[PATCH] crypto/block-luks: always set splitkeylen to 0

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH] crypto/block-luks: always set splitkeylen to 0
@ 2022-09-07 16:21 Patrick Venture
  2022-09-07 16:34 ` Daniel P. Berrangé
  0 siblings, 1 reply; 3+ messages in thread
From: Patrick Venture @ 2022-09-07 16:21 UTC (permalink / raw)
  To: berrange; +Cc: qemu-devel, Patrick Venture

This was caught by a sanitized build, that was perhaps oversensitive.

Signed-off-by: Patrick Venture <venture@google.com>
---
 crypto/block-luks.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/crypto/block-luks.c b/crypto/block-luks.c
index f62be6836b..8633fb7e9f 100644
--- a/crypto/block-luks.c
+++ b/crypto/block-luks.c
@@ -729,7 +729,7 @@ qcrypto_block_luks_store_key(QCryptoBlock *block,
     QCryptoBlockLUKS *luks = block->opaque;
     QCryptoBlockLUKSKeySlot *slot;
     g_autofree uint8_t *splitkey = NULL;
-    size_t splitkeylen;
+    size_t splitkeylen = 0;
     g_autofree uint8_t *slotkey = NULL;
     g_autoptr(QCryptoCipher) cipher = NULL;
     g_autoptr(QCryptoIVGen) ivgen = NULL;
@@ -901,7 +901,7 @@ qcrypto_block_luks_load_key(QCryptoBlock *block,
     QCryptoBlockLUKS *luks = block->opaque;
     const QCryptoBlockLUKSKeySlot *slot;
     g_autofree uint8_t *splitkey = NULL;
-    size_t splitkeylen;
+    size_t splitkeylen = 0;
     g_autofree uint8_t *possiblekey = NULL;
     int rv;
     g_autoptr(QCryptoCipher) cipher = NULL;
@@ -1147,7 +1147,7 @@ qcrypto_block_luks_erase_key(QCryptoBlock *block,
     QCryptoBlockLUKS *luks = block->opaque;
     QCryptoBlockLUKSKeySlot *slot;
     g_autofree uint8_t *garbagesplitkey = NULL;
-    size_t splitkeylen;
+    size_t splitkeylen = 0;
     size_t i;
     Error *local_err = NULL;
     int ret;
-- 
2.37.2.789.g6183377224-goog



^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH] crypto/block-luks: always set splitkeylen to 0
  2022-09-07 16:21 [PATCH] crypto/block-luks: always set splitkeylen to 0 Patrick Venture
@ 2022-09-07 16:34 ` Daniel P. Berrangé
  2022-09-07 16:43   ` Patrick Venture
  0 siblings, 1 reply; 3+ messages in thread
From: Daniel P. Berrangé @ 2022-09-07 16:34 UTC (permalink / raw)
  To: Patrick Venture; +Cc: qemu-devel

On Wed, Sep 07, 2022 at 09:21:25AM -0700, Patrick Venture wrote:
> This was caught by a sanitized build, that was perhaps oversensitive.
> 
> Signed-off-by: Patrick Venture <venture@google.com>
> ---
>  crypto/block-luks.c | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/crypto/block-luks.c b/crypto/block-luks.c
> index f62be6836b..8633fb7e9f 100644
> --- a/crypto/block-luks.c
> +++ b/crypto/block-luks.c
> @@ -729,7 +729,7 @@ qcrypto_block_luks_store_key(QCryptoBlock *block,
>      QCryptoBlockLUKS *luks = block->opaque;
>      QCryptoBlockLUKSKeySlot *slot;
>      g_autofree uint8_t *splitkey = NULL;
> -    size_t splitkeylen;
> +    size_t splitkeylen = 0;
>      g_autofree uint8_t *slotkey = NULL;
>      g_autoptr(QCryptoCipher) cipher = NULL;
>      g_autoptr(QCryptoIVGen) ivgen = NULL;
> @@ -901,7 +901,7 @@ qcrypto_block_luks_load_key(QCryptoBlock *block,
>      QCryptoBlockLUKS *luks = block->opaque;
>      const QCryptoBlockLUKSKeySlot *slot;
>      g_autofree uint8_t *splitkey = NULL;
> -    size_t splitkeylen;
> +    size_t splitkeylen = 0;
>      g_autofree uint8_t *possiblekey = NULL;
>      int rv;
>      g_autoptr(QCryptoCipher) cipher = NULL;
> @@ -1147,7 +1147,7 @@ qcrypto_block_luks_erase_key(QCryptoBlock *block,
>      QCryptoBlockLUKS *luks = block->opaque;
>      QCryptoBlockLUKSKeySlot *slot;
>      g_autofree uint8_t *garbagesplitkey = NULL;
> -    size_t splitkeylen;
> +    size_t splitkeylen = 0;
>      size_t i;
>      Error *local_err = NULL;
>      int ret;

In all three cases, splitkeylen is initialized a few lines later.

