Use inline functions to convert buffer data to scalars.

* common/host2net.h (buf16_to_ulong, buf16_to_uint): New.
(buf16_to_ushort, buf16_to_u16): New.
(buf32_to_size_t, buf32_to_ulong, buf32_to_uint, buf32_to_u32): New.
--

Commit 91b826a388 was not enough to
avoid all sign extension on shift problems.  Hanno Böck found a case
with an invalid read due to this problem.  To fix that once and for
all almost all uses of "<< 24" and "<< 8" are changed by this patch to
use an inline function from host2net.h.

Signed-off-by: Werner Koch <wk@gnupg.org>

g10/keygen.c

@@ -43,6 +43,8 @@
 #include "call-agent.h"
 #include "pkglue.h"
 #include "../common/shareddefs.h"
+#include "host2net.h"
+
 
 /* The default algorithms.  If you change them remember to change them
    also in gpg.c:gpgconf_list.  You should also check that the value
@@ -845,10 +847,7 @@ make_backsig (PKT_signature *sig, PKT_public_key *pk,
 		}
 	      else if (buf[1] == 255)
 		{
-		  pktlen  = buf[2] << 24;
-		  pktlen |= buf[3] << 16;
-		  pktlen |= buf[4] << 8;
-		  pktlen |= buf[5];
+                  pktlen = buf32_to_size_t (buf+2);
 		  buf += 6;
 		}
 	      else
@@ -865,7 +864,7 @@ make_backsig (PKT_signature *sig, PKT_public_key *pk,
 		  break;
 
 		case 2:
-		  pktlen  = buf[mark++] << 24;
+		  pktlen  = (size_t)buf[mark++] << 24;
 		  pktlen |= buf[mark++] << 16;
 
 		case 1: