From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.90_1) id 1ojGmD-0003cv-B1 for mharc-grub-devel@gnu.org; Fri, 14 Oct 2022 05:14:45 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:60730) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1ojGmA-0003cd-RS for grub-devel@gnu.org; Fri, 14 Oct 2022 05:14:42 -0400 Received: from mx0b-00069f02.pphosted.com ([205.220.177.32]:34750) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1ojGm7-0004bC-CJ for grub-devel@gnu.org; Fri, 14 Oct 2022 05:14:42 -0400 Received: from pps.filterd (m0246631.ppops.net [127.0.0.1]) by mx0b-00069f02.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 29E8agO6026484; Fri, 14 Oct 2022 09:14:34 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=from : to : cc : subject : in-reply-to : references : date : message-id : content-type : mime-version; s=corp-2022-7-12; bh=dQrwXYzLNApZ7mfOZLBUHadtHomylHkWiFOitNKQIAo=; b=lyM9336ejDsUkvw0yv9R69JI7kGll1hn+TU2m33l1kkvioWcTO7H9F0kMqoh2EYD4jce LX3FjHJfEfsAHBqyuRbhcRkt2gLLGDO7r6yH5niTfYUaHmIUmYCoZHRUL5Qoshi/eJk7 rswFbZxBfWR11C8BXowpSn+vNS1ap6aTtW3KbaQmyhFBGisf2b3lCSr8oxn61zNCt5mZ byqadXX4ztpbU4XDWkDDeZTvURGIYkM88Ge2h1DKR+lM6QcOzNdu/+RcaP/ue1Z0XQPI wPU4I5OFQztkk7HqXSgSLqzMsAeec6lDPX3OUoPca9YvFXddhL/OT8hHn56W9I9DvkrX Zw== Received: from phxpaimrmta01.imrmtpd1.prodappphxaev1.oraclevcn.com (phxpaimrmta01.appoci.oracle.com [138.1.114.2]) by mx0b-00069f02.pphosted.com (PPS) with ESMTPS id 3k6mswj87x-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 14 Oct 2022 09:14:34 +0000 Received: from pps.filterd (phxpaimrmta01.imrmtpd1.prodappphxaev1.oraclevcn.com [127.0.0.1]) by phxpaimrmta01.imrmtpd1.prodappphxaev1.oraclevcn.com (8.17.1.5/8.17.1.5) with ESMTP id 29E6A5VJ033966; Fri, 14 Oct 2022 09:14:33 GMT Received: from nam11-co1-obe.outbound.protection.outlook.com (mail-co1nam11lp2169.outbound.protection.outlook.com [104.47.56.169]) by phxpaimrmta01.imrmtpd1.prodappphxaev1.oraclevcn.com (PPS) with ESMTPS id 3k2yn6savf-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 14 Oct 2022 09:14:33 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Am4ak+BcEd8mHyDtMRT5UboIcadlNPWvle8F8D2e39qmDS7u8vjfkyrQBsPzP4AFUfX1L4AxWU03Y5H9wwfm4MXP0v7I9kswdoGvfl+lUYoeRbuTK3tnWcBZHZYTQAVxfyTm6+pD7QrVrd+oHwaQBkKjgAfd7zBlBSPql07o9iKda8s1mB/hJqPoaMghGbCV4pUVi/LXVqTGTxKytTCU06OR9M1Kgp2DQwPakcSBlWLERWX0amPHetN2WHXQQ7kezZlldrDo+KdE18WB+IAI0ucIY5BK+Lys6OoLk8K9AHAEd6wWQ/Zk3d4LCalz222BqJjC0/azMK8WUEAjm21wLw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=dQrwXYzLNApZ7mfOZLBUHadtHomylHkWiFOitNKQIAo=; b=gmbvhNl6Xbj3IvJq901srZJfIW3hcadF6o4mVufHgN0O+5dsH+6viVlWfHuf5SU6/Xi7Agk3iPk5JLqp1537MV3vtTONeGtwHsArBVdfkOc5ddBr7+xow8GPC1zpL+4ELqq0gacPdy9npHdrYNoKwfget0OcJAX4lgnbn0e6DscWP0ypzWS9zmHU0McJF1xN+oU+izM5/lZ9GwdY1dm+M3242FPHXN2TgK4NsNyVE4ZMLzkd7dsb9ub3yZvD/vRDHg4JR8ivZR/yRKUPDf07+J3CXHmVl75uk2NF1rsx4IWGqeiY86ZQ/MNRR5dq1VOz22wVC3nlfsD8YDk7JAmXBw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=oracle.com; dmarc=pass action=none header.from=oracle.com; dkim=pass header.d=oracle.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.onmicrosoft.com; s=selector2-oracle-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dQrwXYzLNApZ7mfOZLBUHadtHomylHkWiFOitNKQIAo=; b=u5xiZ8Okq6RxK2Emw5VqNfnmR2bRepvoE1zBPBXn9uj644BYOc3IhLnoFPoHSCXncaxKahgwP6wudB/Bs7Co0LP+SmBgQb3WdAPsGTHPePqwSnQ/VcZdHcto8pme0ip+JF5u4WWajFxZD4cIKQgsk76omp22ibkZDdgMm0yxwuA= Received: from BLAPR10MB5138.namprd10.prod.outlook.com (2603:10b6:208:322::8) by PH0PR10MB5580.namprd10.prod.outlook.com (2603:10b6:510:ff::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5723.26; Fri, 14 Oct 2022 09:14:31 +0000 Received: from BLAPR10MB5138.namprd10.prod.outlook.com ([fe80::c843:ed24:5250:26c6]) by BLAPR10MB5138.namprd10.prod.outlook.com ([fe80::c843:ed24:5250:26c6%2]) with mapi id 15.20.5723.026; Fri, 14 Oct 2022 09:14:31 +0000 From: Darren Kenny To: Alec Brown , "grub-devel@gnu.org" Cc: Daniel Kiper , Alec Brown , "development@efficientek.com" , "ps@pks.im" Subject: Re: [PATCH] grub-core/disk/cryptodisk.c: Fix unintentional integer overflow In-Reply-To: <1665695624-28755-1-git-send-email-alec.r.brown@oracle.com> References: <1665695624-28755-1-git-send-email-alec.r.brown@oracle.com> Date: Fri, 14 Oct 2022 10:14:27 +0100 Message-ID: Content-Type: text/plain X-ClientProxiedBy: DUZPR01CA0073.eurprd01.prod.exchangelabs.com (2603:10a6:10:3c2::11) To BLAPR10MB5138.namprd10.prod.outlook.com (2603:10b6:208:322::8) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BLAPR10MB5138:EE_|PH0PR10MB5580:EE_ X-MS-Office365-Filtering-Correlation-Id: 73cb04b5-0aa1-4f06-633b-08daadc4808b X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Ix0IC/+gxVeVm2E5UXPgGrE3nT60XZ7AzQ/vSDy3fX4pGwmOeCKo7KI/euna+bJUx++ZZ9BKMCFbpoJj1s6ZVDz+d0Ac84rery5s0beXr41OMLsasBzuqpnD8/N93Kd0Jb753SxMBWmgGS5cq7EswIBivmfDj3vkbmOI5VkRgazV68tBQ3KMH7rx5BSH7pSo0ggTTmiflcFKnmXCepWPXYOtgX5nqzaJIj1WJFT7OXtAJxgoqvU//yWS3hfq+d3Gwq9vZxmjTWSfN+oWIjmUrn6GSDsC+skb+7jtzv638H/xqHPMSoO5CdtH72u8EbXqRvBeh4vGCsa5ULfOSp3pg1diMzell1+9vu3CGxs3i2Ap9Q3/MPAvnzcq4ipVdjLcERd+7YyzfSz7t0j6+9/2i7hBhaF0JzWoqMipOsM5Ec2+SyRNJ0O+iSGWOLOqT65IUWpK26tUviewOsov/Z0HQ/ehdR2wXu1JlQqP4L4SV82D+IdBORnJDcXtDJA5IxIokzpDpjbMXCLcz6JMHepd7yYh0XDlwKIsmFPK9i/MvIaGBT9wfzLMH6BoNbLV6hHOvI2D8TNZG6Oj+WWoDxfqESuw+P4L9Gs+Xo57mOr4rH2VfBOqDFQfvWX3YFMXk3noSQixSg8OsEbvH+M7thz94lhIGOtu+Iut+L19u292Y9ZT8wGhlidPpiExb4dCTLd9h7XP/tigad8td5k0VZjcKQ== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BLAPR10MB5138.namprd10.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(346002)(39860400002)(136003)(376002)(366004)(396003)(451199015)(36756003)(6506007)(83380400001)(6486002)(38100700002)(44832011)(478600001)(186003)(86362001)(2906002)(110136005)(6512007)(4001150100001)(316002)(2616005)(5660300002)(41300700001)(8936002)(54906003)(26005)(4326008)(8676002)(66476007)(66556008)(6666004)(66946007); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?6S1kaEgRTnNe1V0z1X2xHU+m9+tNPxXZeQRjTgW3iZGjIVyglqJmTirXcWyx?= =?us-ascii?Q?u8z5sF8uTxzix3sdExKcHD5MdFrzRU5Laur7Qc6PMw/nfAKFEFBVQ4BuedeO?= =?us-ascii?Q?WR6i4Q7v2adMuz0RCUjUSyUtvMqmhZVQh+rVqSUjp5p/BvUCfSqkJV79rEOg?= =?us-ascii?Q?zD46OKKhpntvRGOaJCLXogiruKSp8tjBpcchRVQHlaObrMv/yCWJq2CsA4ds?= =?us-ascii?Q?/a90opgvX2XKNIG0nshY8LgSxiyws93cuTM5aPi1etKDtSAYrI+CHqP3z0Ll?= =?us-ascii?Q?eSoFe7FX29FhIx9QMcWFtG3eI+/qy4u/cihREGZz63djB7uwcbGv/aERdTMR?= =?us-ascii?Q?frJeM0kQlAwbekh0cHD8ir1S0yuvAXKuLAI+Jq0rjuV7HdTfQ9ihCeOd2HhF?= =?us-ascii?Q?7obuanLzD/9/hvrDnrgmhRtlAxf73i2EFhwSG7oqyRifnB3qx/2mo0bowKSC?= =?us-ascii?Q?YUxl11NY3vn1l/vlR0SNZwT+ge62F4+nBIr3jwl3HtNvREUSH39jUbyzJ2op?= =?us-ascii?Q?AQI3Mjv4UAG4f1418NdPcUOkzLVbo7X76+G1uWpBwUu940x81sp07ZtrzJOX?= =?us-ascii?Q?LgTr6x1bveq6x5yyoe3lUdEROrm3qzqQYJAkBbXrIwEjCiJa6OHBakuX+K4S?= =?us-ascii?Q?DKu/r5bh9i202/PW4niLNbk1CD3TWl/fHvu0GLIJuMyR/fA+fYTDIk9uF0SH?= =?us-ascii?Q?paS+XI4mU3yWoF79JbNpK//nu5FJFXXNVwbitZus4mOLs0i6dpqNC7TChG7N?= =?us-ascii?Q?TLOhZ6y48SQzXZIQ1kDOv1VrVxnBJm4skC97pj7f08Gz1s7dB5ohrww5K30I?= =?us-ascii?Q?Ru/B7XDb7lSnrrRM+1pGHqrIp31Smg700c77YVnAjJE/e/+lfr7I+Buxs/AM?= =?us-ascii?Q?abngxPHsyiAXPO4HxQMrKx2C7EB8A0iY2GwjJKgiy8je7ZXTXgpUVqru0hqS?= =?us-ascii?Q?GrdBzGanQX3evuZLsec53EDEV/zQROydawbna782KEw7gY+TdxK+M1xwn0+e?= =?us-ascii?Q?yxdNRfWWTWmYXH/0Yr+Ms1AkwKvbF5OuvOt4b1M2Jo2BeQmD2xR46QmY+ty9?= =?us-ascii?Q?1a26UwJrRPu4vEQjfWjQPHOMV2loAoccHtsnrVBcgoaGaOBGu1zKAo9vAOtm?= =?us-ascii?Q?ETGMNTRK4ncQfxHsnapEeZT3gya8H28+HO2R0Ir4YQPIZxLrJn0a9b8xT8Bf?= =?us-ascii?Q?jdmAsqF/ZlWKs+9VOKF1hPBuRi3mwDRojhpv0FLFRLGYCJndGOq70YnIG2qY?= =?us-ascii?Q?xl/bFT+r/44vjsVCUX51NENnSxuP4CJ2io1FD92iyaULPHMaP0vlMv7vmecW?