In qcrypto_block_luks_store_key there is a 'goto cleanup' before
the initialization. The 'cleanup' code can use 'splitkeylen', but
only if 'splitkey != NULL' & this isn't possible if splitkeylen is
uninitialized.

The other two methods have no code path where splitkeylen can be
used uninitialized.

The tool is reporting non-existant problems AFAICT

With regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|



^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] crypto/block-luks: always set splitkeylen to 0
  2022-09-07 16:34 ` Daniel P. Berrangé
@ 2022-09-07 16:43   ` Patrick Venture
  0 siblings, 0 replies; 3+ messages in thread
From: Patrick Venture @ 2022-09-07 16:43 UTC (permalink / raw)
  To: Daniel P. Berrangé; +Cc: QEMU Developers

[-- Attachment #1: Type: text/plain, Size: 2710 bytes --]

On Wed, Sep 7, 2022 at 9:34 AM Daniel P. Berrangé <berrange@redhat.com>
wrote:

> On Wed, Sep 07, 2022 at 09:21:25AM -0700, Patrick Venture wrote:
> > This was caught by a sanitized build, that was perhaps oversensitive.
> >
> > Signed-off-by: Patrick Venture <venture@google.com>
> > ---
> >  crypto/block-luks.c | 6 +++---
> >  1 file changed, 3 insertions(+), 3 deletions(-)
> >
> > diff --git a/crypto/block-luks.c b/crypto/block-luks.c
> > index f62be6836b..8633fb7e9f 100644
> > --- a/crypto/block-luks.c
> > +++ b/crypto/block-luks.c
> > @@ -729,7 +729,7 @@ qcrypto_block_luks_store_key(QCryptoBlock *block,
> >      QCryptoBlockLUKS *luks = block->opaque;
> >      QCryptoBlockLUKSKeySlot *slot;
> >      g_autofree uint8_t *splitkey = NULL;
> > -    size_t splitkeylen;
> > +    size_t splitkeylen = 0;
> >      g_autofree uint8_t *slotkey = NULL;
> >      g_autoptr(QCryptoCipher) cipher = NULL;
> >      g_autoptr(QCryptoIVGen) ivgen = NULL;
> > @@ -901,7 +901,7 @@ qcrypto_block_luks_load_key(QCryptoBlock *block,
> >      QCryptoBlockLUKS *luks = block->opaque;
> >      const QCryptoBlockLUKSKeySlot *slot;
> >      g_autofree uint8_t *splitkey = NULL;
> > -    size_t splitkeylen;
> > +    size_t splitkeylen = 0;
> >      g_autofree uint8_t *possiblekey = NULL;
> >      int rv;
> >      g_autoptr(QCryptoCipher) cipher = NULL;
> > @@ -1147,7 +1147,7 @@ qcrypto_block_luks_erase_key(QCryptoBlock *block,
> >      QCryptoBlockLUKS *luks = block->opaque;
> >      QCryptoBlockLUKSKeySlot *slot;
> >      g_autofree uint8_t *garbagesplitkey = NULL;
> > -    size_t splitkeylen;
> > +    size_t splitkeylen = 0;
> >      size_t i;
> >      Error *local_err = NULL;
> >      int ret;
>
> In all three cases, splitkeylen is initialized a few lines later.
>
> In qcrypto_block_luks_store_key there is a 'goto cleanup' before
> the initialization. The 'cleanup' code can use 'splitkeylen', but
> only if 'splitkey != NULL' & this isn't possible if splitkeylen is
> uninitialized.
>
> The other two methods have no code path where splitkeylen can be
> used uninitialized.
>
> The tool is reporting non-existant problems AFAICT
>

I'm 100% certain it is. I just needed to make the changes to get a
sanitized build of Qemu to build.  Presumably if someone else tries
building qemu with `--enable-sanitizers` they'll have to make the same
non-sense adjustment.


>
> With regards,
> Daniel
> --
> |: https://berrange.com      -o-
> https://www.flickr.com/photos/dberrange :|
> |: https://libvirt.org         -o-
> https://fstop138.berrange.com :|
> |: https://entangle-photo.org    -o-
> https://www.instagram.com/dberrange :|
>
>

[-- Attachment #2: Type: text/html, Size: 4082 bytes --]

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2022-09-07 16:50 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-09-07 16:21 [PATCH] crypto/block-luks: always set splitkeylen to 0 Patrick Venture
2022-09-07 16:34 ` Daniel P. Berrangé
2022-09-07 16:43   ` Patrick Venture

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.