diff --git a/common-Avoid-undefined-behavior-of-left-shift-operat.patch b/common-Avoid-undefined-behavior-of-left-shift-operat.patch
new file mode 100644
index 0000000..97d01d8
--- /dev/null
+++ b/common-Avoid-undefined-behavior-of-left-shift-operat.patch
@@ -0,0 +1,52 @@
+From 8abf065307ff4a7ea873fe59f76173bf17dac241 Mon Sep 17 00:00:00 2001
+From: NIIBE Yutaka <gniibe@fsij.org>
+Date: Thu, 16 Jul 2020 11:00:45 +0900
+Subject: [PATCH] common: Avoid undefined behavior of left shift operator.
+
+* common/iobuf.c (block_filter): Handle an error earlier.
+Make sure it's unsigned.
+
+--
+
+GnuPG-bug-id: 4975
+Suggested-by: lutianxiong <lutianxiong@huawei.com>
+Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
+---
+ common/iobuf.c | 16 +++++++++++-----
+ 1 file changed, 11 insertions(+), 5 deletions(-)
+
+diff --git a/common/iobuf.c b/common/iobuf.c
+index 43f2e10..a00ee0b 100644
+--- a/common/iobuf.c
++++ b/common/iobuf.c
+@@ -909,16 +909,22 @@ block_filter (void *opaque, int control, iobuf_t chain, byte * buffer,
+ 		    }
+ 		  else if (c == 255)
+ 		    {
+-		      a->size = iobuf_get_noeof (chain) << 24;
+-		      a->size |= iobuf_get_noeof (chain) << 16;
+-		      a->size |= iobuf_get_noeof (chain) << 8;
+-		      if ((c = iobuf_get (chain)) == -1)
++                      size_t len = 0;
++                      int i;
++
++                      for (i = 0; i < 4; i++)
++                        if ((c = iobuf_get (chain)) == -1)
++                          break;
++                        else
++                          len = ((len << 8) | c);
++
++                      if (i < 4)
+ 			{
+ 			  log_error ("block_filter: invalid 4 byte length\n");
+ 			  rc = GPG_ERR_BAD_DATA;
+ 			  break;
+ 			}
+-		      a->size |= c;
++                      a->size = len;
+                       a->partial = 2;
+                       if (!a->size)
+                         {
+-- 
+1.8.3.1
+
diff --git a/gnupg2.spec b/gnupg2.spec
index 992c22e..70f989d 100644
--- a/gnupg2.spec
+++ b/gnupg2.spec
@@ -1,6 +1,6 @@
 Name: gnupg2
 Version: 2.2.21
-Release: 1
+Release: 2
 Summary: Utility for secure communication and data storage
 
 License: GPLv3+
@@ -19,6 +19,7 @@ Patch7:  gnupg-2.2.18-gpg-allow-import-of-previously-known-keys-even-without-UI.
 patch8:  gnupg-2.2.18-tests-add-test-cases-for-import-without-uid.patch
 Patch9:  gnupg-2.2.20-file-is-digest.patch
 Patch10: gnupg-2.2.21-coverity.patch
+Patch11: common-Avoid-undefined-behavior-of-left-shift-operat.patch
 
 BuildRequires: zlib-devel, npth-devel, gdb, texinfo
 BuildRequires: libgpg-error-devel >= 1.31
@@ -113,6 +114,9 @@ make check
 
 
 %changelog
+* Tue Aug 4 2020 wangchen <wangchen137@huawei.com> - 2.2.21-2
+- fix undefined shift in block_filter()
+
 * Sat Jul 25 2020 yang_zhuang_zhuang <yangzhuangzhuang1@huawei.com> - 2.2.21-1
 - update version to 2.2.21