diff --git a/lib/libdevmapper.c b/lib/libdevmapper.c index 3eae753e..082f6cec 100644 --- a/lib/libdevmapper.c +++ b/lib/libdevmapper.c @@ -2971,11 +2971,17 @@ int dm_resume_and_reinstate_key(struct crypt_device *cd, const char *name, } strcpy(msg, "key set "); - if (!vk->keylength) - snprintf(msg + 8, msg_size - 8, "-"); - else if (vk->key_description) - snprintf(msg + 8, msg_size - 8, ":%zu:logon:%s", vk->keylength, vk->key_description); - else + if (!vk->keylength) { + if (snprintf(msg + 8, msg_size - 8, "-") < 0) { + r = -EINVAL; + goto out; + } + } else if (vk->key_description) { + if (snprintf(msg + 8, msg_size - 8, ":%zu:logon:%s", vk->keylength, vk->key_description) < 0) { + r = -EINVAL; + goto out; + } + } else hex_key(&msg[8], vk->keylength, vk->key); if (!_dm_message(name, msg) || diff --git a/lib/luks2/luks2_json_metadata.c b/lib/luks2/luks2_json_metadata.c index dc8c36c4..4c860f25 100644 --- a/lib/luks2/luks2_json_metadata.c +++ b/lib/luks2/luks2_json_metadata.c @@ -1740,7 +1740,8 @@ static void hdr_dump_keyslots(struct crypt_device *cd, json_object *hdr_jobj) json_object_object_get_ex(hdr_jobj, "keyslots", &keyslots_jobj); for (j = 0; j < LUKS2_KEYSLOTS_MAX; j++) { - (void) snprintf(slot, sizeof(slot), "%i", j); + if (snprintf(slot, sizeof(slot), "%i", j) < 0) + slot[0] = '\0'; json_object_object_get_ex(keyslots_jobj, slot, &val); if (!val) continue; @@ -1782,7 +1783,8 @@ static void hdr_dump_tokens(struct crypt_device *cd, json_object *hdr_jobj) json_object_object_get_ex(hdr_jobj, "tokens", &tokens_jobj); for (j = 0; j < LUKS2_TOKENS_MAX; j++) { - (void) snprintf(token, sizeof(token), "%i", j); + if (snprintf(token, sizeof(token), "%i", j) < 0) + token[0] = '\0'; json_object_object_get_ex(tokens_jobj, token, &val); if (!val) continue; @@ -1812,7 +1814,8 @@ static void hdr_dump_segments(struct crypt_device *cd, json_object *hdr_jobj) json_object_object_get_ex(hdr_jobj, "segments", &jobj_segments); for (i = 0; i < LUKS2_SEGMENT_MAX; i++) { - (void) snprintf(segment, sizeof(segment), "%i", i); + if (snprintf(segment, sizeof(segment), "%i", i) < 0) + segment[0] = '\0'; if (!json_object_object_get_ex(jobj_segments, segment, &jobj_segment)) continue; @@ -1867,7 +1870,8 @@ static void hdr_dump_digests(struct crypt_device *cd, json_object *hdr_jobj) json_object_object_get_ex(hdr_jobj, "digests", &jobj1); for (i = 0; i < LUKS2_DIGEST_MAX; i++) { - (void) snprintf(key, sizeof(key), "%i", i); + if (snprintf(key, sizeof(key), "%i", i) < 0) + key[0] = '\0'; json_object_object_get_ex(jobj1, key, &val); if (!val) continue; diff --git a/lib/luks2/luks2_luks1_convert.c b/lib/luks2/luks2_luks1_convert.c index 3dfc19a6..c7871a09 100644 --- a/lib/luks2/luks2_luks1_convert.c +++ b/lib/luks2/luks2_luks1_convert.c @@ -75,7 +75,11 @@ static int json_luks1_keyslot(const struct luks_phdr *hdr_v1, int keyslot, struc /* encryption algorithm field */ if (*hdr_v1->cipherMode != '\0') { - (void) snprintf(cipher, sizeof(cipher), "%s-%s", hdr_v1->cipherName, hdr_v1->cipherMode); + if (snprintf(cipher, sizeof(cipher), "%s-%s", hdr_v1->cipherName, hdr_v1->cipherMode) < 0) { + json_object_put(keyslot_obj); + json_object_put(jobj_area); + return -EINVAL; + } json_object_object_add(jobj_area, "encryption", json_object_new_string(cipher)); } else json_object_object_add(jobj_area, "encryption", json_object_new_string(hdr_v1->cipherName)); @@ -169,7 +173,10 @@ static int json_luks1_segment(const struct luks_phdr *hdr_v1, struct json_object /* cipher field */ if (*hdr_v1->cipherMode != '\0') { - (void) snprintf(cipher, sizeof(cipher), "%s-%s", hdr_v1->cipherName, hdr_v1->cipherMode); + if (snprintf(cipher, sizeof(cipher), "%s-%s", hdr_v1->cipherName, hdr_v1->cipherMode) < 0) { + json_object_put(segment_obj); + return -EINVAL; + } c = cipher; } else c = hdr_v1->cipherName; @@ -243,7 +250,12 @@ static int json_luks1_digest(const struct luks_phdr *hdr_v1, struct json_object for (ks = 0; ks < LUKS_NUMKEYS; ks++) { if (hdr_v1->keyblock[ks].active != LUKS_KEY_ENABLED) continue; - (void) snprintf(keyslot_str, sizeof(keyslot_str), "%d", ks); + if (snprintf(keyslot_str, sizeof(keyslot_str), "%d", ks) < 0) { + json_object_put(field); + json_object_put(array); + json_object_put(digest_obj); + return -EINVAL; + } field = json_object_new_string(keyslot_str); if (!field || json_object_array_add(array, field) < 0) { diff --git a/lib/tcrypt/tcrypt.c b/lib/tcrypt/tcrypt.c index e61beb80..f9eb13f7 100644 --- a/lib/tcrypt/tcrypt.c +++ b/lib/tcrypt/tcrypt.c @@ -827,7 +827,10 @@ int TCRYPT_activate(struct crypt_device *cd, strncpy(dm_name, name, sizeof(dm_name)-1); dmd.flags = flags; } else { - snprintf(dm_name, sizeof(dm_name), "%s_%d", name, i-1); + if (snprintf(dm_name, sizeof(dm_name), "%s_%d", name, i-1) < 0) { + r = -EINVAL; + break; + } dmd.flags = flags | CRYPT_ACTIVATE_PRIVATE; } @@ -835,8 +838,10 @@ int TCRYPT_activate(struct crypt_device *cd, vk->key, hdr->d.keys); if (algs->chain_count != i) { - snprintf(dm_dev_name, sizeof(dm_dev_name), "%s/%s_%d", - dm_get_dir(), name, i); + if (snprintf(dm_dev_name, sizeof(dm_dev_name), "%s/%s_%d", dm_get_dir(), name, i) < 0) { + r = -EINVAL; + break; + } r = device_alloc(cd, &device, dm_dev_name); if (r) break; diff --git a/src/cryptsetup.c b/src/cryptsetup.c index b9437a42..86535cc6 100644 --- a/src/cryptsetup.c +++ b/src/cryptsetup.c @@ -2956,7 +2956,8 @@ static void help_args(struct action_type *action, poptContext popt_context) { char buf[128]; - snprintf(buf, sizeof(buf), _("%s: requires %s as arguments"), action->type, action->arg_desc); + if (snprintf(buf, sizeof(buf), _("%s: requires %s as arguments"), action->type, action->arg_desc) < 0) + buf[0] = '\0'; usage(popt_context, EXIT_FAILURE, buf, poptGetInvocationName(popt_context)); } diff --git a/src/integritysetup.c b/src/integritysetup.c index 69d17f39..67521998 100644 --- a/src/integritysetup.c +++ b/src/integritysetup.c @@ -527,8 +527,9 @@ static void basic_options_cb(poptContext popt_context, /* fall through */ case OPT_JOURNAL_CRYPT_KEY_SIZE_ID: if (ARG_UINT32(key->val) > (DEFAULT_INTEGRITY_KEYFILE_SIZE_MAXKB * 1024)) { - snprintf(msg, sizeof(msg), _("Invalid --%s size. Maximum is %u bytes."), - key->longName, DEFAULT_INTEGRITY_KEYFILE_SIZE_MAXKB * 1024); + if (snprintf(msg, sizeof(msg), _("Invalid --%s size. Maximum is %u bytes."), + key->longName, DEFAULT_INTEGRITY_KEYFILE_SIZE_MAXKB * 1024) < 0) + msg[0] = '\0'; usage(popt_context, EXIT_FAILURE, msg, poptGetInvocationName(popt_context)); } @@ -617,7 +618,8 @@ int main(int argc, const char **argv) if (action_argc < action->required_action_argc) { char buf[128]; - snprintf(buf, 128,_("%s: requires %s as arguments"), action->type, action->arg_desc); + if (snprintf(buf, 128,_("%s: requires %s as arguments"), action->type, action->arg_desc) < 0) + buf[0] ='\0'; usage(popt_context, EXIT_FAILURE, buf, poptGetInvocationName(popt_context)); } diff --git a/src/utils_args.c b/src/utils_args.c index a892455f..b7971922 100644 --- a/src/utils_args.c +++ b/src/utils_args.c @@ -62,7 +62,8 @@ void tools_parse_arg_value(poptContext popt_context, crypt_arg_type_info type, s /* special size strings with units converted to integers */ if (needs_size_conv_fn && needs_size_conv_fn(popt_val)) { if (tools_string_to_size(popt_arg, &arg->u.u64_value)) { - snprintf(msg, sizeof(msg), _("Invalid size specification in parameter --%s."), arg->name); + if (snprintf(msg, sizeof(msg), _("Invalid size specification in parameter --%s."), arg->name) < 0) + msg[0] = '\0'; usage(popt_context, EXIT_FAILURE, msg, poptGetInvocationName(popt_context)); } @@ -118,7 +119,8 @@ void tools_check_args(const char *action, const struct tools_arg *args, size_t a if (action_allowed(action, args[i].actions_array, MAX_ACTIONS)) { continue; } else { - (void)snprintf(msg, sizeof(msg), _("Option --%s is not allowed with %s action."), args[i].name, action); + if (snprintf(msg, sizeof(msg), _("Option --%s is not allowed with %s action."), args[i].name, action) < 0) + msg[0] = '\0'; usage(popt_context, EXIT_FAILURE, msg, poptGetInvocationName(popt_context)); } } diff --git a/src/utils_blockdev.c b/src/utils_blockdev.c index 00babe5e..53c178a4 100644 --- a/src/utils_blockdev.c +++ b/src/utils_blockdev.c @@ -48,9 +48,10 @@ static int dm_prepare_uuid(const char *type, const char *uuid, char *buf, size_t } } - snprintf(buf, buflen, DM_UUID_PREFIX "%s%s%s%s", - type ?: "", type ? "-" : "", - uuid2[0] ? uuid2 : "", uuid2[0] ? "-" : ""); + if (snprintf(buf, buflen, DM_UUID_PREFIX "%s%s%s%s", + type ?: "", type ? "-" : "", + uuid2[0] ? uuid2 : "", uuid2[0] ? "-" : "") < 0) + return 0; return 1; } diff --git a/src/utils_password.c b/src/utils_password.c index 67e94636..49ced264 100644 --- a/src/utils_password.c +++ b/src/utils_password.c @@ -280,14 +280,18 @@ int tools_get_key(const char *prompt, if (keyfile_offset) { log_err(_("Cannot use offset with terminal input.")); } else { + r = 0; if (!prompt && !crypt_get_device_name(cd)) - snprintf(tmp, sizeof(tmp), _("Enter passphrase: ")); + r = snprintf(tmp, sizeof(tmp), _("Enter passphrase: ")); else if (!prompt) { backing_file = crypt_loop_backing_file(crypt_get_device_name(cd)); - snprintf(tmp, sizeof(tmp), _("Enter