32 lines
1.2 KiB
Diff
32 lines
1.2 KiB
Diff
|
From 88b2d1af10922e0defb3eeacac6bb03aab9cbd60 Mon Sep 17 00:00:00 2001
|
||
|
|
From: Ondrej Kozina <okozina@redhat.com>
|
||
|
|
Date: Thu, 27 Aug 2020 12:12:13 +0200
|
||
|
|
Subject: [PATCH 4/5] Fix posible buffer overflows in LUKS conversion.
|
||
|
|
|
||
|
|
cipher[31] and cipher_mode[31] buffers were passed to
|
||
|
|
crypt_parse_name_and_mode() routine where sscanf(s, "%31[^-]-%31s",
|
||
|
|
cipher, cipher_mode) was called.
|
||
|
|
|
||
|
|
In corner case it could cause terminating 0 byte written beyond
|
||
|
|
respective arrays.
|
||
|
|
---
|
||
|
|
lib/luks2/luks2_luks1_convert.c | 2 +-
|
||
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||
|
|
|
||
|
|
diff --git a/lib/luks2/luks2_luks1_convert.c b/lib/luks2/luks2_luks1_convert.c
|
||
|
|
index 603c44d..9b70df1 100644
|
||
|
|
--- a/lib/luks2/luks2_luks1_convert.c
|
||
|
|
+++ b/lib/luks2/luks2_luks1_convert.c
|
||
|
|
@@ -675,7 +675,7 @@ static int keyslot_LUKS1_compatible(struct crypt_device *cd, struct luks2_hdr *h
|
||
|
|
int LUKS2_luks2_to_luks1(struct crypt_device *cd, struct luks2_hdr *hdr2, struct luks_phdr *hdr1)
|
||
|
|
{
|
||
|
|
size_t buf_size, buf_offset;
|
||
|
|
- char cipher[LUKS_CIPHERNAME_L-1], cipher_mode[LUKS_CIPHERMODE_L-1];
|
||
|
|
+ char cipher[LUKS_CIPHERNAME_L], cipher_mode[LUKS_CIPHERMODE_L];
|
||
|
|
char digest[LUKS_DIGESTSIZE], digest_salt[LUKS_SALTSIZE];
|
||
|
|
const char *hash;
|
||
|
|
size_t len;
|
||
|
|
--
|
||
|
|
1.8.3.1
|
||
|
|
|