eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-14 20:30:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix off-by-one error in reencryption keyslots count check.

Browse Source
This commit is contained in:
Ondrej Kozina
2019-06-14 09:03:45 +02:00
parent 961cc6a6d3
commit 550b3ee1d3
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/cryptsetup.c
View File

@@ -2874,13 +2874,13 @@ static int _check_luks2_keyslots(struct crypt_device *cd)
}
/* at least one keyslot for reencryption plus new volume key */
if (active + unbound >= max - 2) {
if (active + unbound > max - 2) {
log_err(_("Not enough free keyslots for reencryption."));
return -EINVAL;
}
if ((opt_key_slot == CRYPT_ANY_SLOT) &&
(2 * active + unbound + 1 >= max)) {
(2 * active + unbound > max - 1)) {
log_err(_("Not enough free keyslots for reencryption."));
return -EINVAL;
}