From 8705fa453d4cc966cbe069c41ff6fda3ab038581 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Tue, 28 Jun 2022 19:44:28 +0000
Subject: Negate unsigned then cast to signed.

Avoid undefined behaviour by negating the unsigned value, before casting
to int64_t, rather than casting to int64_t then negating.

Fixes oss-fuzz #48499

ok tb@
---
 src/lib/libcrypto/asn1/a_int.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/libcrypto/asn1/a_int.c b/src/lib/libcrypto/asn1/a_int.c
index 546713ae46..38a2e1cfa5 100644
--- a/src/lib/libcrypto/asn1/a_int.c
+++ b/src/lib/libcrypto/asn1/a_int.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: a_int.c,v 1.41 2022/06/25 15:39:12 jsing Exp $ */
+/* $OpenBSD: a_int.c,v 1.42 2022/06/28 19:44:28 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -207,7 +207,7 @@ asn1_aint_get_int64(CBS *cbs, int negative, int64_t *out_val)
 			ASN1error(ASN1_R_TOO_SMALL);
 			return 0;
 		}
-		*out_val = -(int64_t)val;
+		*out_val = (int64_t)-val;
 	} else {
 		if (val > (uint64_t)INT64_MAX) {
 			ASN1error(ASN1_R_TOO_LARGE);
-- 
cgit v1.2.3-55-g6feb