iobuf_get (chain)) == -1)
                        {
                          log_error ("block_filter: invalid 4 byte length\n");