From 2183683bd633818dd031b090b5530951de76f392 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Wed, 11 Feb 2015 10:27:57 +0100 Subject: Use inline functions to convert buffer data to scalars. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * common/host2net.h (buf16_to_ulong, buf16_to_uint): New. (buf16_to_ushort, buf16_to_u16): New. (buf32_to_size_t, buf32_to_ulong, buf32_to_uint, buf32_to_u32): New. -- Commit 91b826a38880fd8a989318585eb502582636ddd8 was not enough to avoid all sign extension on shift problems. Hanno Böck found a case with an invalid read due to this problem. To fix that once and for all almost all uses of "<< 24" and "<< 8" are changed by this patch to use an inline function from host2net.h. Signed-off-by: Werner Koch --- sm/fingerprint.c | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) (limited to 'sm') diff --git a/sm/fingerprint.c b/sm/fingerprint.c index b849afb4e..a82945eb2 100644 --- a/sm/fingerprint.c +++ b/sm/fingerprint.c @@ -31,6 +31,9 @@ #include #include +#include "host2net.h" + + /* Return the fingerprint of the certificate (we can't put this into libksba because we need libgcrypt support). The caller must provide an array of sufficient length or NULL so that the function @@ -149,14 +152,8 @@ gpgsm_get_short_fingerprint (ksba_cert_t cert, unsigned long *r_high) gpgsm_get_fingerprint (cert, GCRY_MD_SHA1, digest, NULL); if (r_high) - *r_high = (((unsigned long)digest[12]<<24) - |(digest[13]<<16) - |(digest[14]<< 8) - |digest[15]); - return (((unsigned long)digest[16]<<24) - |(digest[17]<<16) - |(digest[18]<<8) - |digest[19]); + *r_high = buf32_to_ulong (digest+12); + return buf32_to_ulong (digest + 16); } -- cgit v1.2.3