Negate unsigned then cast to signed.

Avoid undefined behaviour by negating the unsigned value, before casting
to int64_t, rather than casting to int64_t then negating.

Fixes oss-fuzz #48499

ok tb@

diff --git a/lib/libcrypto/asn1/a_int.c b/lib/libcrypto/asn1/a_int.c
index 546713a..38a2e1c 100644 (file)
--- a/lib/libcrypto/asn1/a_int.c
+++ b/lib/libcrypto/asn1/a_int.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: a_int.c,v 1.41 2022/06/25 15:39:12 jsing Exp $ */
+/* $OpenBSD: a_int.c,v 1.42 2022/06/28 19:44:28 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -207,7 +207,7 @@ asn1_aint_get_int64(CBS *cbs, int negative, int64_t *out_val)
                        ASN1error(ASN1_R_TOO_SMALL);
                        return 0;
                }
-               *out_val = -(int64_t)val;
+               *out_val = (int64_t)-val;
        } else {
                if (val > (uint64_t)INT64_MAX) {
                        ASN1error(ASN1_R_TOO_LARGE);