From: jsing <jsing@openbsd.org>
Date: Tue, 28 Jun 2022 19:44:28 +0000 (+0000)
Subject: Negate unsigned then cast to signed.
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=f4623961760b47287063a02d4d923ab12a867863;p=openbsd

Negate unsigned then cast to signed.

Avoid undefined behaviour by negating the unsigned value, before casting
to int64_t, rather than casting to int64_t then negating.

Fixes oss-fuzz #48499

ok tb@
---

diff --git a/lib/libcrypto/asn1/a_int.c b/lib/libcrypto/asn1/a_int.c
index 546713ae46d..38a2e1cfa57 100644
--- a/lib/libcrypto/asn1/a_int.c
+++ b/lib/libcrypto/asn1/a_int.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: a_int.c,v 1.41 2022/06/25 15:39:12 jsing Exp $ */
+/* $OpenBSD: a_int.c,v 1.42 2022/06/28 19:44:28 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -207,7 +207,7 @@ asn1_aint_get_int64(CBS *cbs, int negative, int64_t *out_val)
 			ASN1error(ASN1_R_TOO_SMALL);
 			return 0;
 		}
-		*out_val = -(int64_t)val;
+		*out_val = (int64_t)-val;
 	} else {
 		if (val > (uint64_t)INT64_MAX) {
 			ASN1error(ASN1_R_TOO_LARGE);