diff options
| author | rob <rob@cvs.openbsd.org> | 2019-04-27 14:58:16 +0000 |
|---|---|---|
| committer | rob <rob@cvs.openbsd.org> | 2019-04-27 14:58:16 +0000 |
| commit | 36f776fa4d133c3811974f6c5f6f7b8ffa28d460 (patch) | |
| tree | fb162840314135ea53923af9916e55b9fa9b199c /usr.bin | |
| parent | 726e0431a7a96ce2a79619971591ccac768616d6 (diff) | |
Only apply sign extension when less than eight bytes have been consumed. This
fixes a problem when handling large negative integers.
ok claudio@
Diffstat (limited to 'usr.bin')
| -rw-r--r-- | usr.bin/ldap/ber.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/usr.bin/ldap/ber.c b/usr.bin/ldap/ber.c index a958e580453..b3b2d1075c4 100644 --- a/usr.bin/ldap/ber.c +++ b/usr.bin/ldap/ber.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ber.c,v 1.21 2018/11/27 12:04:57 martijn Exp $ */ +/* $OpenBSD: ber.c,v 1.22 2019/04/27 14:58:14 rob Exp $ */ /* * Copyright (c) 2007, 2012 Reyk Floeter <reyk@openbsd.org> @@ -1240,8 +1240,9 @@ ber_read_element(struct ber *ber, struct ber_element *elm) } /* sign extend if MSB is set */ - if (val >> ((i - 1) * 8) & 0x80) - val |= ULLONG_MAX << (i * 8); + if (len < (ssize_t)sizeof(long long) && + (val >> ((len - 1) * 8) & 0x80)) + val |= ULLONG_MAX << (len * 8); elm->be_numeric = val; break; case BER_TYPE_BITSTRING: |