eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-05 16:00:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

Avoid integer overflows during memory allocation.

Browse Source 
It is possible to overflow integers during memory allocation with
insanely large "key bytes" specified in a LUKS header.

Although it could be argued to properly validate LUKS headers while
parsing them, it's still a good idea to fix any form of possible
overflow attacks against cryptsetup in these allocation functions.
This commit is contained in:
Tobias Stoeckmann
2016-07-02 20:17:25 +02:00
committed by Milan Broz
parent 67d55d08f8
commit a0587d4307
3 changed files with 10 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
lib/volumekey.c
View File

@@ -20,14 +20,19 @@
*/
#include <string.h>
#include <stdint.h>
#include <stdlib.h>
#include "internal.h"
struct volume_key *crypt_alloc_volume_key(unsigned keylength, const char *key)
struct volume_key *crypt_alloc_volume_key(size_t keylength, const char *key)
{
struct volume_key *vk = malloc(sizeof(*vk) + keylength);
struct volume_key *vk;
if (!keylength || keylength > (SIZE_MAX - sizeof(*vk)))
return NULL;
vk = malloc(sizeof(*vk) + keylength);
if (!vk)
return NULL;