[openssh-commits] [openssh] 04/04: upstream rev 1.27: fix integer overflow.
git+noreply at mindrot.org
git+noreply at mindrot.org
Fri Jun 14 14:23:16 AEST 2019
This is an automated email from the git hooks/post-receive script.
dtucker pushed a commit to branch master
in repository openssh.
commit adcaf40fd0a180e6cb5798317fdf479b52e3c09a
Author: Darren Tucker <dtucker at dtucker.net>
Date: Sat Jun 8 09:07:04 2019 +1000
upstream rev 1.27: fix integer overflow.
Cast bitcount to u_in64_t before bit shifting to prevent integer overflow
on 32bit platforms which cause incorrect results when adding a block
>=512M in size. sha1 patch from ante84 at gmail.com via openssh github,
sha2 with djm@, ok tedu@
---
openbsd-compat/sha1.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/openbsd-compat/sha1.c b/openbsd-compat/sha1.c
index 2089ec34..73f89748 100644
--- a/openbsd-compat/sha1.c
+++ b/openbsd-compat/sha1.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sha1.c,v 1.26 2015/09/11 09:18:27 guenther Exp $ */
+/* $OpenBSD: sha1.c,v 1.27 2019/06/07 22:56:36 dtucker Exp $ */
/*
* SHA-1 in C
@@ -131,7 +131,7 @@ SHA1Update(SHA1_CTX *context, const u_int8_t *data, size_t len)
size_t i, j;
j = (size_t)((context->count >> 3) & 63);
- context->count += (len << 3);
+ context->count += ((u_int64_t)len << 3);
if ((j + len) > 63) {
(void)memcpy(&context->buffer[j], data, (i = 64-j));
SHA1Transform(context->state, context->buffer);
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list