Avoid integer overflows during memory allocation.

It is possible to overflow integers during memory allocation with insanely large "key bytes" specified in a LUKS header. Although it could be argued to properly validate LUKS headers while parsing them, it's still a good idea to fix any form of possible overflow attacks against cryptsetup in these allocation functions.
2025-12-11 19:00:02 +01:00 · 2016-07-02 20:17:25 +02:00
parent f65dbd5a07
commit d68d981f36
3 changed files with 10 additions and 4 deletions
--- a/lib/utils_crypt.c
+++ b/lib/utils_crypt.c
@@ -22,6 +22,7 @@

 #include <stdlib.h>
 #include <stddef.h>
+#include <stdint.h>
 #include <stdio.h>
 #include <string.h>
 #include <errno.h>
@@ -98,7 +99,7 @@ void *crypt_safe_alloc(size_t size)
 {
 	struct safe_allocation *alloc;

-	if (!size)
+	if (!size || size > (SIZE_MAX - offsetof(struct safe_allocation, data)))
 		return NULL;

 	alloc = malloc(size + offsetof(struct safe_allocation, data));