Avoid an undefined shift in ASN1_INTEGER_get().

Fixes oss-fuzz issue #13804

ok beck, jsing

1 files changed, 8 insertions, 4 deletions

diff --git a/src/lib/libcrypto/asn1/a_int.c b/src/lib/libcrypto/asn1/a_int.c
index 1b2ebfb3a9..d14bd7959b 100644
--- a/src/lib/libcrypto/asn1/a_int.c
+++ b/src/lib/libcrypto/asn1/a_int.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: a_int.c,v 1.33 2019/03/26 09:15:07 jsing Exp $ */
+/* $OpenBSD: a_int.c,v 1.34 2019/04/28 05:03:56 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -418,7 +418,7 @@ long
 ASN1_INTEGER_get(const ASN1_INTEGER *a)
 {
         int neg = 0, i;
-        long r = 0;
+        unsigned long r = 0;
 
         if (a == NULL)
                 return (0L);
@@ -442,9 +442,13 @@ ASN1_INTEGER_get(const ASN1_INTEGER *a)
                 r <<= 8;
                 r |= (unsigned char)a->data[i];
         }
+
+        if (r > LONG_MAX)
+                return -1;
+
         if (neg)
-                r = -r;
-        return (r);
+                return -(long)r;
+        return (long)r;
 }
 
 ASN1_INTEGER *