diff --git a/0001-ssh-Allow-the-remote-file-to-be-created.patch b/0001-ssh-Allow-the-remote-file-to-be-created.patch index 78253b2..f3e07e4 100644 --- a/0001-ssh-Allow-the-remote-file-to-be-created.patch +++ b/0001-ssh-Allow-the-remote-file-to-be-created.patch @@ -1,4 +1,4 @@ -From 9f9f1edb5a93574bf717e2d884a30a87b231a572 Mon Sep 17 00:00:00 2001 +From 6a2b0aac8be655524ea223e32cac0395fcc9f975 Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Fri, 15 Apr 2022 12:08:37 +0100 Subject: [PATCH] ssh: Allow the remote file to be created diff --git a/0002-readahead-Rewrite-this-filter-so-it-prefetches-using.patch b/0002-readahead-Rewrite-this-filter-so-it-prefetches-using.patch index 7242628..69d5efa 100644 --- a/0002-readahead-Rewrite-this-filter-so-it-prefetches-using.patch +++ b/0002-readahead-Rewrite-this-filter-so-it-prefetches-using.patch @@ -1,4 +1,4 @@ -From c9c5a1455096822264df02cc157a693310144a62 Mon Sep 17 00:00:00 2001 +From ac40ae11bc9983e11185749b23e793568cb366cc Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Sat, 16 Apr 2022 18:39:13 +0100 Subject: [PATCH] readahead: Rewrite this filter so it prefetches using .cache diff --git a/0003-readahead-Fix-test.patch b/0003-readahead-Fix-test.patch index 8ade1f4..52962b7 100644 --- a/0003-readahead-Fix-test.patch +++ b/0003-readahead-Fix-test.patch @@ -1,4 +1,4 @@ -From ce5607d2bf2f895464d0cb2ba9c285c67325e7f5 Mon Sep 17 00:00:00 2001 +From b41b7d7ddf6d3fba23ac7978c8b272f2ff84265d Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Thu, 21 Apr 2022 16:14:46 +0100 Subject: [PATCH] readahead: Fix test diff --git a/0004-New-filter-luks.patch b/0004-New-filter-luks.patch index f5560a6..5d14e25 100644 --- a/0004-New-filter-luks.patch +++ b/0004-New-filter-luks.patch @@ -1,4 +1,4 @@ -From f69d0db070ee3a02351c3c4ada0ab00c33bc76ef Mon Sep 17 00:00:00 2001 +From c19936170cf8b385687cf40f5a9507d87ae08267 Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Sat, 30 Apr 2022 12:35:07 +0100 Subject: [PATCH] New filter: luks @@ -55,7 +55,7 @@ index 4d2a9796..0f5dc41d 100644 * The filter should open a new connection to the plugin per background diff --git a/configure.ac b/configure.ac -index 10729d8a..78af16d5 100644 +index a402921b..de85b4da 100644 --- a/configure.ac +++ b/configure.ac @@ -127,6 +127,7 @@ filters="\ @@ -76,7 +76,7 @@ index 10729d8a..78af16d5 100644 +AS_IF([test "x$GNUTLS_LIBS" != "x"],[ AC_MSG_CHECKING([for default TLS session priority string]) AC_ARG_WITH([tls-priority], - [AS_HELP_STRING([--with-tls-priority], + [AS_HELP_STRING([--with-tls-priority=...], @@ -1383,6 +1385,7 @@ AC_CONFIG_FILES([Makefile filters/ip/Makefile filters/limit/Makefile @@ -1596,10 +1596,10 @@ index f8f0e198..b95e7349 100644 =head1 AUTHORS diff --git a/tests/Makefile.am b/tests/Makefile.am -index b9c1137c..b041b186 100644 +index b310e8a2..c29453ba 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am -@@ -1594,6 +1594,18 @@ EXTRA_DIST += \ +@@ -1596,6 +1596,18 @@ EXTRA_DIST += \ test-log-script-info.sh \ $(NULL) diff --git a/0005-luks-Disable-filter-with-old-GnuTLS-in-Debian-10.patch b/0005-luks-Disable-filter-with-old-GnuTLS-in-Debian-10.patch index 7a80ed4..2ff4e07 100644 --- a/0005-luks-Disable-filter-with-old-GnuTLS-in-Debian-10.patch +++ b/0005-luks-Disable-filter-with-old-GnuTLS-in-Debian-10.patch @@ -1,4 +1,4 @@ -From cc0bc042e260334b7f5b39ea4c283c9ad9bac164 Mon Sep 17 00:00:00 2001 +From 66daae1a7daf680e06f884e9af6a14830263c932 Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Sun, 8 May 2022 12:13:39 +0100 Subject: [PATCH] luks: Disable filter with old GnuTLS in Debian 10 @@ -36,7 +36,7 @@ Fixes: commit 468919dce6c5eb57503eacac0f67e5dd87c58e6c 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac -index 78af16d5..7089f937 100644 +index de85b4da..1d209f67 100644 --- a/configure.ac +++ b/configure.ac @@ -636,12 +636,15 @@ AS_IF([test "x$GNUTLS_LIBS" != "x"],[ @@ -78,10 +78,10 @@ index 30089621..622e5c3d 100644 filter_LTLIBRARIES = nbdkit-luks-filter.la diff --git a/tests/Makefile.am b/tests/Makefile.am -index b041b186..937d2919 100644 +index c29453ba..5585b3b7 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am -@@ -1595,7 +1595,7 @@ EXTRA_DIST += \ +@@ -1597,7 +1597,7 @@ EXTRA_DIST += \ $(NULL) # luks filter test. diff --git a/0006-luks-Various-fixes-for-Clang.patch b/0006-luks-Various-fixes-for-Clang.patch index 3f7557b..c0f7f2f 100644 --- a/0006-luks-Various-fixes-for-Clang.patch +++ b/0006-luks-Various-fixes-for-Clang.patch @@ -1,4 +1,4 @@ -From 9961cd8018d6287af45d7691656c56d9443660cf Mon Sep 17 00:00:00 2001 +From b3c05065801c723966a3e8d93c9b84e808ff38b9 Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Sun, 8 May 2022 12:30:09 +0100 Subject: [PATCH] luks: Various fixes for Clang diff --git a/0007-luks-Link-with-libcompat-on-Windows.patch b/0007-luks-Link-with-libcompat-on-Windows.patch index 8eb1411..f93465b 100644 --- a/0007-luks-Link-with-libcompat-on-Windows.patch +++ b/0007-luks-Link-with-libcompat-on-Windows.patch @@ -1,4 +1,4 @@ -From 24963801a0a0a4eb1c33d2cfa213e0564fef889c Mon Sep 17 00:00:00 2001 +From 9416effd73a5cb2e1c929449fca88fd7152aa1be Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Sun, 8 May 2022 12:38:00 +0100 Subject: [PATCH] luks: Link with libcompat on Windows diff --git a/0008-luks-Refactor-the-filter.patch b/0008-luks-Refactor-the-filter.patch index ef13db7..feaf986 100644 --- a/0008-luks-Refactor-the-filter.patch +++ b/0008-luks-Refactor-the-filter.patch @@ -1,4 +1,4 @@ -From 22b56fee6d3ed2a5ea37f9b1ed62b9d5144e5369 Mon Sep 17 00:00:00 2001 +From e8279107801bb93303b22e1b927929ce18279dc5 Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Sun, 8 May 2022 16:13:13 +0100 Subject: [PATCH] luks: Refactor the filter diff --git a/0009-tests-luks-Reduce-time-taken-to-run-these-tests.patch b/0009-tests-luks-Reduce-time-taken-to-run-these-tests.patch index 61561bc..34419d8 100644 --- a/0009-tests-luks-Reduce-time-taken-to-run-these-tests.patch +++ b/0009-tests-luks-Reduce-time-taken-to-run-these-tests.patch @@ -1,4 +1,4 @@ -From b3989481c7c605f1872ac15d42cf6a9ac738ab00 Mon Sep 17 00:00:00 2001 +From 387bd4c6fee8ab339fd04e0b841b0c67e6020c8a Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Sun, 8 May 2022 18:05:45 +0100 Subject: [PATCH] tests: luks: Reduce time taken to run these tests diff --git a/0010-Add-nbdkit.parse_size-Python-function.patch b/0010-Add-nbdkit.parse_size-Python-function.patch index df50c23..5cb340b 100644 --- a/0010-Add-nbdkit.parse_size-Python-function.patch +++ b/0010-Add-nbdkit.parse_size-Python-function.patch @@ -1,4 +1,4 @@ -From 509c71f425945e219ceb507f06bbac546fb26c7c Mon Sep 17 00:00:00 2001 +From 52ee1dab95436128b44c37cc495022ff90108b2e Mon Sep 17 00:00:00 2001 From: Nikolaus Rath Date: Mon, 9 May 2022 10:04:30 +0100 Subject: [PATCH] Add nbdkit.parse_size() Python function. diff --git a/0011-cache-Fix-cross-reference-nbdkit-readahead-filter.patch b/0011-cache-Fix-cross-reference-nbdkit-readahead-filter.patch index c94be1f..ed4a4e3 100644 --- a/0011-cache-Fix-cross-reference-nbdkit-readahead-filter.patch +++ b/0011-cache-Fix-cross-reference-nbdkit-readahead-filter.patch @@ -1,4 +1,4 @@ -From cf7bb8134726263b8f0f1dc0478ca82cdc22dbd4 Mon Sep 17 00:00:00 2001 +From 644e0ed6333cf5fe2c1e39da157e8f1ce97267b9 Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Sat, 14 May 2022 13:47:19 +0100 Subject: [PATCH] cache: Fix cross-reference nbdkit-readahead-filter diff --git a/0012-curl-Don-t-document-curl-plugin-readahead-filter.patch b/0012-curl-Don-t-document-curl-plugin-readahead-filter.patch index a8f4c82..4c8288e 100644 --- a/0012-curl-Don-t-document-curl-plugin-readahead-filter.patch +++ b/0012-curl-Don-t-document-curl-plugin-readahead-filter.patch @@ -1,4 +1,4 @@ -From 75a84b37dba4907b790ebb2dc56ac689ea8370e7 Mon Sep 17 00:00:00 2001 +From 4a7e5169935c8850fddcea8da79639ded907c549 Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Sat, 14 May 2022 14:00:16 +0100 Subject: [PATCH] curl: Don't document curl plugin + readahead filter diff --git a/0013-New-filter-scan.patch b/0013-New-filter-scan.patch index 821c264..527a597 100644 --- a/0013-New-filter-scan.patch +++ b/0013-New-filter-scan.patch @@ -1,4 +1,4 @@ -From 46b2d3954011b2f0ebf5203ce549cb7e8f822b09 Mon Sep 17 00:00:00 2001 +From 8bfe6512d07caf778fd001425435b048c45513eb Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Sat, 14 May 2022 13:46:56 +0100 Subject: [PATCH] New filter: scan @@ -54,7 +54,7 @@ index 0f5dc41d..8600d9e4 100644 single context into the backend shared among multiple client connections. This may even allow a filter to offer a more parallel diff --git a/configure.ac b/configure.ac -index 7089f937..a02d16d9 100644 +index 1d209f67..466dbd9b 100644 --- a/configure.ac +++ b/configure.ac @@ -142,6 +142,7 @@ filters="\ @@ -896,10 +896,10 @@ index ea5899dc..3991e86b 100644 L, L, diff --git a/tests/Makefile.am b/tests/Makefile.am -index 937d2919..6a63e4e8 100644 +index 5585b3b7..799aa6c2 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am -@@ -1752,6 +1752,16 @@ test_retry_request_mirror_LDADD = \ +@@ -1754,6 +1754,16 @@ test_retry_request_mirror_LDADD = \ $(LIBNBD_LIBS) \ $(NULL) diff --git a/0014-scan-Remove-condition-variable.patch b/0014-scan-Remove-condition-variable.patch index 6bf9465..7500254 100644 --- a/0014-scan-Remove-condition-variable.patch +++ b/0014-scan-Remove-condition-variable.patch @@ -1,4 +1,4 @@ -From fd743f16847520207304e7f7f66839708abaffd9 Mon Sep 17 00:00:00 2001 +From 91677241184ab1aa77adadd612fa069d084863ec Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Sat, 14 May 2022 18:54:32 +0100 Subject: [PATCH] scan: Remove condition variable diff --git a/0015-scan-Small-typographical-fix-in-manual.patch b/0015-scan-Small-typographical-fix-in-manual.patch index f002ca5..c2c6ae0 