From dc86950fff020688a17b6ff0dbfea7bdb0d8f1b9 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Tue, 10 Jan 2023 08:39:11 +0000
Subject: [PATCH] luks: Avoid crash when image does not contain a LUKS header

We attempt to load the LUKS header in the prepare() callback.  If this
fails, h->h will be NULL and we'll crash in close() when we attempt to
access and free h->h->masterkey.

This crash could have been triggered another way: if open() followed
by close() was called, without prepare() or other callbacks.

Reported-by: Ming Xie
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2159581
(cherry picked from commit cad4b96b17ed4ad7882100efa0d9073ac9d8b11c)
---
 filters/luks/luks-encryption.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/filters/luks/luks-encryption.c b/filters/luks/luks-encryption.c
index 26f81e7b..6f33e76e 100644
--- a/filters/luks/luks-encryption.c
+++ b/filters/luks/luks-encryption.c
@@ -856,11 +856,13 @@ load_header (nbdkit_next *next, const char *passphrase)
 void
 free_luks_data (struct luks_data *h)
 {
-  if (h->masterkey) {
-    memset (h->masterkey, 0, h->phdr.master_key_len);
-    free (h->masterkey);
+  if (h) {
+    if (h->masterkey) {
+      memset (h->masterkey, 0, h->phdr.master_key_len);
+      free (h->masterkey);
+    }
+    free (h);
   }
-  free (h);
 }
 
 uint64_t
-- 
2.31.1