Prevent double free with invalid verity partition.

It is possible to trigger a double free with an invalid verity
partition. All it takes is an unknown hash algorithm, which makes it
a bit more likely than a completely broken partition header. But all
it takes is an error return value of VERITY_read_sb() or strdup().

If crypt_load fails before setting cd->type, crypt_free will handle
the union as if it was of type "none", which means it will call free()
for "active_name", a field which is only properly set up when the
type was actually "none".

In all other cases, "active_name" contains the first 4 or 8 bytes of
the actually used header structure. Fortunately it can be only a
pointer or NULL, so an attacker has no direct control of the value.
Nonetheless it can easily trigger a double free.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>

lib/setup.c

@@ -603,6 +603,15 @@ static int _crypt_load_verity(struct crypt_device *cd, struct crypt_params_verit
 	if (r < 0)
 		return r;
 
+	//FIXME: use crypt_free
+	if (!cd->type && !(cd->type = strdup(CRYPT_VERITY))) {
+		free(CONST_CAST(void*)cd->u.verity.hdr.hash_name);
+		free(CONST_CAST(void*)cd->u.verity.hdr.salt);
+		free(cd->u.verity.uuid);
+		crypt_memzero(&cd->u.verity.hdr, sizeof(cd->u.verity.hdr));
+		return -ENOMEM;
+	}
+
 	if (params)
 		cd->u.verity.hdr.flags = params->flags;
 
@@ -611,9 +620,6 @@ static int _crypt_load_verity(struct crypt_device *cd, struct crypt_params_verit
 	if (cd->u.verity.root_hash_size > 4096)
 		return -EINVAL;
 
-	if (!cd->type && !(cd->type = strdup(CRYPT_VERITY)))
-		return -ENOMEM;
-
 	if (params && params->data_device &&
 	    (r = crypt_set_data_device(cd, params->data_device)) < 0)
 		return r;