Update md5.c

The read from data is promoted to int, and so the left shift by 24 in md5.c may cause signed overflow. This requires cast to an unsigned int: B-Con#33
taeasy · Jul 13, 2024 · a4c9953 · a4c9953
1 parent 7752b1e
commit a4c9953
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/md5.c b/md5.c
@@ -40,7 +40,7 @@ void md5_transform(MD5_CTX *ctx, const BYTE data[])
 	// endian byte order CPU. Reverse all the bytes upon input, and re-reverse them
 	// on output (in md5_final()).
 	for (i = 0, j = 0; i < 16; ++i, j += 4)
-		m[i] = (data[j]) + (data[j + 1] << 8) + (data[j + 2] << 16) + (data[j + 3] << 24);
+		m[i] = (data[j]) + (data[j + 1] << 8) + (data[j + 2] << 16) + ((WORD)data[j + 3] << 24);
 
 	a = ctx->state[0];
 	b = ctx->state[1];