Fix issues found by Coverity scan.

- possible overflow of data offset calculation in wipe and - dereferencing of pointer in a keyring error path.
2025-12-11 19:00:02 +01:00 · 2018-10-14 21:47:11 +02:00
parent 202aeece3c
commit 27eaf46c8a
2 changed files with 3 additions and 2 deletions
--- a/lib/luks1/keymanage.c
+++ b/lib/luks1/keymanage.c
@@ -1220,7 +1220,7 @@ int LUKS_wipe_header_areas(struct luks_phdr *hdr,

 	/* Wipe complete header, keyslots and padding aread with zeroes. */
 	offset = 0;
-	length = hdr->payloadOffset * SECTOR_SIZE;
+	length = (uint64_t)hdr->payloadOffset * SECTOR_SIZE;
 	wipe_block = 1024 * 1024;

 	/* On detached header or bogus header, wipe at least the first 4k */
--- a/lib/utils_keyring.c
+++ b/lib/utils_keyring.c
@@ -133,6 +133,7 @@ int keyring_get_passphrase(const char *key_desc,

 	if (ret < 0) {
 		err = errno;
+		if (buf)
 			crypt_memzero(buf, len);
 		free(buf);
 		return -err;