100644 --- a/0015-scan-Small-typographical-fix-in-manual.patch +++ b/0015-scan-Small-typographical-fix-in-manual.patch @@ -1,4 +1,4 @@ -From f5e7beb490131d5674b7c1ff8b312da3f6d5e078 Mon Sep 17 00:00:00 2001 +From c191f45530d4dd7f978803c0bfa402ca0fc950df Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Sat, 14 May 2022 19:02:48 +0100 Subject: [PATCH] scan: Small typographical fix in manual diff --git a/0016-ssh-Don-t-reference-readahead-or-scan-filters-from-t.patch b/0016-ssh-Don-t-reference-readahead-or-scan-filters-from-t.patch index d186a2c..d6e387b 100644 --- a/0016-ssh-Don-t-reference-readahead-or-scan-filters-from-t.patch +++ b/0016-ssh-Don-t-reference-readahead-or-scan-filters-from-t.patch @@ -1,4 +1,4 @@ -From 1bd582bce19ed3beb27879a1bfcee247d22c7fba Mon Sep 17 00:00:00 2001 +From 651045d703804d7dafab04a0387ca92573f52467 Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Sat, 14 May 2022 20:57:38 +0100 Subject: [PATCH] ssh: Don't reference readahead or scan filters from this diff --git a/0017-scan-Fix-bound-so-we-don-t-try-to-prefetch-beyond-en.patch b/0017-scan-Fix-bound-so-we-don-t-try-to-prefetch-beyond-en.patch index 8fa54c0..f78049c 100644 --- a/0017-scan-Fix-bound-so-we-don-t-try-to-prefetch-beyond-en.patch +++ b/0017-scan-Fix-bound-so-we-don-t-try-to-prefetch-beyond-en.patch @@ -1,4 +1,4 @@ -From cad7357b2d4dd70bd75adbbd44aa1715bd0d090c Mon Sep 17 00:00:00 2001 +From f58d2a04338edc647e2334ff58b49508424e3f3b Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Tue, 17 May 2022 13:20:17 +0100 Subject: [PATCH] scan: Fix bound so we don't try to prefetch beyond end of diff --git a/0018-tests-Add-a-regression-test-for-LUKS-zeroing-crash.patch b/0018-tests-Add-a-regression-test-for-LUKS-zeroing-crash.patch index 6f337a8..123c091 100644 --- a/0018-tests-Add-a-regression-test-for-LUKS-zeroing-crash.patch +++ b/0018-tests-Add-a-regression-test-for-LUKS-zeroing-crash.patch @@ -1,4 +1,4 @@ -From ec7154cb4010e5c20ae8b1df8a95550bc5e42ee2 Mon Sep 17 00:00:00 2001 +From d1d2f43223bcda062d10c8e68776590956892f71 Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Fri, 10 Jun 2022 22:11:44 +0100 Subject: [PATCH] tests: Add a regression test for LUKS zeroing crash @@ -12,10 +12,10 @@ https://listman.redhat.com/archives/libguestfs/2022-June/029188.html create mode 100755 tests/test-luks-copy-zero.sh diff --git a/tests/Makefile.am b/tests/Makefile.am -index 6a63e4e8..824232d1 100644 +index 799aa6c2..0f4b0746 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am -@@ -1599,11 +1599,13 @@ if HAVE_GNUTLS_PBKDF2 +@@ -1601,11 +1601,13 @@ if HAVE_GNUTLS_PBKDF2 TESTS += \ test-luks-info.sh \ test-luks-copy.sh \ diff --git a/0019-rate-Allow-burstiness-to-be-controlled.patch b/0019-rate-Allow-burstiness-to-be-controlled.patch index 9a05993..3453169 100644 --- a/0019-rate-Allow-burstiness-to-be-controlled.patch +++ b/0019-rate-Allow-burstiness-to-be-controlled.patch @@ -1,4 +1,4 @@ -From 7c7557d9954eb7d8fa6249af316879dada22829d Mon Sep 17 00:00:00 2001 +From c1a7c87fb9710fb29d699d1f39d0da19caf98da0 Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Sat, 11 Jun 2022 12:34:02 +0100 Subject: [PATCH] rate: Allow burstiness to be controlled diff --git a/0020-luks-Check-return-values-from-malloc-more-carefully.patch