luks: Avoid crash when image does not contain a LUKS header
resolves: rhbz#2159581
This commit is contained in:
Richard W.M. Jones
parent
8eb3bb554e
commit
a482c73e32
@ -0,0 +1,44 @@
|
||||
From dc86950fff020688a17b6ff0dbfea7bdb0d8f1b9 Mon Sep 17 00:00:00 2001
|
||||
From: "Richard W.M. Jones" <rjones@redhat.com>
|
||||
Date: Tue, 10 Jan 2023 08:39:11 +0000
|
||||
Subject: [PATCH] luks: Avoid crash when image does not contain a LUKS header
|
||||
|
||||
We attempt to load the LUKS header in the prepare() callback. If this
|
||||
fails, h->h will be NULL and we'll crash in close() when we attempt to
|
||||
access and free h->h->masterkey.
|
||||
|
||||
This crash could have been triggered another way: if open() followed
|
||||
by close() was called, without prepare() or other callbacks.
|
||||
|
||||
Reported-by: Ming Xie
|
||||
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2159581
|
||||
(cherry picked from commit cad4b96b17ed4ad7882100efa0d9073ac9d8b11c)
|
||||
---
|
||||
filters/luks/luks-encryption.c | 10 ++++++----
|
||||
1 file changed, 6 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/filters/luks/luks-encryption.c b/filters/luks/luks-encryption.c
|
||||
index 26f81e7b..6f33e76e 100644
|
||||
--- a/filters/luks/luks-encryption.c
|
||||
+++ b/filters/luks/luks-encryption.c
|
||||
@@ -856,11 +856,13 @@ load_header (nbdkit_next *next, const char *passphrase)
|
||||
void
|
||||
free_luks_data (struct luks_data *h)
|
||||
{
|
||||
- if (h->masterkey) {
|
||||
- memset (h->masterkey, 0, h->phdr.master_key_len);
|
||||
- free (h->masterkey);
|
||||
+ if (h) {
|
||||
+ if (h->masterkey) {
|
||||
+ memset (h->masterkey, 0, h->phdr.master_key_len);
|
||||
+ free (h->masterkey);
|
||||
+ }
|
||||
+ free (h);
|
||||
}
|
||||
- free (h);
|
||||
}
|
||||
|
||||
uint64_t
|
||||
--
|
||||
2.31.1
|
||||
|
||||
@ -53,7 +53,7 @@ ExclusiveArch: x86_64
|
||||
|
||||
Name: nbdkit
|
||||
Version: 1.32.5
|
||||
Release: 2%{?dist}
|
||||
Release: 3%{?dist}
|
||||
Summary: NBD server
|
||||
|
||||
License: BSD
|
||||
@ -80,6 +80,7 @@ Source3: copy-patches.sh
|
||||
# Patches.
|
||||
Patch0001: 0001-ssh-Remove-left-over-comment.patch
|
||||
Patch0002: 0002-ssh-Improve-the-error-message-when-all-authenticatio.patch
|
||||
Patch0003: 0003-luks-Avoid-crash-when-image-does-not-contain-a-LUKS-.patch
|
||||
|
||||
# For automatic RPM Provides generation.
|
||||
# See: https://rpm-software-management.github.io/rpm/manual/dependency_generators.html
|
||||
@ -1198,12 +1199,14 @@ export LIBGUESTFS_TRACE=1
|
||||
|
||||
|
||||
%changelog
|
||||
* Fri Jan 06 2022 Richard W.M. Jones <rjones@redhat.com> - 1.32.5-2
|
||||
* Tue Jan 10 2023 Richard W.M. Jones <rjones@redhat.com> - 1.32.5-3
|
||||
- Rebase to new stable branch version 1.32.5
|
||||
resolves: rhbz#2135765
|
||||
- Move stats filter to new subpackage.
|
||||
- Improve error message when PasswordAuthentication is set to 'no'
|
||||
resolves: rhbz#2158300
|
||||
- luks: Avoid crash when image does not contain a LUKS header
|
||||
resolves: rhbz#2159581
|
||||
|
||||
* Tue Nov 29 2022 Richard W.M. Jones <rjones@redhat.com> - 1.30.8-2
|
||||
- Add support for VDDK 8.0.0
|
||||
|
||||
Loading…
Reference in New Issue
Block a user