Fix possible sign extension problem with newer compilers.

* cipher/des.c (READ_64BIT_DATA): Cast to u32 before shifting by 24. * cipher/blowfish.c (do_encrypt_block): Ditto. (do_decrypt_block): Ditto. * cipher/camellia.c (CAMELLIA_RR8): Ditto. * cipher/cast5.c (do_encrypt_block): Ditto. (do_decrypt_block): Ditto. (do_cast_setkey): Ditto. * cipher/twofish.c (INPACK): Ditto. * util/iobuf.c (block_filter): Ditto. -- For cipher/des.c Reported-by: Balint Reczey <balint@balintreczey.hu> See commit 57af33d9e7 for details. Signed-off-by: Werner Koch <wk@gnupg.org>
2024-06-01 22:28:02 +02:00 · 2016-02-01 18:06:14 +01:00 · 2016-02-01 18:06:14 +01:00 · 22caa5c2d4
commit 22caa5c2d4
parent aa4a3aa3e7
6 changed files with 42 additions and 42 deletions
--- a/cipher/blowfish.c
+++ b/cipher/blowfish.c
@ -424,8 +424,8 @@ do_encrypt_block( BLOWFISH_context *bc, byte *outbuf, const byte *inbuf )
 {
    u32 d1, d2;

-    d1 = inbuf[0] << 24 | inbuf[1] << 16 | inbuf[2] << 8 | inbuf[3];
-    d2 = inbuf[4] << 24 | inbuf[5] << 16 | inbuf[6] << 8 | inbuf[7];
+    d1 = (u32)inbuf[0] << 24 | inbuf[1] << 16 | inbuf[2] << 8 | inbuf[3];
+    d2 = (u32)inbuf[4] << 24 | inbuf[5] << 16 | inbuf[6] << 8 | inbuf[7];
    do_encrypt( bc, &d1, &d2 );
    outbuf[0] = (d1 >> 24) & 0xff;
    outbuf[1] = (d1 >> 16) & 0xff;
@ -449,8 +449,8 @@ do_decrypt_block( BLOWFISH_context *bc, byte *outbuf, const byte *inbuf )
 {
    u32 d1, d2;

-    d1 = inbuf[0] << 24 | inbuf[1] << 16 | inbuf[2] << 8 | inbuf[3];
-    d2 = inbuf[4] << 24 | inbuf[5] << 16 | inbuf[6] << 8 | inbuf[7];
+    d1 = (u32)inbuf[0] << 24 | inbuf[1] << 16 | inbuf[2] << 8 | inbuf[3];
+    d2 = (u32)inbuf[4] << 24 | inbuf[5] << 16 | inbuf[6] << 8 | inbuf[7];
    decrypt( bc, &d1, &d2 );
    outbuf[0] = (d1 >> 24) & 0xff;
    outbuf[1] = (d1 >> 16) & 0xff;
--- a/cipher/camellia.c
+++ b/cipher/camellia.c
@ -77,7 +77,7 @@ typedef unsigned char u8;
 #define CamelliaSubkeyR(INDEX) (subkey[(INDEX)*2 + 1])

 /* rotation right shift 1byte */
-#define CAMELLIA_RR8(x) (((x) >> 8) + ((x) << 24))
+#define CAMELLIA_RR8(x) (((x) >> 8) + ((u32)(x) << 24))
 /* rotation left shift 1bit */
 #define CAMELLIA_RL1(x) (((x) << 1) + ((x) >> 31))
 /* rotation left shift 1byte */
--- a/cipher/cast5.c
+++ b/cipher/cast5.c
@ -375,8 +375,8 @@ do_encrypt_block( CAST5_context *c, byte *outbuf, const byte *inbuf )
    /* (L0,R0) <-- (m1...m64).	(Split the plaintext into left and
     * right 32-bit halves L0 = m1...m32 and R0 = m33...m64.)
     */
-    l = inbuf[0] << 24 | inbuf[1] << 16 | inbuf[2] << 8 | inbuf[3];
-    r = inbuf[4] << 24 | inbuf[5] << 16 | inbuf[6] << 8 | inbuf[7];
+    l = (u32)inbuf[0] << 24 | inbuf[1] << 16 | inbuf[2] << 8 | inbuf[3];
+    r = (u32)inbuf[4] << 24 | inbuf[5] << 16 | inbuf[6] << 8 | inbuf[7];

