From 0106c64369268d7b3ba64e42192228559bda7a08 Mon Sep 17 00:00:00 2001
From: Ondrej Kozina <okozina@redhat.com>
Date: Fri, 14 Jun 2019 09:53:32 +0200
Subject: [PATCH] Fix issues reported by valgrind.

keyslot_cipher member leaked after existing LUKS2 context reload.

crypt_keyslot_set_encryption may access freed memory if
crypt_keyslot_get_encryption was previously called with
CRYPT_ANY_SLOT parameter.
---
 lib/setup.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/lib/setup.c b/lib/setup.c
index 5c716064..e839726a 100644
--- a/lib/setup.c
+++ b/lib/setup.c
@@ -705,9 +705,10 @@ static int _crypt_load_luks2(struct crypt_device *cd, int reload, int repair)
 			goto out;
 	}
 
-	if (reload)
+	if (reload) {
 		LUKS2_hdr_free(cd, &cd->u.luks2.hdr);
-	else
+		free(cd->u.luks2.keyslot_cipher);
+	} else
 		cd->type = type;
 
 	r = 0;
@@ -4815,14 +4816,17 @@ int crypt_keyslot_set_encryption(struct crypt_device *cd,
 	const char *cipher,
 	size_t key_size)
 {
+	char *tmp;
+
 	if (!cd || !cipher || ! key_size || !isLUKS2(cd->type))
 		return -EINVAL;
 
 	if (LUKS2_keyslot_cipher_incompatible(cd, cipher))
 		return -EINVAL;
 
+	tmp = strdup(cipher);
 	free(cd->u.luks2.keyslot_cipher);
-	cd->u.luks2.keyslot_cipher = strdup(cipher);
+	cd->u.luks2.keyslot_cipher = tmp;
 	if (!cd->u.luks2.keyslot_cipher)
 		return -ENOMEM;
 	cd->u.luks2.keyslot_key_size = key_size;