From: Brad King <brad.king@kitware.com>
Date: Wed, 21 Oct 2015 16:02:21 +0000 (-0400)
Subject: Avoid left-shift overflow of signed integer
X-Git-Tag: v3.1.900a~54
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=963983ab5b650d286ac09db660feb82f9d67257a;p=thirdparty%2Flibarchive.git

Avoid left-shift overflow of signed integer

In libarchive/archive_write_set_format_zip.c there are two calls to
archive_le32enc whose second argument is of the form

 archive_entry_mode(zip->entry) << 16

However, the return type from archive_entry_mode may be a signed integer
so the shift may overflow.  Since the second argument of archive_le32enc
expects uint32_t anyway, simply cast to that prior to shifting.
---

diff --git a/libarchive/archive_write_set_format_zip.c b/libarchive/archive_write_set_format_zip.c
index 975a4684f..ed5a00b41 100644
--- a/libarchive/archive_write_set_format_zip.c
+++ b/libarchive/archive_write_set_format_zip.c
@@ -820,7 +820,7 @@ archive_write_zip_header(struct archive_write *a, struct archive_entry *entry)
 	archive_le16enc(zip->file_header + 28, (uint16_t)filename_length);
 	/* Following Info-Zip, store mode in the "external attributes" field. */
 	archive_le32enc(zip->file_header + 38,
-	    archive_entry_mode(zip->entry) << 16);
+	    ((uint32_t)archive_entry_mode(zip->entry)) << 16);
 	e = cd_alloc(zip, filename_length);
 	/* If (e == NULL) XXXX */
 	copy_path(zip->entry, e);
@@ -939,7 +939,7 @@ archive_write_zip_header(struct archive_write *a, struct archive_entry *entry)
 		}
 		if (included & 4) {
 			archive_le32enc(e,  /* external file attributes */
-			    archive_entry_mode(zip->entry) << 16);
+			    ((uint32_t)archive_entry_mode(zip->entry)) << 16);
 			e += 4;
 		}
 		if (included & 8) {