fix: arc4_getword integer overflow, detected by -fsanitize=undefined

author jackerli(李剑) <jackerli@tencent.com>

Wed, 28 Sep 2022 08:41:59 +0000 (16:41 +0800)

committer Azat Khuzhin <a3at.mail@gmail.com>

Mon, 3 Oct 2022 20:41:33 +0000 (23:41 +0300)
author jackerli(李剑) <jackerli@tencent.com>
Wed, 28 Sep 2022 08:41:59 +0000 (16:41 +0800)
committer Azat Khuzhin <a3at.mail@gmail.com>
Mon, 3 Oct 2022 20:41:33 +0000 (23:41 +0300)
diff --git a/arc4random.c b/arc4random.c

index b5f66b4c6fefe9a26303bfd345f22874fcde5935..c9533b1741d157d20367e31fd667fe73e587652a 100644 (file)
--- a/arc4random.c
+++ b/arc4random.c
@@ -418,7 +418,7 @@ arc4_getword(void)
  {
         unsigned int val;
  
-       val = arc4_getbyte() << 24;
+       val = (unsigned)arc4_getbyte() << 24;
         val |= arc4_getbyte() << 16;
         val |= arc4_getbyte() << 8;
         val |= arc4_getbyte();
author	jackerli(李剑) <jackerli@tencent.com>
	Wed, 28 Sep 2022 08:41:59 +0000 (16:41 +0800)
committer	Azat Khuzhin <a3at.mail@gmail.com>
	Mon, 3 Oct 2022 20:41:33 +0000 (23:41 +0300)