b/0020-luks-Check-return-values-from-malloc-more-carefully.patch new file mode 100644 index 0000000..f4a8d86 --- /dev/null +++ b/0020-luks-Check-return-values-from-malloc-more-carefully.patch @@ -0,0 +1,104 @@ +From 4e8599886ba4802fef1683811a725e7c4bc4fe72 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Tue, 12 Jul 2022 18:00:38 +0100 +Subject: [PATCH] luks: Check return values from malloc more carefully + +Found by Coverity: + + Error: GCC_ANALYZER_WARNING (CWE-688): [#def53] + nbdkit-1.30.7/filters/luks/luks-encryption.c: scope_hint: In function 'calculate_iv' + nbdkit-1.30.7/filters/luks/luks-encryption.c:175:5: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL 'iv' where non-null expected + nbdkit-1.30.7/filters/luks/luks-encryption.c:39: included_from: Included from here. + /usr/include/string.h:43:14: note: argument 1 of 'memcpy' must be non-null + # 173| sector32 = (uint32_t) sector; /* truncate to only lower bits */ + # 174| sector32 = htole32 (sector32); + # 175|-> memcpy (iv, §or32, prefixlen); + # 176| memset (iv + prefixlen, 0, ivlen - prefixlen); + # 177| break; + + Error: GCC_ANALYZER_WARNING (CWE-688): [#def54] + nbdkit-1.30.7/filters/luks/luks-encryption.c:184:5: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL 'iv' where non-null expected + nbdkit-1.30.7/filters/luks/luks-encryption.c:39: included_from: Included from here. + /usr/include/string.h:43:14: note: argument 1 of 'memcpy' must be non-null + # 182| prefixlen = ivlen; + # 183| sector = htole64 (sector); + # 184|-> memcpy (iv, §or, prefixlen); + # 185| memset (iv + prefixlen, 0, ivlen - prefixlen); + # 186| break; + + Error: NULL_RETURNS (CWE-476): [#def55] + nbdkit-1.30.7/filters/luks/luks-encryption.c:498: returned_null: "malloc" returns "NULL" (checked 86 out of 94 times). + nbdkit-1.30.7/filters/luks/luks-encryption.c:498: var_assigned: Assigning: "temp" = "NULL" return value from "malloc". + nbdkit-1.30.7/filters/luks/luks-encryption.c:523: dereference: Dereferencing a pointer that might be "NULL" "temp" when calling "memcpy". [Note: The source code implementation of the function has been overridden by a builtin model.] + # 521| gnutls_hash_deinit (hash, temp); + # 522| + # 523|-> memcpy (&block[i*digest_bytes], temp, blen); + # 524| } + # 525| + +Fixes: commit 468919dce6c5eb57503eacac0f67e5dd87c58e6c +(cherry picked from commit 00c8bbd9e321681843140f697985505de7177f34) +--- + filters/luks/luks-encryption.c | 28 +++++++++++++++++++++++----- + 1 file changed, 23 insertions(+), 5 deletions(-) + +diff --git a/filters/luks/luks-encryption.c b/filters/luks/luks-encryption.c +index 8ee0eb35..19aaf06a 100644 +--- a/filters/luks/luks-encryption.c ++++ b/filters/luks/luks-encryption.c +@@ -495,9 +495,15 @@ af_hash (gnutls_digest_algorithm_t hash_alg, uint8_t *block, size_t len) + size_t digest_bytes = gnutls_hash_get_len (hash_alg); + size_t nr_blocks, last_block_len; + size_t i; +- CLEANUP_FREE uint8_t *temp = malloc (digest_bytes); + int r; + gnutls_hash_hd_t hash; ++ CLEANUP_FREE uint8_t *temp; ++ ++ temp = malloc (digest_bytes); ++ if (!temp) { ++ nbdkit_error ("malloc: %m"); ++ return -1; ++ } + + nr_blocks = len / digest_bytes; + last_block_len = len % digest_bytes; +@@ -874,9 +880,15 @@ int + do_decrypt (struct luks_data *h, gnutls_cipher_hd_t cipher, + uint64_t sector, uint8_t *buf, size_t nr_sectors) + { +- const size_t ivlen = cipher_alg_iv_len (h->cipher_alg, h->cipher_mode); +- CLEANUP_FREE uint8_t *iv = malloc (ivlen); + int r; ++ const size_t ivlen = cipher_alg_iv_len (h->cipher_alg, h->cipher_mode); ++ CLEANUP_FREE uint8_t *iv; ++ ++ iv = malloc (ivlen); ++ if (!iv) { ++ nbdkit_error ("malloc: %m"); ++ return -1; ++ } + + while (nr_sectors) { + calculate_iv (h->ivgen_alg, iv, ivlen, sector); +@@ -902,9 +914,15 @@ int + do_encrypt (struct luks_data *h, gnutls_cipher_hd_t cipher, + uint64_t sector, uint8_t *buf, size_t nr_sectors) + { +- const size_t ivlen = cipher_alg_iv_len (h->cipher_alg, h->cipher_mode); +- CLEANUP_FREE uint8_t *iv = malloc (ivlen); + int r; ++ const size_t ivlen = cipher_alg_iv_len (h->cipher_alg, h->cipher_mode); ++ CLEANUP_FREE uint8_t *iv; ++ ++ iv = malloc (ivlen); ++ if (!iv) { ++ nbdkit_error ("malloc: %m"); ++ return -1; ++ } + + while (nr_sectors) { + calculate_iv (h->ivgen_alg, iv, ivlen, sector); +-- +2.31.1 + diff --git a/0021-luks-Avoid-potential-overflow-when-computing-key-mat.patch b/0021-luks-Avoid-potential-overflow-when-computing-key-mat.patch new file mode 100644 index 0000000..9c95dce --- /dev/null +++ b/0021-luks-Avoid-potential-overflow-when-computing-key-mat.patch @@ -0,0 +1,57 @@ +From 1d593a76796574845d7e32aaadd9f7d1ed4e7987 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Tue, 12 Jul 2022 18:07:25 +0100 +Subject: [PATCH] luks: Avoid potential overflow when computing key material + offset and length + +Found by Coverity: + + Error: OVERFLOW_BEFORE_WIDEN (CWE-190): [#def58] + nbdkit-1.30.7/filters/luks/luks-encryption.c:558: overflow_before_widen: Potentially overflowing expression "h->phdr.master_key_len * h->phdr.keyslot[i].stripes" with type "unsigned int" (32 bits, unsigned) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "uint64_t" (64 bits, unsigned). + nbdkit-1.30.7/filters/luks/luks-encryption.c:558: remediation: To avoid overflow, cast either "h->phdr.master_key_len" or "h->phdr.keyslot[i].stripes" to type "uint64_t". + # 556| uint64_t len, r; + # 557| + # 558|-> len = h->phdr.master_key_len * h->phdr.keyslot[i].stripes; + # 559| r = DIV_ROUND_UP (len, LUKS_SECTOR_SIZE); + # 560| r = ROUND_UP (r, LUKS_ALIGN_KEYSLOTS / LUKS_SECTOR_SIZE); + + Error: OVERFLOW_BEFORE_WIDEN (CWE-190): [#def62] + nbdkit-1.30.7/filters/luks/luks-encryption.c:616: overflow_before_widen: Potentially overflowing expression "ks->key_material_offset * 512U" with type "unsigned int" (32 bits, unsigned) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "uint64_t" (64 bits, unsigned). + nbdkit-1.30.7/filters/luks/luks-encryption.c:616: remediation: To avoid overflow, cast either "ks->key_material_offset" or "512U" to type "uint64_t". + # 614| + # 615| /* Read master key material from plugin. */ + # 616|-> start = ks->key_material_offset * LUKS_SECTOR_SIZE; + # 617| if (next->pread (next, split_key, split_key_len, start, 0, &err) == -1) { + # 618| errno = err; + +Fixes: commit 468919dce6c5eb57503eacac0f67e5dd87c58e6c +(cherry picked from commit 808d88fbc7b58b7c95e05f41fec729cba92ef518) +--- + filters/luks/luks-encryption.