From a1111c7aa0ff267427bba440cc38bbf765d4cb1c Mon Sep 17 00:00:00 2001
From: Ondrej Kozina <okozina@redhat.com>
Date: Thu, 25 Jul 2019 14:10:01 +0200
Subject: [PATCH] Tighten reencryption direction field validation.

---
 lib/luks2/luks2_keyslot_reenc.c | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/lib/luks2/luks2_keyslot_reenc.c b/lib/luks2/luks2_keyslot_reenc.c
index 64c11dcb..94c92d8d 100644
--- a/lib/luks2/luks2_keyslot_reenc.c
+++ b/lib/luks2/luks2_keyslot_reenc.c
@@ -256,8 +256,8 @@ static int reenc_keyslot_dump(struct crypt_device *cd, int keyslot)
 
 static int reenc_keyslot_validate(struct crypt_device *cd, json_object *jobj_keyslot)
 {
-	json_object *jobj_mode, *jobj_area, *jobj_type, *jobj_shift_size, *jobj_hash, *jobj_sector_size;
-	const char *mode, *type;
+	json_object *jobj_mode, *jobj_area, *jobj_type, *jobj_shift_size, *jobj_hash, *jobj_sector_size, *jobj_direction;
+	const char *mode, *type, *direction;
 	uint32_t sector_size;
 	uint64_t shift_size;
 
@@ -277,12 +277,14 @@ static int reenc_keyslot_validate(struct crypt_device *cd, json_object *jobj_key
 		return -EINVAL;
 
 	jobj_mode = json_contains(cd, jobj_keyslot, "", "reencrypt keyslot", "mode", json_type_string);
+	jobj_direction = json_contains(cd, jobj_keyslot, "", "reencrypt keyslot", "direction", json_type_string);
 
-	if (!jobj_mode || !json_contains(cd, jobj_keyslot, "", "reencrypt keyslot", "direction", json_type_string))
+	if (!jobj_mode || !jobj_direction)
 		return -EINVAL;
 
 	mode = json_object_get_string(jobj_mode);
 	type = json_object_get_string(jobj_type);
+	direction = json_object_get_string(jobj_direction);
 
 	if (strcmp(mode, "reencrypt") && strcmp(mode, "encrypt") &&
 	    strcmp(mode, "decrypt")) {
@@ -290,6 +292,11 @@ static int reenc_keyslot_validate(struct crypt_device *cd, json_object *jobj_key
 		return -EINVAL;
 	}
 
+	if (strcmp(direction, "forward") && strcmp(direction, "backward")) {
+		log_dbg(cd, "Illegal reencrypt direction %s.", direction);
+		return -EINVAL;
+	}
+
 	if (!strcmp(type, "checksum")) {
 		jobj_hash = json_contains(cd, jobj_area, "type:checksum", "Keyslot area", "hash", json_type_string);
 		jobj_sector_size = json_contains(cd, jobj_area, "type:checksum", "Keyslot area", "sector_size", json_type_int);