Fix integer overflow in QCryptographicHash's SHA-3 support

Because 256 MB * 8 = 2 Gbit, but length*8 is a signed integer overflow,
hence UB.

Can't really autotest this. Not all systems where we're going to test
can allocate 256 MB of RAM.

[ChangeLog][QtCore][QCryptographicHash] Fixed a bug that caused the
SHA-3 and Keccak algorithms to crash if passed 256 MB of data or more.

Fixes: QTBUG-77362
Change-Id: Iec9c051acd73484c8d94fffd15b91f4b1450f5d7
Reviewed-by: Marc Mutz <marc.mutz@kdab.com>

1 files changed, 4 insertions, 4 deletions

diff --git a/src/corelib/tools/qcryptographichash.cpp b/src/corelib/tools/qcryptographichash.cpp
index 3c79bb797d..51f48503fb 100644
--- a/src/corelib/tools/qcryptographichash.cpp
+++ b/src/corelib/tools/qcryptographichash.cpp
@@ -387,19 +387,19 @@ void QCryptographicHash::addData(const char *data, int length)
         break;
     case RealSha3_224:
     case Keccak_224:
-        sha3Update(&d->sha3Context, reinterpret_cast<const BitSequence *>(data), length*8);
+        sha3Update(&d->sha3Context, reinterpret_cast<const BitSequence *>(data), quint64(length) * 8);
         break;
     case RealSha3_256:
     case Keccak_256:
-        sha3Update(&d->sha3Context, reinterpret_cast<const BitSequence *>(data), length*8);
+        sha3Update(&d->sha3Context, reinterpret_cast<const BitSequence *>(data), quint64(length) * 8);
         break;
     case RealSha3_384:
     case Keccak_384:
-        sha3Update(&d->sha3Context, reinterpret_cast<const BitSequence *>(data), length*8);
+        sha3Update(&d->sha3Context, reinterpret_cast<const BitSequence *>(data), quint64(length) * 8);
         break;
     case RealSha3_512:
     case Keccak_512:
-        sha3Update(&d->sha3Context, reinterpret_cast<const BitSequence *>(data), length*8);
+        sha3Update(&d->sha3Context, reinterpret_cast<const BitSequence *>(data), quint64(length) * 8);
         break;
 #endif
     }