cryptsetup/SOURCES/cryptsetup-2.3.7-Reenc-keyslot-must-have-key_size-1.patch

From 7eeb45537af1db8a29b4e2956545ccde8ad13d32 Mon Sep 17 00:00:00 2001
From: Milan Broz <gmazyland@gmail.com>
Date: Sun, 2 Jan 2022 16:57:31 +0100
Subject: [PATCH 12/28] Reenc keyslot must have key_size == 1.

---
 lib/luks2/luks2_keyslot_reenc.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/lib/luks2/luks2_keyslot_reenc.c b/lib/luks2/luks2_keyslot_reenc.c
index 1956fe27..9da7007d 100644
--- a/lib/luks2/luks2_keyslot_reenc.c
+++ b/lib/luks2/luks2_keyslot_reenc.c
@@ -230,7 +230,7 @@ static int reenc_keyslot_dump(struct crypt_device *cd, int keyslot)
 
 static int reenc_keyslot_validate(struct crypt_device *cd, json_object *jobj_keyslot)
 {
-	json_object *jobj_mode, *jobj_area, *jobj_type, *jobj_shift_size, *jobj_hash, *jobj_sector_size, *jobj_direction;
+	json_object *jobj_mode, *jobj_area, *jobj_type, *jobj_shift_size, *jobj_hash, *jobj_sector_size, *jobj_direction, *jobj_key_size;
 	const char *mode, *type, *direction;
 	uint32_t sector_size;
 	uint64_t shift_size;
@@ -250,12 +250,18 @@ static int reenc_keyslot_validate(struct crypt_device *cd, json_object *jobj_key
 	    !json_object_object_get_ex(jobj_area, "type", &jobj_type))
 		return -EINVAL;
 
+	jobj_key_size = json_contains(cd, jobj_keyslot, "", "reencrypt keyslot", "key_size", json_type_int);
 	jobj_mode = json_contains(cd, jobj_keyslot, "", "reencrypt keyslot", "mode", json_type_string);
 	jobj_direction = json_contains(cd, jobj_keyslot, "", "reencrypt keyslot", "direction", json_type_string);
 
-	if (!jobj_mode || !jobj_direction)
+	if (!jobj_mode || !jobj_direction || !jobj_key_size)
 		return -EINVAL;
 
+	if (!validate_json_uint32(jobj_key_size) || crypt_jobj_get_uint32(jobj_key_size) != 1) {
+		log_dbg(cd, "Illegal reencrypt key size.");
+		return -EINVAL;
+	}
+
 	mode = json_object_get_string(jobj_mode);
 	type = json_object_get_string(jobj_type);
 	direction = json_object_get_string(jobj_direction);
-- 
2.27.0
import cryptsetup-2.3.3-4.el8_5.1 2022-02-01 20:14:28 +00:00			`From 7eeb45537af1db8a29b4e2956545ccde8ad13d32 Mon Sep 17 00:00:00 2001`
			`From: Milan Broz <gmazyland@gmail.com>`
			`Date: Sun, 2 Jan 2022 16:57:31 +0100`
			`Subject: [PATCH 12/28] Reenc keyslot must have key_size == 1.`

			`---`
			`lib/luks2/luks2_keyslot_reenc.c \| 10 ++++++++--`
			`1 file changed, 8 insertions(+), 2 deletions(-)`

			`diff --git a/lib/luks2/luks2_keyslot_reenc.c b/lib/luks2/luks2_keyslot_reenc.c`
			`index 1956fe27..9da7007d 100644`
			`--- a/lib/luks2/luks2_keyslot_reenc.c`
			`+++ b/lib/luks2/luks2_keyslot_reenc.c`
			`@@ -230,7 +230,7 @@ static int reenc_keyslot_dump(struct crypt_device *cd, int keyslot)`

			`static int reenc_keyslot_validate(struct crypt_device cd, json_object jobj_keyslot)`
			`{`
			`- json_object jobj_mode, jobj_area, jobj_type, jobj_shift_size, jobj_hash, jobj_sector_size, *jobj_direction;`
			`+ json_object jobj_mode, jobj_area, jobj_type, jobj_shift_size, jobj_hash, jobj_sector_size, jobj_direction, jobj_key_size;`
			`const char mode, type, *direction;`
			`uint32_t sector_size;`
			`uint64_t shift_size;`
			`@@ -250,12 +250,18 @@ static int reenc_keyslot_validate(struct crypt_device cd, json_object jobj_key`
			`!json_object_object_get_ex(jobj_area, "type", &jobj_type))`
			`return -EINVAL;`

			`+ jobj_key_size = json_contains(cd, jobj_keyslot, "", "reencrypt keyslot", "key_size", json_type_int);`
			`jobj_mode = json_contains(cd, jobj_keyslot, "", "reencrypt keyslot", "mode", json_type_string);`
			`jobj_direction = json_contains(cd, jobj_keyslot, "", "reencrypt keyslot", "direction", json_type_string);`

			`- if (!jobj_mode \|\| !jobj_direction)`
			`+ if (!jobj_mode \|\| !jobj_direction \|\| !jobj_key_size)`
			`return -EINVAL;`

			`+ if (!validate_json_uint32(jobj_key_size) \|\| crypt_jobj_get_uint32(jobj_key_size) != 1) {`
			`+ log_dbg(cd, "Illegal reencrypt key size.");`
			`+ return -EINVAL;`
			`+ }`
			`+`
			`mode = json_object_get_string(jobj_mode);`
			`type = json_object_get_string(jobj_type);`
			`direction = json_object_get_string(jobj_direction);`
			`--`
			`2.27.0`