mirror of
https://github.com/openssl/openssl.git
synced 2024-12-03 05:41:46 +08:00
3475c7a185
The function CRYPTO_128_unwrap_pad uses an 8 byte AIV (Alternative Initial
Value). The least significant 4 bytes of this is placed into the local
variable |ptext_len|. This is done as follows:
ptext_len = (aiv[4] << 24) | (aiv[5] << 16) | (aiv[6] << 8) | aiv[7];
aiv[4] is an unsigned char, but (aiv[4] << 24) is promoted to a *signed*
int - therefore we could end up shifting into the sign bit and end up with
a negative value. |ptext_len| is a size_t (typically 64-bits). If the
result of the shifts is negative then the upper bits of |ptext_len| will
all be 1.
This commit fixes the issue by explicitly casting to an unsigned int.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
||
|---|---|---|
| .. | ||
| asm | ||
| cbc128.c | ||
| ccm128.c | ||
| cfb128.c | ||
| ctr128.c | ||
| cts128.c | ||
| gcm128.c | ||
| Makefile | ||
| modes_lcl.h | ||
| modes.h | ||
| ocb128.c | ||
| ofb128.c | ||
| wrap128.c | ||
| xts128.c | ||