upstream/haproxy
1
0
Fork 0
mirror of https://github.com/haproxy/haproxy.git synced 2026-06-10 09:21:35 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 13

MINOR: quic: Possible overflow in qpack_get_varint()

Browse source 
This should fix CID 375051 in GH 1536 where a signed integer expression (1 << bit)
which could overflow was compared to a uint64_t.
This commit is contained in:
Frédéric Lécaille 2022-02-02 14:56:23 +01:00 committed by Amaury Denoyelle
parent ce2ecc9643
commit 6842485a84
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/qpack-dec.c
View file

@ -67,8 +67,8 @@ static uint64_t qpack_get_varint(const unsigned char **buf, uint64_t *len_in, in
uint8_t shift = 0;
len--;
ret = *raw++ & ((1 << b) - 1);
if (ret != (uint64_t)((1 << b) - 1))
ret = *raw++ & ((1ULL << b) - 1);
if (ret != (uint64_t)((1ULL << b) - 1))
goto end;
while (len && (*raw & 128)) {