7 files changed, 107 insertions, 38 deletions

diff --git a/common/b64enc.c b/common/b64enc.c
index 91ba69d48..087f27c9d 100644
--- a/common/b64enc.c
+++ b/common/b64enc.c
@@ -253,7 +253,7 @@ b64enc_write (struct b64state *state, const void *buffer, size_t nbytes)
       u32 crc = state->crc;
 
       for (p=buffer, n=nbytes; n; p++, n-- )
-        crc = (crc << 8) ^ crc_table[((crc >> 16)&0xff) ^ *p];
+        crc = ((u32)crc << 8) ^ crc_table[((crc >> 16)&0xff) ^ *p];
       state->crc = (crc & 0x00ffffff);
     }
 
diff --git a/common/dns-cert.c b/common/dns-cert.c
index 4e297bf92..317ebb1d8 100644
--- a/common/dns-cert.c
+++ b/common/dns-cert.c
@@ -47,6 +47,7 @@
 #endif
 
 #include "util.h"
+#include "host2net.h"
 #include "dns-cert.h"
 
 /* Not every installation has gotten around to supporting CERTs
@@ -130,7 +131,7 @@ get_dns_cert (const char *name, estream_t *r_key,
       if (datalen < 5)
         continue;  /* Truncated CERT record - skip.  */
 
-      ctype = ((data[0] << 8) | data[1]);
+      ctype = buf16_to_uint (data);
       /* (key tag and algorithm fields are not required.) */
       data += 5;
       datalen -= 5;
@@ -262,12 +263,13 @@ get_dns_cert (const char *name, estream_t *r_key,
           if ((emsg - pt) < 15)
             break;
 
-          type = *pt++ << 8;
-          type |= *pt++;
+          type = buf16_to_u16 (pt);
+          pt += 2;
 
-          class = *pt++ << 8;
+          class = buf16_to_u16 (pt);
+          pt += 2;
           class |= *pt++;
-          /* We asked for IN and got something else !? */
+
           if (class != C_IN)
             break;
 
@@ -275,8 +277,8 @@ get_dns_cert (const char *name, estream_t *r_key,
           pt += 4;
 
           /* data length */
-          dlen = *pt++ << 8;
-          dlen |= *pt++;
+          dlen = buf16_to_u16 (pt);
+          pt += 2;
 
           /* We asked for CERT and got something else - might be a
              CNAME, so loop around again. */
@@ -287,8 +289,8 @@ get_dns_cert (const char *name, estream_t *r_key,
             }
 
           /* The CERT type */
-          ctype = *pt++ << 8;
-          ctype |= *pt++;
+          ctype = buf16_to_u16 (pt);
+          pt += 2;
 
           /* Skip the CERT key tag and algo which we don't need. */
           pt += 3;
diff --git a/common/host2net.h b/common/host2net.h
index dd20e36ce..be5e5202a 100644
--- a/common/host2net.h
+++ b/common/host2net.h
@@ -1,5 +1,5 @@
 /* host2net.h - Endian conversion macros
- * Copyright (C) 1998, 2014  Werner Koch
+ * Copyright (C) 1998, 2014, 2015  Werner Koch
  *
  * This file is part of GnuPG.
  *
@@ -32,9 +32,6 @@
 
 #include "types.h"
 
-#define buftoulong( p )  ((*(byte*)(p) << 24) | (*((byte*)(p)+1)<< 16) | \
-		       (*((byte*)(p)+2) << 8) | (*((byte*)(p)+3)))
-#define buftoushort( p )  ((*((byte*)(p)) << 8) | (*((byte*)(p)+1)))
 #define ulongtobuf( p, a ) do { 			  \
 			    ((byte*)p)[0] = a >> 24;	\
 			    ((byte*)p)[1] = a >> 16;	\
@@ -45,8 +42,71 @@
 			    ((byte*)p)[0] = a >>  8;	\
 			    ((byte*)p)[1] = a	   ;	\
 			} while(0)
-#define buftou32( p)	buftoulong( (p) )
-#define u32tobuf( p, a) ulongtobuf( (p), (a) )
+
+
+static inline unsigned long
+buf16_to_ulong (const void *buffer)
+{
+  const unsigned char *p = buffer;
+
+  return (((unsigned long)p[0] << 8) | p[1]);
+}
+
+static inline unsigned int
+buf16_to_uint (const void *buffer)
+{
+  const unsigned char *p = buffer;
+
+  return (((unsigned int)p[0] << 8) | p[1]);
+}
+
+static inline unsigned short
+buf16_to_ushort (const void *buffer)
+{
+  const unsigned char *p = buffer;
+
+  return (((unsigned short)p[0] << 8) | p[1]);
+}
+
+static inline u16
+buf16_to_u16 (const void *buffer)
+{
+  const unsigned char *p = buffer;
+
+  return (((u16)p[0] << 8) | p[1]);
+}
+
+static inline size_t
+buf32_to_size_t (const void *buffer)
+{
+  const unsigned char *p = buffer;
+
+  return (((size_t)p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]);
+}
+
+static inline unsigned long
+buf32_to_ulong (const void *buffer)
+{
+  const unsigned char *p = buffer;
+
+  return (((unsigned long)p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]);
+}
+
+static inline unsigned int
+buf32_to_uint (const void *buffer)
+{
+  const unsigned char *p = buffer;
+
+  return (((unsigned int)p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]);
+}
+
+static inline u32
+buf32_to_u32 (const void *buffer)
+{
+  const unsigned char *p = buffer;
+
+  return (((u32)p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]);
+}
 
