From: Willy Tarreau <w@1wt.eu>
Date: Wed, 29 Apr 2026 08:02:11 +0000 (+0200)
Subject: CLEANUP: jwe: fix theoretical overflow in AAD length calculation
X-Git-Tag: v3.4-dev13~49
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=29b9da7821a13089ea3b8eed4a40beb9dd5ef0ee;p=thirdparty%2Fhaproxy.git

CLEANUP: jwe: fix theoretical overflow in AAD length calculation

The expression items[JWE_ELT_JOSE].length << 3 performs the shift on an
unsigned int (32-bit) before being cast to uint64_t instead of after.
This means that we don't cover for a possible overflow (which would
never happen as it would need a header length beyond 512MB). At least
fixing it will avoid code check reports.
---

diff --git a/src/jwe.c b/src/jwe.c
index 2b8eafe59..27762c8d3 100644
--- a/src/jwe.c
+++ b/src/jwe.c
@@ -448,7 +448,7 @@ static int build_and_check_tag(jwe_enc enc,  struct jwt_item items[JWE_ELT_MAX],
 	int retval = 1;
 	const EVP_MD *hash = NULL;
 	int mac_key_len = 0;
-	uint64_t aad_len = my_htonll(items[JWE_ELT_JOSE].length << 3);
+	uint64_t aad_len = my_htonll((uint64_t)items[JWE_ELT_JOSE].length << 3);
 
 	struct buffer *tag_data = alloc_trash_chunk();
 	struct buffer *hmac = alloc_trash_chunk();