From 87019ff22bdc1d788c86b6713e9c4a86c5d5b3ba Mon Sep 17 00:00:00 2001
From: Victor Julien <victor@inliniac.net>
Date: Fri, 25 Jan 2019 12:00:13 +0100
Subject: [PATCH] dcerpc/udp: fix int mishandling in opnum parsing

For Big Endian support in the protocol, the opnum would not be set
correctly.

Found using undefined sanitizer.
---
 src/app-layer-dcerpc-udp.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/app-layer-dcerpc-udp.c b/src/app-layer-dcerpc-udp.c
index 6e845a8c79..9eb9695614 100644
--- a/src/app-layer-dcerpc-udp.c
+++ b/src/app-layer-dcerpc-udp.c
@@ -242,8 +242,8 @@ static int DCERPCUDPParseHeader(Flow *f, void *dcerpcudp_state,
                         sstate->dcerpc.dcerpchdrudp.seqnum |= (uint32_t) *(p + 65) << 16;
                         sstate->dcerpc.dcerpchdrudp.seqnum |= (uint32_t) *(p + 66) << 8;
                         sstate->dcerpc.dcerpchdrudp.seqnum |= (uint32_t) *(p + 67);
-                        sstate->dcerpc.dcerpchdrudp.opnum = *(p + 68) << 24;
-                        sstate->dcerpc.dcerpchdrudp.opnum |= *(p + 69) << 16;
+                        sstate->dcerpc.dcerpchdrudp.opnum = *(p + 68) << 8;
+                        sstate->dcerpc.dcerpchdrudp.opnum |= *(p + 69);
                         sstate->dcerpc.dcerpchdrudp.ihint = *(p + 70) << 8;
                         sstate->dcerpc.dcerpchdrudp.ihint |= *(p + 71);
                         sstate->dcerpc.dcerpchdrudp.ahint = *(p + 72) << 8;
-- 
2.47.2