105 lines
4.2 KiB
Diff
105 lines
4.2 KiB
Diff
From 4e8599886ba4802fef1683811a725e7c4bc4fe72 Mon Sep 17 00:00:00 2001
|
|
From: "Richard W.M. Jones" <rjones@redhat.com>
|
|
Date: Tue, 12 Jul 2022 18:00:38 +0100
|
|
Subject: [PATCH] luks: Check return values from malloc more carefully
|
|
|
|
Found by Coverity:
|
|
|
|
Error: GCC_ANALYZER_WARNING (CWE-688): [#def53]
|
|
nbdkit-1.30.7/filters/luks/luks-encryption.c: scope_hint: In function 'calculate_iv'
|
|
nbdkit-1.30.7/filters/luks/luks-encryption.c:175:5: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL 'iv' where non-null expected
|
|
nbdkit-1.30.7/filters/luks/luks-encryption.c:39: included_from: Included from here.
|
|
/usr/include/string.h:43:14: note: argument 1 of 'memcpy' must be non-null
|
|
# 173| sector32 = (uint32_t) sector; /* truncate to only lower bits */
|
|
# 174| sector32 = htole32 (sector32);
|
|
# 175|-> memcpy (iv, §or32, prefixlen);
|
|
# 176| memset (iv + prefixlen, 0, ivlen - prefixlen);
|
|
# 177| break;
|
|
|
|
Error: GCC_ANALYZER_WARNING (CWE-688): [#def54]
|
|
nbdkit-1.30.7/filters/luks/luks-encryption.c:184:5: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL 'iv' where non-null expected
|
|
nbdkit-1.30.7/filters/luks/luks-encryption.c:39: included_from: Included from here.
|
|
/usr/include/string.h:43:14: note: argument 1 of 'memcpy' must be non-null
|
|
# 182| prefixlen = ivlen;
|
|
# 183| sector = htole64 (sector);
|
|
# 184|-> memcpy (iv, §or, prefixlen);
|
|
# 185| memset (iv + prefixlen, 0, ivlen - prefixlen);
|
|
# 186| break;
|
|
|
|
Error: NULL_RETURNS (CWE-476): [#def55]
|
|
nbdkit-1.30.7/filters/luks/luks-encryption.c:498: returned_null: "malloc" returns "NULL" (checked 86 out of 94 times).
|
|
nbdkit-1.30.7/filters/luks/luks-encryption.c:498: var_assigned: Assigning: "temp" = "NULL" return value from "malloc".
|
|
nbdkit-1.30.7/filters/luks/luks-encryption.c:523: dereference: Dereferencing a pointer that might be "NULL" "temp" when calling "memcpy". [Note: The source code implementation of the function has been overridden by a builtin model.]
|
|
# 521| gnutls_hash_deinit (hash, temp);
|
|
# 522|
|
|
# 523|-> memcpy (&block[i*digest_bytes], temp, blen);
|
|
# 524| }
|
|
# 525|
|
|
|
|
Fixes: commit 468919dce6c5eb57503eacac0f67e5dd87c58e6c
|
|
(cherry picked from commit 00c8bbd9e321681843140f697985505de7177f34)
|
|
---
|
|
filters/luks/luks-encryption.c | 28 +++++++++++++++++++++++-----
|
|
1 file changed, 23 insertions(+), 5 deletions(-)
|
|
|
|
diff --git a/filters/luks/luks-encryption.c b/filters/luks/luks-encryption.c
|
|
index 8ee0eb35..19aaf06a 100644
|
|
--- a/filters/luks/luks-encryption.c
|
|
+++ b/filters/luks/luks-encryption.c
|
|
@@ -495,9 +495,15 @@ af_hash (gnutls_digest_algorithm_t hash_alg, uint8_t *block, size_t len)
|
|
size_t digest_bytes = gnutls_hash_get_len (hash_alg);
|
|
size_t nr_blocks, last_block_len;
|
|
size_t i;
|
|
- CLEANUP_FREE uint8_t *temp = malloc (digest_bytes);
|
|
int r;
|
|
gnutls_hash_hd_t hash;
|
|
+ CLEANUP_FREE uint8_t *temp;
|
|
+
|
|
+ temp = malloc (digest_bytes);
|
|
+ if (!temp) {
|
|
+ nbdkit_error ("malloc: %m");
|
|
+ return -1;
|
|
+ }
|
|
|
|
nr_blocks = len / digest_bytes;
|
|
last_block_len = len % digest_bytes;
|
|
@@ -874,9 +880,15 @@ int
|
|
do_decrypt (struct luks_data *h, gnutls_cipher_hd_t cipher,
|
|
uint64_t sector, uint8_t *buf, size_t nr_sectors)
|
|
{
|
|
- const size_t ivlen = cipher_alg_iv_len (h->cipher_alg, h->cipher_mode);
|
|
- CLEANUP_FREE uint8_t *iv = malloc (ivlen);
|
|
int r;
|
|
+ const size_t ivlen = cipher_alg_iv_len (h->cipher_alg, h->cipher_mode);
|
|
+ CLEANUP_FREE uint8_t *iv;
|
|
+
|
|
+ iv = malloc (ivlen);
|
|
+ if (!iv) {
|
|
+ nbdkit_error ("malloc: %m");
|
|
+ return -1;
|
|
+ }
|
|
|
|
while (nr_sectors) {
|
|
calculate_iv (h->ivgen_alg, iv, ivlen, sector);
|
|
@@ -902,9 +914,15 @@ int
|
|
do_encrypt (struct luks_data *h, gnutls_cipher_hd_t cipher,
|
|
uint64_t sector, uint8_t *buf, size_t nr_sectors)
|
|
{
|
|
- const size_t ivlen = cipher_alg_iv_len (h->cipher_alg, h->cipher_mode);
|
|
- CLEANUP_FREE uint8_t *iv = malloc (ivlen);
|
|
int r;
|
|
+ const size_t ivlen = cipher_alg_iv_len (h->cipher_alg, h->cipher_mode);
|
|
+ CLEANUP_FREE uint8_t *iv;
|
|
+
|
|
+ iv = malloc (ivlen);
|
|
+ if (!iv) {
|
|
+ nbdkit_error ("malloc: %m");
|
|
+ return -1;
|
|
+ }
|
|
|
|
while (nr_sectors) {
|
|
calculate_iv (h->ivgen_alg, iv, ivlen, sector);
|
|
--
|
|
2.31.1
|
|
|