From fe153377bd2ddf567523c744d48d094c39089630 Mon Sep 17 00:00:00 2001
From: Tim Rühsen <tim.ruehsen@gmx.de>
Date: Fri, 1 Sep 2017 08:04:48 +0200
Subject: lib/punycode.c (decode_digit): Fix integer overflow

lib/punycode.c (decode_digit): Fix integer overflow

This fix is a backport from libidn2 and addresses
CVE-2017-14062.
---
 libidn/punycode.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/libidn/punycode.c b/libidn/punycode.c
index 93027188ce..49c660184e 100644
--- a/libidn/punycode.c
+++ b/libidn/punycode.c
@@ -78,10 +78,10 @@ enum
 /* point (for use in representing integers) in the range 0 to */
 /* base-1, or base if cp does not represent a value.          */
 
-static punycode_uint
-decode_digit (punycode_uint cp)
+static unsigned
+decode_digit (int cp)
 {
-  return cp - 48 < 10 ? cp - 22 : cp - 65 < 26 ? cp - 65 :
+  return (unsigned) cp - 48 < 10 ? cp - 22 : cp - 65 < 26 ? cp - 65 :
     cp - 97 < 26 ? cp - 97 : base;
 }
 
-- 
cgit v1.2.3-65-gdbad