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/filters/luks/luks-encryption.c b/filters/luks/luks-encryption.c +index 19aaf06a..06435b27 100644 +--- a/filters/luks/luks-encryption.c ++++ b/filters/luks/luks-encryption.c +@@ -561,7 +561,7 @@ key_material_length_in_sectors (struct luks_data *h, size_t i) + { + uint64_t len, r; + +- len = h->phdr.master_key_len * h->phdr.keyslot[i].stripes; ++ len = (uint64_t) h->phdr.master_key_len * h->phdr.keyslot[i].stripes; + r = DIV_ROUND_UP (len, LUKS_SECTOR_SIZE); + r = ROUND_UP (r, LUKS_ALIGN_KEYSLOTS / LUKS_SECTOR_SIZE); + return r; +@@ -619,7 +619,7 @@ try_passphrase_in_keyslot (nbdkit_next *next, struct luks_data *h, + } + + /* Read master key material from plugin. */ +- start = ks->key_material_offset * LUKS_SECTOR_SIZE; ++ start = (uint64_t) ks->key_material_offset * LUKS_SECTOR_SIZE; + if (next->pread (next, split_key, split_key_len, start, 0, &err) == -1) { + errno = err; + return -1; +-- +2.31.1 + diff --git a/0022-luks-Avoid-memory-leak-on-error-path.patch b/0022-luks-Avoid-memory-leak-on-error-path.patch new file mode 100644 index 0000000..22a2708 --- /dev/null +++ b/0022-luks-Avoid-memory-leak-on-error-path.patch @@ -0,0 +1,36 @@ +From ee25c1be953bf385caf23f96384a9834c1f1c250 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Tue, 12 Jul 2022 18:10:30 +0100 +Subject: [PATCH] luks: Avoid memory leak on error path + +Found by Coverity: + + Error: CPPCHECK_WARNING (CWE-401): [#def65] [important] + nbdkit-1.30.7/filters/luks/luks-encryption.c:707: error[memleak]: Memory leak: h + # 705| if (memcmp (h->phdr.magic, expected_magic, LUKS_MAGIC_LEN) != 0) { + # 706| nbdkit_error ("this disk does not contain a LUKS header"); + # 707|-> return NULL; + # 708| } + # 709| h->phdr.version = be16toh (h->phdr.version); + +Fixes: commit 468919dce6c5eb57503eacac0f67e5dd87c58e6c +(cherry picked from commit a345cff137763f105f07bb8942c1bbefd0959cff) +--- + filters/luks/luks-encryption.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/filters/luks/luks-encryption.c b/filters/luks/luks-encryption.c +index 06435b27..207a4e46 100644 +--- a/filters/luks/luks-encryption.c ++++ b/filters/luks/luks-encryption.c +@@ -710,6 +710,7 @@ load_header (nbdkit_next *next, const char *passphrase) + + if (memcmp (h->phdr.magic, expected_magic, LUKS_MAGIC_LEN) != 0) { + nbdkit_error ("this disk does not contain a LUKS header"); ++ free (h); + return NULL; + } + h->phdr.version = be16toh (h->phdr.version); +-- +2.31.1 + diff --git a/0023-tests-Hoist-some-EXTRA_DIST-out-of-automake-conditio.patch b/0023-tests-Hoist-some-EXTRA_DIST-out-of-automake-conditio.patch new file mode 100644 index 0000000..0bfe9b4 --- /dev/null +++ b/0023-tests-Hoist-some-EXTRA_DIST-out-of-automake-conditio.patch @@ -0,0 +1,48 @@ +From 5ccf1068703d300c8b5579b3a6ef0e409b5a713e Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Tue, 19 Jul 2022 11:56:47 +0100 +Subject: [PATCH] tests: Hoist some EXTRA_DIST out of automake conditionals + +We can fail to add some test files (test.tcl, test.lua) to the tarball +if compiling with those languages disabled, which would cause knock-on +failures when the tarball was used with the languages enabled. We +already fixed this for Ruby etc, this commit fixes it for Tcl and Lua. + +(cherry