oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

heimdal: Avoid overflow when performing bitwise shift operations

Browse Source 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
This commit is contained in:
Joseph Sutton
2021-07-14 16:04:48 +12:00
committed by Jeffrey Altman
parent bc37bf1afd
commit 1c93a6ff26
5 changed files with 36 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
lib/gssapi/krb5/8003.c
View File

@@ -57,7 +57,10 @@ krb5_error_code
_gsskrb5_decode_om_uint32(const void *ptr, OM_uint32 *n)
{
const u_char *p = ptr;
*n = (p[0] << 0) | (p[1] << 8) | (p[2] << 16) | (p[3] << 24);
*n = ((uint32_t)p[0])
| ((uint32_t)p[1] << 8)
| ((uint32_t)p[2] << 16)
| ((uint32_t)p[3] << 24);
return 0;
}
@@ -65,7 +68,10 @@ krb5_error_code
_gsskrb5_decode_be_om_uint32(const void *ptr, OM_uint32 *n)
{
const u_char *p = ptr;
*n = (p[0] <<24) | (p[1] << 16) | (p[2] << 8) | (p[3] << 0);
*n = ((uint32_t)p[0] <<24)
| ((uint32_t)p[1] << 16)
| ((uint32_t)p[2] << 8)
| ((uint32_t)p[3]);
return 0;
}

5
lib/gssapi/krb5/init_sec_context.c
View File

@@ -608,7 +608,10 @@ init_auth_restart
if (ret == 0) {
if (timedata.length == 4) {
const u_char *p = timedata.data;
offset = (p[0] <<24) | (p[1] << 16) | (p[2] << 8) | (p[3] << 0);
offset = ((uint32_t)p[0] << 24)
| ((uint32_t)p[1] << 16)
| ((uint32_t)p[2] << 8)
| ((uint32_t)p[3] << 0);
}
krb5_data_free(&timedata);
}