From a247d282bf138eb2fd6474053ea4a648371eb9b0 Mon Sep 17 00:00:00 2001
From: Mark Andrews <marka@isc.org>
Date: Mon, 28 Feb 2022 13:43:20 +1100
Subject: [PATCH] Use unsigned arithmetic when shifting by 24

By default C promotes short unsigned values to signed int which
leads to undefined behaviour when the value is shifted by too much.
Force unsigned arithmetic to be perform by explicitly casting to a
unsigned type.

(cherry picked from commit b8b99603f117825f409cb2d49bc90ef188749227)
Conflict: NA
Reference: https://gitlab.isc.org/isc-projects/bind9/-/commit/a247d282bf138eb2fd6474053ea4a648371eb9b0
---
 lib/dns/journal.c | 3 ++-
 lib/dns/rbtdb.c   | 5 +++--
 lib/dns/soa.c     | 3 ++-
 3 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/lib/dns/journal.c b/lib/dns/journal.c
index 8e353f1c59..69beef7fbb 100644
--- a/lib/dns/journal.c
+++ b/lib/dns/journal.c
@@ -111,7 +111,8 @@ index_to_disk(dns_journal_t *);
 
 static inline uint32_t
 decode_uint32(unsigned char *p) {
-	return ((p[0] << 24) + (p[1] << 16) + (p[2] << 8) + (p[3] << 0));
+	return (((uint32_t)p[0] << 24) + ((uint32_t)p[1] << 16) +
+		((uint32_t)p[2] << 8) + ((uint32_t)p[3] << 0));
 }
 
 static inline void
diff --git a/lib/dns/rbtdb.c b/lib/dns/rbtdb.c
index acb35d22e6..f99d8a6c12 100644
--- a/lib/dns/rbtdb.c
+++ b/lib/dns/rbtdb.c
@@ -8974,8 +8974,9 @@ rdataset_current(dns_rdataset_t *rdataset, dns_rdata_t *rdata) {
 #if DNS_RDATASET_FIXED
 	if ((rdataset->attributes & DNS_RDATASETATTR_LOADORDER) != 0) {
 		unsigned int offset;
-		offset = (raw[0] << 24) + (raw[1] << 16) + (raw[2] << 8) +
-			 raw[3];
+		offset = ((unsigned int)raw[0] << 24) +
+			 ((unsigned int)raw[1] << 16) +
+			 ((unsigned int)raw[2] << 8) + (unsigned int)raw[3];
 		raw = rdataset->private3;
 		raw += offset;
 	}
diff --git a/lib/dns/soa.c b/lib/dns/soa.c
index d02be34e86..82edfd437e 100644
--- a/lib/dns/soa.c
+++ b/lib/dns/soa.c
@@ -25,7 +25,8 @@
 
 static inline uint32_t
 decode_uint32(unsigned char *p) {
-	return ((p[0] << 24) + (p[1] << 16) + (p[2] << 8) + (p[3] << 0));
+	return (((uint32_t)p[0] << 24) + ((uint32_t)p[1] << 16) +
+		((uint32_t)p[2] << 8) + ((uint32_t)p[3] << 0));
 }
 
 static inline void
-- 
2.23.0