From 68ec4783ef349f19c081b409615ef48bf54724c0 Mon Sep 17 00:00:00 2001
From: rob <rob@openbsd.org>
Date: Fri, 22 Jan 2021 03:20:56 +0000
Subject: [PATCH] Valid integer and enumerated types always have non-zero
 length. Perform check to ensure we avoid a possible (undefined) negative
 shift. Found with clang static analyzer.

Tweaked and OK martijn@
---
 lib/libutil/ber.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/lib/libutil/ber.c b/lib/libutil/ber.c
index 1698aad6147..9768ed3b82a 100644
--- a/lib/libutil/ber.c
+++ b/lib/libutil/ber.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ber.c,v 1.17 2020/09/03 19:09:57 martijn Exp $ */
+/*	$OpenBSD: ber.c,v 1.18 2021/01/22 03:20:56 rob Exp $ */
 
 /*
  * Copyright (c) 2007, 2012 Reyk Floeter <reyk@openbsd.org>
@@ -1258,6 +1258,10 @@ ober_read_element(struct ber *ber, struct ber_element *elm)
 		}
 	case BER_TYPE_INTEGER:
 	case BER_TYPE_ENUMERATED:
+		if (len < 1) {
+			errno = EINVAL;
+			return -1;
+		}
 		if (len > (ssize_t)sizeof(long long)) {
 			errno = ERANGE;
 			return -1;
-- 
2.20.1