From 2183683bd633818dd031b090b5530951de76f392 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Wed, 11 Feb 2015 10:27:57 +0100
Subject: Use inline functions to convert buffer data to scalars.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* common/host2net.h (buf16_to_ulong, buf16_to_uint): New.
(buf16_to_ushort, buf16_to_u16): New.
(buf32_to_size_t, buf32_to_ulong, buf32_to_uint, buf32_to_u32): New.
--

Commit 91b826a38880fd8a989318585eb502582636ddd8 was not enough to
avoid all sign extension on shift problems.  Hanno Böck found a case
with an invalid read due to this problem.  To fix that once and for
all almost all uses of "<< 24" and "<< 8" are changed by this patch to
use an inline function from host2net.h.

Signed-off-by: Werner Koch <wk@gnupg.org>
---
 dirmngr/ldap.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'dirmngr/ldap.c')

diff --git a/dirmngr/ldap.c b/dirmngr/ldap.c
index 00df167e2..c59619897 100644
--- a/dirmngr/ldap.c
+++ b/dirmngr/ldap.c
@@ -36,6 +36,7 @@
 #include "ldapserver.h"
 #include "misc.h"
 #include "ldap-wrapper.h"
+#include "host2net.h"
 
 
 #define UNENCODED_URL_CHARS "abcdefghijklmnopqrstuvwxyz"   \
@@ -664,7 +665,7 @@ fetch_next_cert_ldap (cert_fetch_context_t context,
   gpg_error_t err;
   unsigned char hdr[5];
   char *p, *pend;
-  int n;
+  unsigned long n;
   int okay = 0;
   /* int is_cms = 0; */
 
@@ -677,7 +678,7 @@ fetch_next_cert_ldap (cert_fetch_context_t context,
       err = read_buffer (context->reader, hdr, 5);
       if (err)
         break;
-      n = (hdr[1] << 24)|(hdr[2]<<16)|(hdr[3]<<8)|hdr[4];
+      n = buf32_to_ulong (hdr+1);
       if (*hdr == 'V' && okay)
         {
 #if 0  /* That code is not yet ready.  */
-- 
cgit v1.2.3