From: Pádraig Brady <P@draigBrady.com>
Date: Wed, 4 Mar 2020 12:24:49 +0000 (+0000)
Subject: basenc: avoid undefined behaviour in z85 processing
X-Git-Tag: v8.32~2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0ea65e29dc346e9fe39db663b2ed43d7981ed266;p=thirdparty%2Fcoreutils.git

basenc: avoid undefined behaviour in z85 processing

* src/basenc.c (z85_decode_ctx_init): Ensure we're working
with unsigned, as otherwise ubsan triggers with:
  src/basenc.c:767:18: runtime error: signed integer overflow:
  43 * 52200625 cannot be represented in type 'int'
(z85_encode): Likewise to avoid the usban error:
  src/basenc.c:630:26: runtime error:
  left shift of 134 by 24 places cannot be represented in type 'int'
---

diff --git a/src/basenc.c b/src/basenc.c
index 9fb2ab9557..13c37f9048 100644
--- a/src/basenc.c
+++ b/src/basenc.c
@@ -627,7 +627,10 @@ z85_encode (const char *restrict in, size_t inlen,
       /* Got a quad, encode it */
       if (i == 4)
         {
-          val = (quad[0] << 24) + (quad[1] << 16) + (quad[2] << 8) + quad[3];
+          val = ((uint32_t) quad[0] << 24)
+                + ((uint32_t) quad[1] << 16)
+                + ((uint32_t) quad[2] << 8)
+                + quad[3];
 
           for (int j = 4; j>=0; --j)
             {
@@ -665,7 +668,7 @@ z85_decode_ctx_init (struct base_decode_context *ctx)
 
 
 # define Z85_HI_CTX_TO_32BIT_VAL(ctx) \
-  ((ctx)->ctx.z85.octets[0] * 85 * 85 * 85 * 85 )
+  ((uint32_t)(ctx)->ctx.z85.octets[0] * 85 * 85 * 85 * 85 )
 
 /*
  0 -  9:  0 1 2 3 4 5 6 7 8 9