Prevent sign extension when parsing large packet sizes

A 2GB+ packet is likely to be a mistake, but in the event it was
legitimate sign extension could result in a much larger amount of
memory being allocated (and probably failing). Fix this by trying
to ensure we're doing an unsigned left shift.

diff --git a/parsekey.c b/parsekey.c
index ed61e24d16be5e556a527cfbfa80bc4f10e6beaa..6255ab8bd3aa6dd94643792fb881676d5cdde949 100644 (file)
--- a/parsekey.c
+++ b/parsekey.c
@@ -308,7 +308,7 @@ onak_status_t read_openpgp_stream(int (*getchar_func)(void *ctx, size_t count,
                                                break;
                                        }
                                        curpacket->packet->length = 
-                                               (curchar << 24);
+                                               ((unsigned) curchar << 24);
                                        if (getchar_func(ctx, 1, &curchar)) {
                                                rc = ONAK_E_INVALID_PKT;
                                                break;