Home Explore Help
Register Sign In
Apq
/
CMake
mirror of https://github.com/Kitware/CMake.git
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

librhash: Avoid signed left-shift overflow in sha256

Fix `rhash_sha256_final` to use unsigned integers for left shifting to
avoid the possibility of undefined overflow behavior.
Brad King 9 years ago
parent
d0ff3e701c
commit
9e07ffa4e4
1 changed files with 2 additions and 2 deletions
Split View Show Diff Stats
  1. 2 2
      Utilities/cmlibrhash/librhash/sha256.c

+ 2 - 2
Utilities/cmlibrhash/librhash/sha256.c
View File 

@@ -218,8 +218,8 @@ void rhash_sha256_final(sha256_ctx *ctx, unsigned char* result)
 
 	/* pad message and run for last block */
 
 
 	/* append the byte 0x80 to the message */
 
-	ctx->message[index]   &= le2me_32(~(0xFFFFFFFF << shift));
 
-	ctx->message[index++] ^= le2me_32(0x80 << shift);
 
+	ctx->message[index]   &= le2me_32(~(0xFFFFFFFFu << shift));
 
+	ctx->message[index++] ^= le2me_32(0x80u << shift);
 
 
 	/* if no room left in the message to store 64-bit message length */
 
 	if (index > 14) {