From: Patrick Steinhardt <ps@pks.im>
To: Alec Brown <alec.r.brown@oracle.com>
Cc: grub-devel@gnu.org, daniel.kiper@oracle.com,
darren.kenny@oracle.com, development@efficientek.com
Subject: Re: [PATCH v2] grub-core/disk/cryptodisk.c: Fix unintentional integer overflow
Date: Sat, 15 Oct 2022 11:13:09 +0200 [thread overview]
Message-ID: <Y0p5pYNBe2BawpM3@tanuki> (raw)
In-Reply-To: <1665784028-11871-1-git-send-email-alec.r.brown@oracle.com>
[-- Attachment #1: Type: text/plain, Size: 1644 bytes --]
On Fri, Oct 14, 2022 at 05:47:08PM -0400, Alec Brown wrote:
> In the function grub_cryptodisk_endecrypt(), a for loop is incrementing the
> variable i by (1U << log_sector_size). The variable i is of type grub_size_t
> which is a 64-bit unsigned integer on x86_64 architecture. On the other hand, 1U
> is a 32-bit unsigned integer. By performing a left shift on a 32-bit value and
> assigning it to a 64-bit variable, the 64-bit variable may have incorrect values
> in the high 32-bits if the shift has an overflow. To avoid this, we replace 1U
> with (grub_size_t) 1.
>
> Fixes: CID 307788
>
> Signed-off-by: Alec Brown <alec.r.brown@oracle.com>
Reviewed-by: Patrick Steinhardt <ps@pks.im>
> ---
>
> There was a mistake in v1 of the commit message describing the issue in the
> code. This version fixes the commit message so that it's accurate.
>
> grub-core/disk/cryptodisk.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/grub-core/disk/cryptodisk.c b/grub-core/disk/cryptodisk.c
> index 9f5dc7acb..cdcb882ca 100644
> --- a/grub-core/disk/cryptodisk.c
> +++ b/grub-core/disk/cryptodisk.c
> @@ -239,7 +239,7 @@ grub_cryptodisk_endecrypt (struct grub_cryptodisk *dev,
> return (do_encrypt ? grub_crypto_ecb_encrypt (dev->cipher, data, data, len)
> : grub_crypto_ecb_decrypt (dev->cipher, data, data, len));
>
> - for (i = 0; i < len; i += (1U << log_sector_size))
> + for (i = 0; i < len; i += ((grub_size_t) 1 << log_sector_size))
> {
> grub_size_t sz = ((dev->cipher->cipher->blocksize
> + sizeof (grub_uint32_t) - 1)
> --
> 2.27.0
>
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
next prev parent reply other threads:[~2022-10-15 9:12 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-10-14 21:47 [PATCH v2] grub-core/disk/cryptodisk.c: Fix unintentional integer overflow Alec Brown
2022-10-15 9:13 ` Patrick Steinhardt [this message]
2022-10-17 15:32 ` Daniel Kiper
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y0p5pYNBe2BawpM3@tanuki \
--to=ps@pks.im \
--cc=alec.r.brown@oracle.com \
--cc=daniel.kiper@oracle.com \
--cc=darren.kenny@oracle.com \
--cc=development@efficientek.com \
--cc=grub-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.