evtag: detect tags over 32-bits earlier

diff --git a/event_tagging.c b/event_tagging.c
index 7edd3da5d956122e669232d1c0a26195be8d5d1d..aef337833e5306db62b208e329c1c60d851445ec 100644 (file)
--- a/event_tagging.c
+++ b/event_tagging.c
@@ -210,7 +210,14 @@ decode_tag_internal(ev_uint32_t *ptag, struct evbuffer *evbuf, int dodrain)
 
        while (count++ < len) {
                ev_uint8_t lower = *data++;
-               number |= (lower & 0x7f) << shift;
+               if (shift >= 28) {
+                       /* Make sure it fits into 32 bits */
+                       if (shift > 28)
+                               return (-1);
+                       if ((lower & 0x7f) > 15)
+                               return (-1);
+               }
+               number |= (lower & (unsigned)0x7f) << shift;
                shift += 7;
 
                if (!(lower & 0x80)) {