eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-05 16:00:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

Harden LUKS2 volume key compare helper.

Browse Source
This commit is contained in:
Ondrej Kozina
2024-11-29 14:26:15 +01:00
committed by Milan Broz
parent 6123ea2e0b
commit 9e0bcedbaa
1 changed files with 9 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
lib/setup.c
View File

@@ -3215,10 +3215,15 @@ static int _compare_volume_keys_luks2(struct volume_key *svk, struct volume_key
if (crypt_volume_key_length(svk) != crypt_volume_key_length(tvk))
return 1;
if (crypt_volume_key_is_set(svk) && crypt_volume_key_is_set(tvk))
return crypt_backend_memeq(crypt_volume_key_get_key(svk),
if ((!crypt_volume_key_is_set(svk) && !crypt_volume_key_description(svk)) ||
(!crypt_volume_key_is_set(tvk) && !crypt_volume_key_description(tvk)))
return 1;
if (crypt_volume_key_is_set(svk) && crypt_volume_key_is_set(tvk) &&
crypt_backend_memeq(crypt_volume_key_get_key(svk),
crypt_volume_key_get_key(tvk),
crypt_volume_key_length(svk));
crypt_volume_key_length(svk)))
return 1;
if (crypt_volume_key_description(svk) && crypt_volume_key_description(tvk))
return (crypt_volume_key_kernel_key_type(svk) != crypt_volume_key_kernel_key_type(tvk) ||