ossl_cmp_error_new(): Fix Coverity issue 1486534, and consequently also issues 1486536 and 1486533

The issues are due to an integer overflow that may happen on '(ERR_SYSTEM_FLAG << 1)'. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15938)
author: Dr. David von Oheimb <David.von.Oheimb@siemens.com> 2021-06-28 12:17:25 +0200
committer: Dr. David von Oheimb <dev@ddvo.net> 2021-06-29 13:05:52 +0200
commit: 6eaf139f62001b958861f25c5cebc41c76c579bd (patch)
tree: 78608d71d9e5dd7f836d0540348cb322742f9c8c /crypto/cmp/cmp_msg.c
parent: b2eabccbe52d57f009b351700b472b42195380d9 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/crypto/cmp/cmp_msg.c b/crypto/cmp/cmp_msg.c
index fe4b64d575..4fef006933 100644
--- a/crypto/cmp/cmp_msg.c
+++ b/crypto/cmp/cmp_msg.c
@@ -748,7 +748,8 @@ OSSL_CMP_MSG *ossl_cmp_error_new(OSSL_CMP_CTX *ctx, const OSSL_CMP_PKISI *si,
         goto err;
     if (!ASN1_INTEGER_set_int64(msg->body->value.error->errorCode, errorCode))
         goto err;
-    if (errorCode > 0 && errorCode < (ERR_SYSTEM_FLAG << 1)) {
+    if (errorCode > 0
+            && (uint64_t)errorCode < ((uint64_t)ERR_SYSTEM_FLAG << 1)) {
         lib = ERR_lib_error_string((unsigned long)errorCode);
         reason = ERR_reason_error_string((unsigned long)errorCode);
     }
author	Dr. David von Oheimb <David.von.Oheimb@siemens.com>	2021-06-28 12:17:25 +0200
committer	Dr. David von Oheimb <dev@ddvo.net>	2021-06-29 13:05:52 +0200
commit	6eaf139f62001b958861f25c5cebc41c76c579bd (patch)
tree	78608d71d9e5dd7f836d0540348cb322742f9c8c /crypto/cmp/cmp_msg.c
parent	b2eabccbe52d57f009b351700b472b42195380d9 (diff)