 
 #endif /*GNUPG_COMMON_HOST2NET_H*/
diff --git a/common/iobuf.c b/common/iobuf.c
index badbf78da..ca74bd71e 100644
--- a/common/iobuf.c
+++ b/common/iobuf.c
@@ -871,7 +871,7 @@ block_filter (void *opaque, int control, iobuf_t chain, byte * buffer,
 		    }
 		  else if (c == 255)
 		    {
-		      a->size = iobuf_get (chain) << 24;
+		      a->size = (size_t)iobuf_get (chain) << 24;
 		      a->size |= iobuf_get (chain) << 16;
 		      a->size |= iobuf_get (chain) << 8;
 		      if ((c = iobuf_get (chain)) == -1)
@@ -1228,9 +1228,12 @@ iobuf_t
 iobuf_temp_with_content (const char *buffer, size_t length)
 {
   iobuf_t a;
+  int i;
 
   a = iobuf_alloc (3, length);
-  memcpy (a->d.buf, buffer, length);
+  /* memcpy (a->d.buf, buffer, length); */
+  for (i=0; i < length; i++)
+    a->d.buf[i] = buffer[i];
   a->d.len = length;
 
   return a;
diff --git a/common/pka.c b/common/pka.c
index d47216298..4ead97f63 100644
--- a/common/pka.c
+++ b/common/pka.c
@@ -51,6 +51,7 @@
 #endif
 
 #include "util.h"
+#include "host2net.h"
 #include "pka.h"
 
 #ifdef USE_DNS_PKA
@@ -252,13 +253,14 @@ get_pka_info (const char *address, unsigned char *fpr)
       if (p >= pend - 10)
         return NULL; /* RR too short. */
 
-      type = *p++ << 8;
-      type |= *p++;
-      class = *p++ << 8;
-      class |= *p++;
+      type = buf16_to_uint (p);
+      p += 2;
+      class = buf16_to_uint (p);
+      p += 2;
       p += 4;
-      txtlen = *p++ << 8;
-      txtlen |= *p++;
+      txtlen = buf16_to_uint (p);
+      p += 2;
+
       if (type != T_TXT || class != C_IN)
         return NULL; /* Answer does not match the query. */
 
diff --git a/common/srv.c b/common/srv.c
index 7a0c42d4f..2107aa528 100644
--- a/common/srv.c
+++ b/common/srv.c
@@ -48,6 +48,7 @@
 #endif
 
 #include "util.h"
+#include "host2net.h"
 #include "srv.h"
 
 /* Not every installation has gotten around to supporting SRVs
@@ -184,27 +185,28 @@ getsrv (const char *name,struct srventry **list)
         if((emsg-pt)<16)
           goto fail;
 
-        type=*pt++ << 8;
-        type|=*pt++;
+        type = buf16_to_u16 (pt);
+        pt += 2;
         /* We asked for SRV and got something else !? */
         if(type!=T_SRV)
           goto fail;
 
-        class=*pt++ << 8;
-        class|=*pt++;
+        class = buf16_to_u16 (pt);
+        pt += 2;
         /* We asked for IN and got something else !? */
         if(class!=C_IN)
           goto fail;
 
-        pt+=4; /* ttl */
-        dlen=*pt++ << 8;
-        dlen|=*pt++;
-        srv->priority=*pt++ << 8;
-        srv->priority|=*pt++;
-        srv->weight=*pt++ << 8;
-        srv->weight|=*pt++;
-        srv->port=*pt++ << 8;
-        srv->port|=*pt++;
+        pt += 4; /* ttl */
+        dlen = buf16_to_u16 (pt);
+        pt += 2;
+
+        srv->priority = buf16_to_ushort (pt);
+        pt += 2;
+        srv->weight = buf16_to_ushort (pt);
+        pt += 2;
+        srv->port = buf16_to_ushort (pt);
+        pt += 2;
 
         /* Get the name.  2782 doesn't allow name compression, but
            dn_expand still works to pull the name out of the
diff --git a/common/tlv.c b/common/tlv.c
index 51a0907c3..74cb4a744 100644
--- a/common/tlv.c
+++ b/common/tlv.c
@@ -96,7 +96,7 @@ do_find_tlv (const unsigned char *buffer, size_t length,
         { /* Two byte length follows. */
           if (n < 2)
             return NULL; /* We expected 2 more bytes with the length. */
-          len = (s[0] << 8) | s[1];
+          len = ((size_t)s[0] << 8) | s[1];
           s += 2; n -= 2;
         }
       else