48 lines
1.8 KiB
Diff
48 lines
1.8 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Darren Kenny <darren.kenny@oracle.com>
|
|
Date: Thu, 21 Jan 2021 11:38:31 +0000
|
|
Subject: [PATCH] disk/cryptodisk: Fix potential integer overflow
|
|
|
|
The encrypt and decrypt functions expect a grub_size_t. So, we need to
|
|
ensure that the constant bit shift is using grub_size_t rather than
|
|
unsigned int when it is performing the shift.
|
|
|
|
Fixes: CID 307788
|
|
|
|
Signed-off-by: Darren Kenny <darren.kenny@oracle.com>
|
|
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
|
|
---
|
|
grub-core/disk/cryptodisk.c | 8 ++++----
|
|
1 file changed, 4 insertions(+), 4 deletions(-)
|
|
|
|
diff --git a/grub-core/disk/cryptodisk.c b/grub-core/disk/cryptodisk.c
|
|
index bd60a66b384..78a902515e9 100644
|
|
--- a/grub-core/disk/cryptodisk.c
|
|
+++ b/grub-core/disk/cryptodisk.c
|
|
@@ -311,10 +311,10 @@ grub_cryptodisk_endecrypt (struct grub_cryptodisk *dev,
|
|
case GRUB_CRYPTODISK_MODE_CBC:
|
|
if (do_encrypt)
|
|
err = grub_crypto_cbc_encrypt (dev->cipher, data + i, data + i,
|
|
- (1U << dev->log_sector_size), iv);
|
|
+ ((grub_size_t) 1 << dev->log_sector_size), iv);
|
|
else
|
|
err = grub_crypto_cbc_decrypt (dev->cipher, data + i, data + i,
|
|
- (1U << dev->log_sector_size), iv);
|
|
+ ((grub_size_t) 1 << dev->log_sector_size), iv);
|
|
if (err)
|
|
return err;
|
|
break;
|
|
@@ -322,10 +322,10 @@ grub_cryptodisk_endecrypt (struct grub_cryptodisk *dev,
|
|
case GRUB_CRYPTODISK_MODE_PCBC:
|
|
if (do_encrypt)
|
|
err = grub_crypto_pcbc_encrypt (dev->cipher, data + i, data + i,
|
|
- (1U << dev->log_sector_size), iv);
|
|
+ ((grub_size_t) 1 << dev->log_sector_size), iv);
|
|
else
|
|
err = grub_crypto_pcbc_decrypt (dev->cipher, data + i, data + i,
|
|
- (1U << dev->log_sector_size), iv);
|
|
+ ((grub_size_t) 1 << dev->log_sector_size), iv);
|
|
if (err)
|
|
return err;
|
|
break;
|