Fix possible keyslot area size overflow during convert to LUKS2

If keyslots are not sorted according to binary area offset, the calculation of area size is wrong and can overflow (LUKS1 does not store area size, only offset). Let's just use function that calculates size from volume key size. Images where keyslot areas are not aligned to 4k offset are not supported anyway. Fixes: #753
2025-12-05 16:00:05 +01:00 · 2022-06-23 07:02:03 +02:00
parent a485f44b57
commit d22b003640
2 changed files with 15 additions and 5 deletions
--- a/lib/luks2/luks2_luks1_convert.c
+++ b/lib/luks2/luks2_luks1_convert.c
@@ -62,7 +62,7 @@ static int json_luks1_keyslot(const struct luks_phdr *hdr_v1, int keyslot, struc
 	char *base64_str, cipher[LUKS_CIPHERNAME_L+LUKS_CIPHERMODE_L];
 	size_t base64_len;
 	struct json_object *keyslot_obj, *field, *jobj_kdf, *jobj_af, *jobj_area;
-	uint64_t offset, area_size, offs_a, offs_b, length;
+	uint64_t offset, area_size, length;
 	int r;

 	keyslot_obj = json_object_new_object();
@@ -110,14 +110,12 @@ static int json_luks1_keyslot(const struct luks_phdr *hdr_v1, int keyslot, struc
 		json_object_object_add(jobj_area, "encryption", json_object_new_string(hdr_v1->cipherName));

 	/* area */
-	if (LUKS_keyslot_area(hdr_v1, 0, &offs_a, &length) ||
-	    LUKS_keyslot_area(hdr_v1, 1, &offs_b, &length) ||
-	    LUKS_keyslot_area(hdr_v1, keyslot, &offset, &length)) {
+	if (LUKS_keyslot_area(hdr_v1, keyslot, &offset, &length)) {
 		json_object_put(keyslot_obj);
 		json_object_put(jobj_area);
 		return -EINVAL;
 	}
-	area_size = offs_b - offs_a;
+	area_size = size_round_up(length, 4096);
 	json_object_object_add(jobj_area, "key_size", json_object_new_int(hdr_v1->keyBytes));
 	json_object_object_add(jobj_area, "offset", crypt_jobj_new_uint64(offset));
 	json_object_object_add(jobj_area, "size", crypt_jobj_new_uint64(area_size));