Cast int64_t to uint64_t for negating

Avoid signed integer overflow by casting an int64_t to uint64_t before
negating. Same fix was applied in a_int.c -r1.44, but was forgotten to
be applied to a_enum.c.

ok jsing

diff --git a/lib/libcrypto/asn1/a_enum.c b/lib/libcrypto/asn1/a_enum.c
index 3b6cd9f..b0b8510 100644 (file)
--- a/lib/libcrypto/asn1/a_enum.c
+++ b/lib/libcrypto/asn1/a_enum.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: a_enum.c,v 1.25 2022/07/09 14:46:43 tb Exp $ */
+/* $OpenBSD: a_enum.c,v 1.26 2022/08/10 12:06:28 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -126,14 +126,18 @@ ASN1_ENUMERATED_get_int64(int64_t *out_val, const ASN1_ENUMERATED *aenum)
 int
 ASN1_ENUMERATED_set_int64(ASN1_ENUMERATED *aenum, int64_t val)
 {
+       uint64_t uval;
+
        asn1_aenum_clear(aenum);
 
+       uval = (uint64_t)val;
+
        if (val < 0) {
                aenum->type = V_ASN1_NEG_ENUMERATED;
-               val = -val;
+               uval = -uval;
        }
 
-       return asn1_aint_set_uint64((uint64_t)val, &aenum->data, &aenum->length);
+       return asn1_aint_set_uint64(uval, &aenum->data, &aenum->length);
 }
 
 long