passphrase for %s: "), backing_file ?: crypt_get_device_name(cd)); + r = snprintf(tmp, sizeof(tmp), _("Enter passphrase for %s: "), backing_file ?: crypt_get_device_name(cd)); free(backing_file); } - r = crypt_get_key_tty(prompt ?: tmp, key, key_size, timeout, verify); + if (r >= 0) + r = crypt_get_key_tty(prompt ?: tmp, key, key_size, timeout, verify); + else + r = -EINVAL; } } else { log_dbg("STDIN descriptor passphrase entry requested."); diff --git a/src/utils_reencrypt_luks1.c b/src/utils_reencrypt_luks1.c index b21efd28..42ac2cda 100644 --- a/src/utils_reencrypt_luks1.c +++ b/src/utils_reencrypt_luks1.c @@ -211,11 +211,12 @@ static int write_log(struct reenc_ctx *rc) ssize_t r; memset(rc->log_buf, 0, SECTOR_SIZE); - snprintf(rc->log_buf, SECTOR_SIZE, "# LUKS reencryption log, DO NOT EDIT OR DELETE.\n" - "version = %d\nUUID = %s\ndirection = %d\nmode = %d\n" - "offset = %" PRIu64 "\nshift = %" PRIu64 "\n# EOF\n", - 2, rc->device_uuid, rc->reencrypt_direction, rc->reencrypt_mode, - rc->device_offset, rc->device_shift); + if (snprintf(rc->log_buf, SECTOR_SIZE, "# LUKS reencryption log, DO NOT EDIT OR DELETE.\n" + "version = %d\nUUID = %s\ndirection = %d\nmode = %d\n" + "offset = %" PRIu64 "\nshift = %" PRIu64 "\n# EOF\n", + 2, rc->device_uuid, rc->reencrypt_direction, rc->reencrypt_mode, + rc->device_offset, rc->device_shift) < 0) + return -EINVAL; if (lseek(rc->log_fd, 0, SEEK_SET) == -1) return -EIO; diff --git a/src/veritysetup.c b/src/veritysetup.c index 0e591bd9..ad3ce321 100644 --- a/src/veritysetup.c +++ b/src/veritysetup.c @@ -634,7 +634,8 @@ int main(int argc, const char **argv) if (action_argc < action->required_action_argc) { char buf[128]; - snprintf(buf, 128,_("%s: requires %s as arguments"), action->type, action->arg_desc); + if (snprintf(buf, 128,_("%s: requires %s as arguments"), action->type, action->arg_desc) < 0) + buf[0] = '\0'; usage(popt_context, EXIT_FAILURE, buf, poptGetInvocationName(popt_context)); } diff --git a/tokens/ssh/libcryptsetup-token-ssh.c b/tokens/ssh/libcryptsetup-token-ssh.c index 4969490e..a1a93d40 100644 --- a/tokens/ssh/libcryptsetup-token-ssh.c +++ b/tokens/ssh/libcryptsetup-token-ssh.c @@ -135,14 +135,14 @@ void cryptsetup_token_dump(struct crypt_device *cd, const char *json) json_object_object_get_ex(jobj_token, "ssh_path", &jobj_path); json_object_object_get_ex(jobj_token, "ssh_keypath",&jobj_keypath); - snprintf(buf, sizeof(buf) - 1, "\tssh_server: %s\n\tssh_user: %s\n" - "\tssh_path: %s\n\tssh_key_path: %s\n", - json_object_get_string(jobj_server), - json_object_get_string(jobj_user), - json_object_get_string(jobj_path), - json_object_get_string(jobj_keypath)); + if (snprintf(buf, sizeof(buf) - 1, "\tssh_server: %s\n\tssh_user: %s\n" + "\tssh_path: %s\n\tssh_key_path: %s\n", + json_object_get_string(jobj_server), + json_object_get_string(jobj_user), + json_object_get_string(jobj_path), + json_object_get_string(jobj_keypath)) > 0) + crypt_log(cd, CRYPT_LOG_NORMAL, buf); - crypt_log(cd, CRYPT_LOG_NORMAL, buf); json_object_put(jobj_token); }