Merge remote-tracking branch 'origin/pr/2094' into mbedtls-2.7
* origin/pr/2094:
Adapt ChangeLog
Add parentheses about parameter of MBEDTLS_X509_ID_FLAG
diff --git a/ChangeLog b/ChangeLog
index ea73951..f185b3c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -31,6 +31,10 @@
GCM and CCM were not affected. Fixed by Jack Lloyd.
* Fix incorrect default port number in ssl_mail_client example's usage.
Found and fixed by irwir. #2337
+ * Add missing parentheses around parameters in the definition of the
+ public macro MBEDTLS_X509_ID_FLAG. This could lead to invalid evaluation
+ in case operators binding less strongly than subtraction were used
+ for the parameter.
Changes
* Return from various debugging routines immediately if the
diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
index 2c3c758..e72231e 100644
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h
@@ -98,7 +98,7 @@
* Build flag from an algorithm/curve identifier (pk, md, ecp)
* Since 0 is always XXX_NONE, ignore it.
*/
-#define MBEDTLS_X509_ID_FLAG( id ) ( 1 << ( id - 1 ) )
+#define MBEDTLS_X509_ID_FLAG( id ) ( 1 << ( ( id ) - 1 ) )
/**
* Security profile for certificate verification.