From: Niels Möller Date: Thu, 29 Oct 2020 19:04:20 +0000 (+0100) Subject: blowfish: Add casts to uint32_t. X-Git-Tag: nettle_3.7rc1~54 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4c8b0cdd97ffec3ae3f8d995afdfccbc261b3c79;p=thirdparty%2Fnettle.git blowfish: Add casts to uint32_t. Avoids undefined behavior, since shifting an 8-bit value left by 24 bits overflows the range of signed int. Reported by Guido Vranken. --- diff --git a/ChangeLog b/ChangeLog index 57d121be..6626c6ea 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +2020-10-29 Niels Möller + + * blowfish.c (blowfish_set_key): Add casts to uint32_t. Avoids + undefined behavior, since shifting an 8-bit value left by 24 bits + overflows the range of signed int. Reported by Guido Vranken. + 2020-10-28 Niels Möller * gmp-glue.h (cnd_add_n, cnd_sub_n, cnd_swap): Deleted, use diff --git a/blowfish.c b/blowfish.c index e73caffe..3d546694 100644 --- a/blowfish.c +++ b/blowfish.c @@ -385,8 +385,10 @@ blowfish_set_key (struct blowfish_ctx *ctx, for (i = j = 0; i < _BLOWFISH_ROUNDS + 2; i++) { - data = (key[j] << 24) | (key[(j+1) % length] << 16) - | (key[(j+2) % length] << 8) | key[(j+3) % length]; + data = ((uint32_t) key[j] << 24) + | ((uint32_t) key[(j+1) % length] << 16) + | ((uint32_t) key[(j+2) % length] << 8) + | (uint32_t) key[(j+3) % length]; ctx->p[i] ^= data; j = (j + 4) % length; }