From 3f20b04e426b33c731b41afa38d18096627030a0 Mon Sep 17 00:00:00 2001
From: Ondrej Kozina <okozina@redhat.com>
Date: Tue, 25 Aug 2020 19:32:48 +0200
Subject: [PATCH] Avoid needlessly large allocations in LUKS2 validation code.

In case LUKS2 backup segment creates gap in between last regular
segment and backup segment report invalid metadata imediately. We stop
on first error so there's no need to allocate large memory on heap
(we may ran with mlock(MCL_FUTURE) set).

Example:
- total segments count is 3
- regular segments have keys "0" and "1"
- first backup segment has key "42"
---
 lib/luks2/luks2_json_metadata.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/lib/luks2/luks2_json_metadata.c b/lib/luks2/luks2_json_metadata.c
index e8095fce..20a34c70 100644
--- a/lib/luks2/luks2_json_metadata.c
+++ b/lib/luks2/luks2_json_metadata.c
@@ -676,10 +676,16 @@ static int hdr_validate_segments(struct crypt_device *cd, json_object *hdr_jobj)
 		return 1;
 	}
 
+	/* avoid needlessly large allocation when first backup segment is invalid */
+	if (first_backup >= count) {
+		log_dbg(cd, "Gap between last regular segment and backup segment at key %d.", first_backup);
+		return 1;
+	}
+
 	if (first_backup < 0)
 		first_backup = count;
 
-	if (first_backup <= count && (size_t)first_backup < SIZE_MAX / sizeof(*intervals))
+	if ((size_t)first_backup < SIZE_MAX / sizeof(*intervals))
 		intervals = malloc(first_backup * sizeof(*intervals));
 	else
 		intervals = NULL;