[gnome-keyring/wip/dueno/ubsan: 4/5] egg-asn1x: Avoid signed integer overflow

[Daiki Ueno <dueno src gnome org>]

commit 10a3663d10a9326cde76f7cfd7cb57efbd7e5e9c
Author: Daiki Ueno <dueno src gnome org>
Date:   Mon Sep 16 16:33:08 2019 +0200

    egg-asn1x: Avoid signed integer overflow

 egg/egg-asn1x.c | 14 +++++---------
 1 file changed, 5 insertions(+), 9 deletions(-)
---
diff --git a/egg/egg-asn1x.c b/egg/egg-asn1x.c
index b2bc7614..7983b52a 100644
--- a/egg/egg-asn1x.c
+++ b/egg/egg-asn1x.c
@@ -763,7 +763,7 @@ atlv_parse_length (const guchar *at,
                    const guchar *end,
                    gint *off)
 {
-       gint ans, last;
+       gint ans;
        gint k, punt;
        gint n_data;
 
@@ -789,19 +789,15 @@ atlv_parse_length (const guchar *at,
                if (k) {
                        ans = 0;
                        while (punt <= k && punt < n_data) {
-                               last = ans;
-                               ans = ans * 256;
-
                                /* we wrapped around, no bignum support... */
-                               if (ans < last)
+                               if (ans > G_MAXINT / 256)
                                        return -2;
-
-                               last = ans;
-                               ans += at[punt++];
+                               ans = ans * 256;
 
                                /* we wrapped around, no bignum support... */
-                               if (ans < last)
+                               if (ans > G_MAXINT - at[punt])
                                        return -2;
+                               ans += at[punt++];
                        }
 
                /* indefinite length method */