From 8abf065307ff4a7ea873fe59f76173bf17dac241 Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Thu, 16 Jul 2020 11:00:45 +0900
Subject: [PATCH] common: Avoid undefined behavior of left shift operator.

* common/iobuf.c (block_filter): Handle an error earlier.
Make sure it's unsigned.

--

GnuPG-bug-id: 4975
Suggested-by: lutianxiong <lutianxiong@huawei.com>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
---
 common/iobuf.c | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/common/iobuf.c b/common/iobuf.c
index 43f2e101c..a00ee0b37 100644
--- a/common/iobuf.c
+++ b/common/iobuf.c
@@ -909,16 +909,22 @@ block_filter (void *opaque, int control, iobuf_t chain, byte * buffer,
 		    }
 		  else if (c == 255)
 		    {
-		      a->size = iobuf_get_noeof (chain) << 24;
-		      a->size |= iobuf_get_noeof (chain) << 16;
-		      a->size |= iobuf_get_noeof (chain) << 8;
-		      if ((c = iobuf_get (chain)) == -1)
+                      size_t len = 0;
+                      int i;
+
+                      for (i = 0; i < 4; i++)
+                        if ((c = iobuf_get (chain)) == -1)
+                          break;
+                        else
+                          len = ((len << 8) | c);
+
+                      if (i < 4)
 			{
 			  log_error ("block_filter: invalid 4 byte length\n");
 			  rc = GPG_ERR_BAD_DATA;
 			  break;
 			}
-		      a->size |= c;
+                      a->size = len;
                       a->partial = 2;
                       if (!a->size)
                         {