From 6ab7c326485b4af46a4e45faef2ac7d469df8840 Mon Sep 17 00:00:00 2001 From: Brad King Date: Tue, 15 Apr 2014 09:07:48 -0400 Subject: libarchive: Avoid left-shift overflow of signed integer In libarchive/archive_write_set_format_zip.c there are two calls to archive_le32enc whose second argument is of the form archive_entry_mode(zip->entry) << 16 However, the return type from archive_entry_mode may be a signed integer so the shift may overflow. Since the second argument of archive_le32enc expects uint32_t anyway, simply cast to that prior to shifting. --- Utilities/cmlibarchive/libarchive/archive_write_set_format_zip.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Utilities/cmlibarchive/libarchive/archive_write_set_format_zip.c b/Utilities/cmlibarchive/libarchive/archive_write_set_format_zip.c index d856b2a..157f100 100644 --- a/Utilities/cmlibarchive/libarchive/archive_write_set_format_zip.c +++ b/Utilities/cmlibarchive/libarchive/archive_write_set_format_zip.c @@ -621,7 +621,7 @@ archive_write_zip_header(struct archive_write *a, struct archive_entry *entry) archive_le16enc(zip->file_header + 28, filename_length); /* Following Info-Zip, store mode in the "external attributes" field. */ archive_le32enc(zip->file_header + 38, - archive_entry_mode(zip->entry) << 16); + ((uint32_t)archive_entry_mode(zip->entry)) << 16); e = cd_alloc(zip, filename_length); /* If (e == NULL) XXXX */ copy_path(zip->entry, e); @@ -714,7 +714,7 @@ archive_write_zip_header(struct archive_write *a, struct archive_entry *entry) } if (included & 4) { archive_le32enc(e, /* external file attributes */ - archive_entry_mode(zip->entry) << 16); + ((uint32_t)archive_entry_mode(zip->entry)) << 16); e += 4; } if (included & 8) { -- cgit v0.12