From cfc85543bc7509e0e7c9975a69ad11fecff6dde5 Mon Sep 17 00:00:00 2001
From: cancername <93018402+sus-impost0r@users.noreply.github.com>
Date: Mon, 31 Jul 2023 21:37:15 +0200
Subject: [PATCH] Fix some UB

caused by shifting such that the value becomes unrepresentable and
overflow respectively
---
 com_msg.c  | 8 ++++----
 r_shadow.c | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/com_msg.c b/com_msg.c
index f2110d17..1da366af 100644
--- a/com_msg.c
+++ b/com_msg.c
@@ -39,13 +39,13 @@ float BuffBigFloat (const unsigned char *buffer)
 		unsigned int i;
 	}
 	u;
-	u.i = (buffer[0] << 24) | (buffer[1] << 16) | (buffer[2] << 8) | buffer[3];
+	u.i = ((unsigned)buffer[0] << 24) | (buffer[1] << 16) | (buffer[2] << 8) | buffer[3];
 	return u.f;
 }
 
 int BuffBigLong (const unsigned char *buffer)
 {
-	return (buffer[0] << 24) | (buffer[1] << 16) | (buffer[2] << 8) | buffer[3];
+	return ((unsigned)buffer[0] << 24) | (buffer[1] << 16) | (buffer[2] << 8) | buffer[3];
 }
 
 short BuffBigShort (const unsigned char *buffer)
@@ -61,13 +61,13 @@ float BuffLittleFloat (const unsigned char *buffer)
 		unsigned int i;
 	}
 	u;
-	u.i = (buffer[3] << 24) | (buffer[2] << 16) | (buffer[1] << 8) | buffer[0];
+	u.i = ((unsigned)buffer[3] << 24) | (buffer[2] << 16) | (buffer[1] << 8) | buffer[0];
 	return u.f;
 }
 
 int BuffLittleLong (const unsigned char *buffer)
 {
-	return (buffer[3] << 24) | (buffer[2] << 16) | (buffer[1] << 8) | buffer[0];
+	return ((unsigned)buffer[3] << 24) | (buffer[2] << 16) | (buffer[1] << 8) | buffer[0];
 }
 
 short BuffLittleShort (const unsigned char *buffer)
diff --git a/r_shadow.c b/r_shadow.c
index 7363602a..3f77792d 100644
--- a/r_shadow.c
+++ b/r_shadow.c
@@ -1226,7 +1226,7 @@ static unsigned int R_Shadow_MakeTextures_SamplePoint(float x, float y, float z)
 	float dist = sqrt(x*x+y*y+z*z);
 	float intensity = dist < 1 ? ((1.0f - dist) * r_shadow_lightattenuationlinearscale.value / (r_shadow_lightattenuationdividebias.value + dist*dist)) : 0;
 	// note this code could suffer byte order issues except that it is multiplying by an integer that reads the same both ways
-	return (unsigned char)bound(0, intensity * 256.0f, 255) * 0x01010101;
+	return ((unsigned int)bound(0, intensity * 256.0f, 255)) * 0x01010101U;
 }
 
 static void R_Shadow_MakeTextures(void)
-- 
2.39.2