picked from commit 3b6763c82909c95431ff57c2fe9be1b98316b057) +--- + tests/Makefile.am | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/tests/Makefile.am b/tests/Makefile.am +index 0f4b0746..2667be32 100644 +--- a/tests/Makefile.am ++++ b/tests/Makefile.am +@@ -1203,10 +1203,11 @@ EXTRA_DIST += \ + $(NULL) + + # Tcl plugin test. ++EXTRA_DIST += test.tcl ++ + if HAVE_TCL + + LIBGUESTFS_TESTS += test-tcl +-EXTRA_DIST += test.tcl + + test_tcl_SOURCES = test-lang-plugins.c test.h + test_tcl_CFLAGS = \ +@@ -1219,10 +1220,11 @@ test_tcl_LDADD = libtest.la $(LIBGUESTFS_LIBS) + endif HAVE_TCL + + # Lua plugin test. ++EXTRA_DIST += test.lua ++ + if HAVE_LUA + + LIBGUESTFS_TESTS += test-lua +-EXTRA_DIST += test.lua + + test_lua_SOURCES = test-lang-plugins.c test.h + test_lua_CFLAGS = \ +-- +2.31.1 + diff --git a/nbdkit.spec b/nbdkit.spec index 63831cc..30019fe 100644 --- a/nbdkit.spec +++ b/nbdkit.spec @@ -52,7 +52,7 @@ ExclusiveArch: x86_64 %global source_directory 1.30-stable Name: nbdkit -Version: 1.30.7 +Version: 1.30.8 Release: 1%{?dist} Summary: NBD server @@ -97,6 +97,10 @@ Patch0016: 0016-ssh-Don-t-reference-readahead-or-scan-filters-from-t.patch Patch0017: 0017-scan-Fix-bound-so-we-don-t-try-to-prefetch-beyond-en.patch Patch0018: 0018-tests-Add-a-regression-test-for-LUKS-zeroing-crash.patch Patch0019: 0019-rate-Allow-burstiness-to-be-controlled.patch +Patch0020: 0020-luks-Check-return-values-from-malloc-more-carefully.patch +Patch0021: 0021-luks-Avoid-potential-overflow-when-computing-key-mat.patch +Patch0022: 0022-luks-Avoid-memory-leak-on-error-path.patch +Patch0023: 0023-tests-Hoist-some-EXTRA_DIST-out-of-automake-conditio.patch # For automatic RPM Provides generation. # See: https://rpm-software-management.github.io/rpm/manual/dependency_generators.html @@ -1204,8 +1208,8 @@ export LIBGUESTFS_TRACE=1 %changelog -* Tue Jul 12 2022 Richard W.M. Jones - 1.30.7-1 -- Rebase to new stable branch version 1.30.7 +* Tue Jul 19 2022 Richard W.M. Jones - 1.30.8-1 +- Rebase to new stable branch version 1.30.8 resolves: rhbz#2059289 - Add automatic provides generator and subpackage nbdkit-srpm-macros resolves: rhbz#2059291 @@ -1231,6 +1235,9 @@ export LIBGUESTFS_TRACE=1 resolves: rhbz#1905772 - Fix memory allocator=malloc,mlock=true resolves: rhbz#2044432 +- Fix multiple Coverity problems +- Fix bounds error in nbdkit-checkwrite-filter + resolves: rhbz#2108545 * Mon Jan 24 2022 Richard W.M. Jones - 1.28.5-1 - Rebase to new stable branch version 1.28.5 diff --git a/sources b/sources index 3d124fd..43a1ba6 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (nbdkit-1.30.7.tar.gz) = acf48dc8f2b2d8967aca106f9c267cd8f022c54dbe07d1f32c8b5d14df33215f71029622f095fef1a442a2ab495618e81844b0b5f4a24b2be2869b3b3c990bf1 -SHA512 (nbdkit-1.30.7.tar.gz.sig) = 46f5c265240b447af7703ec8bce473e5951452c163c8f302291e3495c4c6ca5790b9382063c68613390bccf998d8c18efddda4878870af72029b854bb69e308e +SHA512 (nbdkit-1.30.8.tar.gz) = 984e2ef921b0f339d2950cc87b9e5cfd3a6c45c107116a2ff8b5d30aa08bb9c9edbb8e16aa0a57c93b160ad411df842f1fa72f90f80fc261a0c30ec6a7d99795 +SHA512 (nbdkit-1.30.8.tar.gz.sig) = 2794da218bd052d9bed818343ae186945304a467ebd7ae75373faf471ff4fd18ed161dc1f866f17e4f190b5acc18141ff92e914ddb497a5e07065ebac3461f3b