From: Nathan Moinvaziri <nathan@nathanm.com>
Date: Sun, 28 Jun 2020 20:05:11 +0000 (-0700)
Subject: Fixed bad shift operation warning in deflatePrime.
X-Git-Tag: 1.9.9-b1~161
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c611f608e8483906de1c3920b34dc8dbd1140ec2;p=thirdparty%2Fzlib-ng.git

Fixed bad shift operation warning in deflatePrime.
Check that bits value is not greater than bits allowed by value type.

  CID 293475 (#2-4 of 4): Bad bit shift operation (BAD_SHIFT)
  In expression 1UL << put, left shifting by more than 63 bits has undefined behavior.
---

diff --git a/deflate.c b/deflate.c
index f224952c..2a77a9f7 100644
--- a/deflate.c
+++ b/deflate.c
@@ -586,14 +586,17 @@ int32_t ZEXPORT PREFIX(deflatePrime)(PREFIX3(stream) *strm, int32_t bits, int32_
     if (deflateStateCheck(strm))
         return Z_STREAM_ERROR;
     s = strm->state;
-    if (bits < 0 || bits > BIT_BUF_SIZE ||
+    if (bits < 0 || bits > BIT_BUF_SIZE || bits > (sizeof(value) << 3) ||
         s->sym_buf < s->pending_out + ((BIT_BUF_SIZE + 7) >> 3))
         return Z_BUF_ERROR;
     do {
         put = BIT_BUF_SIZE - s->bi_valid;
         if (put > bits)
             put = bits;
-        s->bi_buf |= (((uint64_t)value & ((UINT64_C(1) << put) - 1)) << s->bi_valid);
+        if (s->bi_valid == 0)
+            s->bi_buf = (uint64_t)value;
+        else
+            s->bi_buf |= (((uint64_t)value & ((UINT64_C(1) << put) - 1)) << s->bi_valid);
         s->bi_valid += put;
         zng_tr_flush_bits(s);
         value >>= put;