BUG/MINOR: ssl: Fix potential overflow

Coverity raised a potential overflow issue in these new functions that
work on unsigned long long objects. They were added in commit 9b25982
"BUG/MEDIUM: ssl: Verify error codes can exceed 63".

This patch needs to be backported alongside 9b25982.

diff --git a/include/haproxy/ssl_sock.h b/include/haproxy/ssl_sock.h
index d24b17f5b987006f59d3e406bbbfd2d396c68ff5..583266247ad8951f9b46cd5fea64ce9863a03683 100644 (file)
--- a/include/haproxy/ssl_sock.h
+++ b/include/haproxy/ssl_sock.h
@@ -164,7 +164,7 @@ static inline int cert_ignerr_bitfield_get(const unsigned long long *bitfield, i
        int val = 0;
 
        if (byte_index < IGNERR_BF_SIZE)
-               val = bitfield[byte_index] & (1 << (bit_index & 0x3F));
+               val = bitfield[byte_index] & (1ULL << (bit_index & 0x3F));
 
        return val != 0;
 }
@@ -174,7 +174,7 @@ static inline void cert_ignerr_bitfield_set(unsigned long long *bitfield, int bi
        int byte_index = bit_index >> 6;
 
        if (byte_index < IGNERR_BF_SIZE)
-               bitfield[byte_index] |= (1 << (bit_index & 0x3F));
+               bitfield[byte_index] |= (1ULL << (bit_index & 0x3F));
 }
 
 static inline void cert_ignerr_bitfield_set_all(unsigned long long *bitfield)