eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-13 03:40:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

pbkdf: Do not allow memory cost that cannot be used in size_t

Browse Source 
For 32bit platforms size_t is 32bit integer and unfortunately
our maximum hard limit overflows by 1.

Stop validation if this happens (it cannot be passed to malloc()
and similar functions anyway).

There should be no compatibility change, as such memory
is not allocatable on 32bit anyway.
Other platforms have 64bit size_t.
This commit is contained in:
Milan Broz
2024-12-11 10:43:22 +01:00
parent b201a62987
commit 7cabaa5d70
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/utils_pbkdf.c
View File

@@ -159,6 +159,10 @@ int verify_pbkdf_params(struct crypt_device *cd,
pbkdf_limits.max_memory);
r = -EINVAL;
}
if (1024ULL * pbkdf->max_memory_kb > SIZE_MAX) {
log_err(cd, _("Requested maximum PBKDF memory cost is too high (limited by the integer maximal size)."));
r = -EINVAL;
}
if (!pbkdf->max_memory_kb) {
log_err(cd, _("Requested maximum PBKDF memory cannot be zero."));
r = -EINVAL;