fix undefined shift in block_filter()
This commit is contained in:
wangchen2020
parent
69a091a2d0
commit
e1d821f647
52
common-Avoid-undefined-behavior-of-left-shift-operat.patch
Normal file
52
common-Avoid-undefined-behavior-of-left-shift-operat.patch
Normal file
@ -0,0 +1,52 @@
|
||||
From 8abf065307ff4a7ea873fe59f76173bf17dac241 Mon Sep 17 00:00:00 2001
|
||||
From: NIIBE Yutaka <gniibe@fsij.org>
|
||||
Date: Thu, 16 Jul 2020 11:00:45 +0900
|
||||
Subject: [PATCH] common: Avoid undefined behavior of left shift operator.
|
||||
|
||||
* common/iobuf.c (block_filter): Handle an error earlier.
|
||||
Make sure it's unsigned.
|
||||
|
||||
--
|
||||
|
||||
GnuPG-bug-id: 4975
|
||||
Suggested-by: lutianxiong <lutianxiong@huawei.com>
|
||||
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
||||
---
|
||||
common/iobuf.c | 16 +++++++++++-----
|
||||
1 file changed, 11 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/common/iobuf.c b/common/iobuf.c
|
||||
index 43f2e10..a00ee0b 100644
|
||||
--- a/common/iobuf.c
|
||||
+++ b/common/iobuf.c
|
||||
@@ -909,16 +909,22 @@ block_filter (void *opaque, int control, iobuf_t chain, byte * buffer,
|
||||
}
|
||||
else if (c == 255)
|
||||
{
|
||||
- a->size = iobuf_get_noeof (chain) << 24;
|
||||
- a->size |= iobuf_get_noeof (chain) << 16;
|
||||
- a->size |= iobuf_get_noeof (chain) << 8;
|
||||
- if ((c = iobuf_get (chain)) == -1)
|
||||
+ size_t len = 0;
|
||||
+ int i;
|
||||
+
|
||||
+ for (i = 0; i < 4; i++)
|
||||
+ if ((c = iobuf_get (chain)) == -1)
|
||||
+ break;
|
||||
+ else
|
||||
+ len = ((len << 8) | c);
|
||||
+
|
||||
+ if (i < 4)
|
||||
{
|
||||
log_error ("block_filter: invalid 4 byte length\n");
|
||||
rc = GPG_ERR_BAD_DATA;
|
||||
break;
|
||||
}
|
||||
- a->size |= c;
|
||||
+ a->size = len;
|
||||
a->partial = 2;
|
||||
if (!a->size)
|
||||
{
|
||||
--
|
||||
1.8.3.1
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
Name: gnupg2
|
||||
Version: 2.2.21
|
||||
Release: 1
|
||||
Release: 2
|
||||
Summary: Utility for secure communication and data storage
|
||||
|
||||
License: GPLv3+
|
||||
@ -19,6 +19,7 @@ Patch7: gnupg-2.2.18-gpg-allow-import-of-previously-known-keys-even-without-UI.
|
||||
patch8: gnupg-2.2.18-tests-add-test-cases-for-import-without-uid.patch
|
||||
Patch9: gnupg-2.2.20-file-is-digest.patch
|
||||
Patch10: gnupg-2.2.21-coverity.patch
|
||||
Patch11: common-Avoid-undefined-behavior-of-left-shift-operat.patch
|
||||
|
||||
BuildRequires: zlib-devel, npth-devel, gdb, texinfo
|
||||
BuildRequires: libgpg-error-devel >= 1.31
|
||||
@ -113,6 +114,9 @@ make check
|
||||
|
||||
|
||||
%changelog
|
||||
* Tue Aug 4 2020 wangchen <wangchen137@huawei.com> - 2.2.21-2
|
||||
- fix undefined shift in block_filter()
|
||||
|
||||
* Sat Jul 25 2020 yang_zhuang_zhuang <yangzhuangzhuang1@huawei.com> - 2.2.21-1
|
||||
- update version to 2.2.21
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user