| From a201ad17caa430aa710654fdf2e6ab4c8166f031 Mon Sep 17 00:00:00 2001 |
| From: Darren Kenny <darren.kenny@oracle.com> |
| Date: Thu, 21 Jan 2021 11:38:31 +0000 |
| Subject: [PATCH] disk/cryptodisk: Fix potential integer overflow |
| |
| The encrypt and decrypt functions expect a grub_size_t. So, we need to |
| ensure that the constant bit shift is using grub_size_t rather than |
| unsigned int when it is performing the shift. |
| |
| Fixes: CID 307788 |
| |
| Signed-off-by: Darren Kenny <darren.kenny@oracle.com> |
| Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> |
| Signed-off-by: Stefan SΓΈrensen <stefan.sorensen@spectralink.com> |
| --- |
| grub-core/disk/cryptodisk.c | 8 ++++---- |
| 1 file changed, 4 insertions(+), 4 deletions(-) |
| |
| diff --git a/grub-core/disk/cryptodisk.c b/grub-core/disk/cryptodisk.c |
| index 5037768..6883f48 100644 |
| --- a/grub-core/disk/cryptodisk.c |
| +++ b/grub-core/disk/cryptodisk.c |
| @@ -311,10 +311,10 @@ grub_cryptodisk_endecrypt (struct grub_cryptodisk *dev, |
| case GRUB_CRYPTODISK_MODE_CBC: |
| if (do_encrypt) |
| err = grub_crypto_cbc_encrypt (dev->cipher, data + i, data + i, |
| - (1U << dev->log_sector_size), iv); |
| + ((grub_size_t) 1 << dev->log_sector_size), iv); |
| else |
| err = grub_crypto_cbc_decrypt (dev->cipher, data + i, data + i, |
| - (1U << dev->log_sector_size), iv); |
| + ((grub_size_t) 1 << dev->log_sector_size), iv); |
| if (err) |
| return err; |
| break; |
| @@ -322,10 +322,10 @@ grub_cryptodisk_endecrypt (struct grub_cryptodisk *dev, |
| case GRUB_CRYPTODISK_MODE_PCBC: |
| if (do_encrypt) |
| err = grub_crypto_pcbc_encrypt (dev->cipher, data + i, data + i, |
| - (1U << dev->log_sector_size), iv); |
| + ((grub_size_t) 1 << dev->log_sector_size), iv); |
| else |
| err = grub_crypto_pcbc_decrypt (dev->cipher, data + i, data + i, |
| - (1U << dev->log_sector_size), iv); |
| + ((grub_size_t) 1 << dev->log_sector_size), iv); |
| if (err) |
| return err; |
| break; |
| -- |
| 2.14.2 |
| |