    /* (16 rounds) for i from 1 to 16, compute Li and Ri as follows:
     *	Li = Ri-1;
@ -433,8 +433,8 @@ do_decrypt_block (CAST5_context *c, byte *outbuf, const byte *inbuf )
    Km = c->Km;
    Kr = c->Kr;

-    l = inbuf[0] << 24 | inbuf[1] << 16 | inbuf[2] << 8 | inbuf[3];
-    r = inbuf[4] << 24 | inbuf[5] << 16 | inbuf[6] << 8 | inbuf[7];
+    l = (u32)inbuf[0] << 24 | inbuf[1] << 16 | inbuf[2] << 8 | inbuf[3];
+    r = (u32)inbuf[4] << 24 | inbuf[5] << 16 | inbuf[6] << 8 | inbuf[7];

    t = l; l = r; r = t ^ F1(r, Km[15], Kr[15]);
    t = l; l = r; r = t ^ F3(r, Km[14], Kr[14]);
@ -588,10 +588,10 @@ do_cast_setkey( CAST5_context *c, const byte *key, unsigned keylen )
    if( keylen != 16 )
 	return G10ERR_WRONG_KEYLEN;

-    x[0] = key[0]  << 24 | key[1]  << 16 | key[2]  << 8 | key[3];
-    x[1] = key[4]  << 24 | key[5]  << 16 | key[6]  << 8 | key[7];
-    x[2] = key[8]  << 24 | key[9]  << 16 | key[10] << 8 | key[11];
-    x[3] = key[12] << 24 | key[13] << 16 | key[14] << 8 | key[15];
+    x[0] = (u32)key[0]  << 24 | key[1]  << 16 | key[2]  << 8 | key[3];
+    x[1] = (u32)key[4]  << 24 | key[5]  << 16 | key[6]  << 8 | key[7];
+    x[2] = (u32)key[8]  << 24 | key[9]  << 16 | key[10] << 8 | key[11];
+    x[3] = (u32)key[12] << 24 | key[13] << 16 | key[14] << 8 | key[15];

    key_schedule( x, z, k );
    for(i=0; i < 16; i++ )
--- a/cipher/des.c
+++ b/cipher/des.c
@ -430,8 +430,8 @@ static byte weak_keys[64][8] =
 * Macros to convert 8 bytes from/to 32bit words.
 */
 #define READ_64BIT_DATA(data, left, right)				     \
-    left  = (data[0] << 24) | (data[1] << 16) | (data[2] << 8) | data[3];	\
-    right = (data[4] << 24) | (data[5] << 16) | (data[6] << 8) | data[7];
+  left  = ((u32)data[0] << 24) | (data[1] << 16) | (data[2] << 8) | data[3]; \
+  right = ((u32)data[4] << 24) | (data[5] << 16) | (data[6] << 8) | data[7];

 #define WRITE_64BIT_DATA(data, left, right)				\
  data[0] = (left >> 24) &0xff; data[1] = (left >> 16) &0xff; 		\
--- a/cipher/twofish.c
+++ b/cipher/twofish.c
@ -756,7 +756,7 @@ twofish_setkey (void *ctx, const byte *key, unsigned int keylen)

 #define INPACK(n, x, m) \
   x = in[4 * (n)] ^ (in[4 * (n) + 1] << 8) \
-     ^ (in[4 * (n) + 2] << 16) ^ (in[4 * (n) + 3] << 24) ^ ctx->w[m]
+     ^ (in[4 * (n) + 2] << 16) ^ ((u32)in[4 * (n) + 3] << 24) ^ ctx->w[m]

 #define OUTUNPACK(n, x, m) \
   x ^= ctx->w[m]; \
--- a/util/iobuf.c
+++ b/util/iobuf.c
@ -738,7 +738,7 @@ block_filter(void *opaque, int control, IOBUF chain, byte *buf, size_t *ret_len)
 			}
 		    }
 		    else if( c == 255 ) {
-			a->size  = iobuf_get(chain) << 24;
+                        a->size  = (size_t)iobuf_get(chain) << 24;
 			a->size |= iobuf_get(chain) << 16;
 			a->size |= iobuf_get(chain) << 8;
 			if( (c = iobuf_get(chain)) == -1 ) {