Rewrite CBS_get_asn1_int64 slightly

GCC 13.2.0 has a false positive in -Wstringop-overflow. Oddly, I can
only reproduce it with -O2 -march=native. The old code was also correct,
but this version seems to do a better job of avoiding the warning.
Instead of reversing the variable-length string while sign-extending, we
assemble a big-endian sign-extended version and then do a fixed-width
byte swap at the end.

Fixed: 42290598
Change-Id: I6d5de1e1d6d117f6b5947d3a2155e794764eb472
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/69547
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
Auto-Submit: David Benjamin <davidben@google.com>

1 files changed, 3 insertions, 5 deletions

diff --git a/crypto/bytestring/cbs.c b/crypto/bytestring/cbs.c
index bf94db1..c5f0464 100644
--- a/crypto/bytestring/cbs.c
+++ b/crypto/bytestring/cbs.c
@@ -507,11 +507,9 @@ int CBS_get_asn1_int64(CBS *cbs, int64_t *out) {
     return 0;
   }
   uint8_t sign_extend[sizeof(int64_t)];
-  memset(sign_extend, is_negative ? 0xff : 0, sizeof(sign_extend));
-  for (size_t i = 0; i < len; i++) {
-    sign_extend[i] = data[len - i - 1];
-  }
-  memcpy(out, sign_extend, sizeof(sign_extend));
+  OPENSSL_memset(sign_extend, is_negative ? 0xff : 0, sizeof(sign_extend));
+  OPENSSL_memcpy(sign_extend + sizeof(int64_t) - len, data, len);
+  *out = CRYPTO_load_u64_be(sign_extend);
   return 1;
 }