From: "Daniel P. Berrangé" <berrange@redhat.com>
To: Patrick Venture <venture@google.com>
Cc: qemu-devel@nongnu.org
Subject: Re: [PATCH] crypto/block-luks: always set splitkeylen to 0
Date: Wed, 7 Sep 2022 17:34:35 +0100 [thread overview]
Message-ID: <YxjH/bIN6OlSWMWK@redhat.com> (raw)
In-Reply-To: <20220907162125.3950701-1-venture@google.com>
On Wed, Sep 07, 2022 at 09:21:25AM -0700, Patrick Venture wrote:
> This was caught by a sanitized build, that was perhaps oversensitive.
>
> Signed-off-by: Patrick Venture <venture@google.com>
> ---
> crypto/block-luks.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/crypto/block-luks.c b/crypto/block-luks.c
> index f62be6836b..8633fb7e9f 100644
> --- a/crypto/block-luks.c
> +++ b/crypto/block-luks.c
> @@ -729,7 +729,7 @@ qcrypto_block_luks_store_key(QCryptoBlock *block,
> QCryptoBlockLUKS *luks = block->opaque;
> QCryptoBlockLUKSKeySlot *slot;
> g_autofree uint8_t *splitkey = NULL;
> - size_t splitkeylen;
> + size_t splitkeylen = 0;
> g_autofree uint8_t *slotkey = NULL;
> g_autoptr(QCryptoCipher) cipher = NULL;
> g_autoptr(QCryptoIVGen) ivgen = NULL;
> @@ -901,7 +901,7 @@ qcrypto_block_luks_load_key(QCryptoBlock *block,
> QCryptoBlockLUKS *luks = block->opaque;
> const QCryptoBlockLUKSKeySlot *slot;
> g_autofree uint8_t *splitkey = NULL;
> - size_t splitkeylen;
> + size_t splitkeylen = 0;
> g_autofree uint8_t *possiblekey = NULL;
> int rv;
> g_autoptr(QCryptoCipher) cipher = NULL;
> @@ -1147,7 +1147,7 @@ qcrypto_block_luks_erase_key(QCryptoBlock *block,
> QCryptoBlockLUKS *luks = block->opaque;
> QCryptoBlockLUKSKeySlot *slot;
> g_autofree uint8_t *garbagesplitkey = NULL;
> - size_t splitkeylen;
> + size_t splitkeylen = 0;
> size_t i;
> Error *local_err = NULL;
> int ret;
In all three cases, splitkeylen is initialized a few lines later.
In qcrypto_block_luks_store_key there is a 'goto cleanup' before
the initialization. The 'cleanup' code can use 'splitkeylen', but
only if 'splitkey != NULL' & this isn't possible if splitkeylen is
uninitialized.
The other two methods have no code path where splitkeylen can be
used uninitialized.
The tool is reporting non-existant problems AFAICT
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
next prev parent reply other threads:[~2022-09-07 16:39 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-09-07 16:21 [PATCH] crypto/block-luks: always set splitkeylen to 0 Patrick Venture
2022-09-07 16:34 ` Daniel P. Berrangé [this message]
2022-09-07 16:43 ` Patrick Venture
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YxjH/bIN6OlSWMWK@redhat.com \
--to=berrange@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=venture@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.