diff options
author | David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 2019-11-10 14:17:33 +0100 |
---|---|---|
committer | David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 2019-11-10 14:22:53 +0100 |
commit | 46c16855b1bed2704549d834acd2e9812ff3bf1e (patch) | |
tree | 9b2e1506d6b3ccfe79bc66b14899086924555146 /ubifs-utils | |
parent | 413b3c919c2c96d6e0224f86eb6d3d7ce3b79238 (diff) |
mkfs.ubifs: fscrypt: bail from encrypt_block if gen_essiv_salt fails
What originally cought my attention was that gen_essiv_salt has a
size_t return type and error paths that return -1 on failure.
Further investigation revealed that the error value is never checked
for. The encrypt_block function doesn't use the return value in any
way and simply continues onward.
Furthermore, the gen_essiv_salt function has an error case that emits
an error message but returns success state.
This patch modifes gen_essiv_salt to return an error status in all
error branches, changes the return type to ssize_t and adds a check
to encrypt_block if gen_essiv_salt fails.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Diffstat (limited to 'ubifs-utils')
-rw-r--r-- | ubifs-utils/mkfs.ubifs/crypto.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/ubifs-utils/mkfs.ubifs/crypto.c b/ubifs-utils/mkfs.ubifs/crypto.c index cd68e37..d31bd2a 100644 --- a/ubifs-utils/mkfs.ubifs/crypto.c +++ b/ubifs-utils/mkfs.ubifs/crypto.c @@ -109,7 +109,7 @@ fail: return -1; } -static size_t gen_essiv_salt(const void *iv, size_t iv_len, const void *key, size_t key_len, void *salt) +static ssize_t gen_essiv_salt(const void *iv, size_t iv_len, const void *key, size_t key_len, void *salt) { size_t ret; const EVP_CIPHER *cipher; @@ -127,8 +127,10 @@ static size_t gen_essiv_salt(const void *iv, size_t iv_len, const void *key, siz } ret = do_encrypt(cipher, iv, iv_len, sha256, EVP_MD_size(EVP_sha256()), NULL, 0, salt); - if (ret != iv_len) + if (ret != iv_len) { errmsg("Unable to compute ESSIV salt, return value %zi instead of %zi", ret, iv_len); + return -1; + } free(sha256); @@ -154,7 +156,8 @@ static ssize_t encrypt_block(const void *plaintext, size_t size, if (cipher == EVP_aes_128_cbc()) { tweak = alloca(ivsize); - gen_essiv_salt(&iv, FS_IV_SIZE, key, key_len, tweak); + if (gen_essiv_salt(&iv, FS_IV_SIZE, key, key_len, tweak) < 0) + return -1; } else { tweak = &iv; } |