= =?us-ascii?Q?x4VGmdV2wgwcULfcKv9/9TT7PTJ2pGl8OQ0xvw15Nyhst3J/RUMzHQE/qFWM?= =?us-ascii?Q?jVn7+OO18v9a9wWpYZTobmzZCxpDTMD03vTQ3UAnpRosbC4aNb+pN5Npq6CE?= =?us-ascii?Q?oB0pz6Qyqj5VoaQTBe2YCx8BWLEqcVwXKCU6aCLdURJ6BinkWR7pjmP1lCng?= =?us-ascii?Q?h3eWS2Y+/kiBp44oWYxOdH12HRS5GbbwESmjsVwNvlHZ54CqhYO+S42g6yc4?= =?us-ascii?Q?jUCe7F2dE/H056PoOMmgcL98kMMiGqw+Rw8PrwyF?= X-OriginatorOrg: oracle.com X-MS-Exchange-CrossTenant-Network-Message-Id: 73cb04b5-0aa1-4f06-633b-08daadc4808b X-MS-Exchange-CrossTenant-AuthSource: BLAPR10MB5138.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 14 Oct 2022 09:14:31.0191 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 4e2c6054-71cb-48f1-bd6c-3a9705aca71b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: iu2kVVMgmiIvbQssz4/Zjz6ziUwG5aVOUUQGgCdx8RpgSOtnCvrcJ3hplbLmEOgEWLfANS90fOskpAJIpsJLhA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR10MB5580 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-10-14_05,2022-10-13_01,2022-06-22_01 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 mlxlogscore=999 bulkscore=0 adultscore=0 malwarescore=0 phishscore=0 suspectscore=0 mlxscore=0 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210140053 X-Proofpoint-ORIG-GUID: GHjnd8fyof25j4H6N7rr8AKbAWh0FF9l X-Proofpoint-GUID: GHjnd8fyof25j4H6N7rr8AKbAWh0FF9l Received-SPF: pass client-ip=205.220.177.32; envelope-from=darren.kenny@oracle.com; helo=mx0b-00069f02.pphosted.com X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 Oct 2022 09:14:43 -0000 Hi Alec, This looks good, thanks for fixing it. On Thursday, 2022-10-13 at 22:13:44 +01, Alec Brown wrote: > In the function grub_cryptodisk_endecrypt(), a for loop is incrementing the > variable i by (1U << log_sector_size). The variable i is of type grub_size_t > which is a 64-bit unsigned integer on x86_64 architecture. On the other hand, 1U > is a 32-bit unsigned integer. By performing a left shift between these two > values of different types, there may be potential for an integer overflow. To > avoid this, we replace 1U with (grub_size_t) 1. > > Fixes: CID 307788 > > Signed-off-by: Alec Brown Reviewed-by: Darren Kenny Thanks, Darren. > --- > grub-core/disk/cryptodisk.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/grub-core/disk/cryptodisk.c b/grub-core/disk/cryptodisk.c > index 9f5dc7acb..cdcb882ca 100644 > --- a/grub-core/disk/cryptodisk.c > +++ b/grub-core/disk/cryptodisk.c > @@ -239,7 +239,7 @@ grub_cryptodisk_endecrypt (struct grub_cryptodisk *dev, > return (do_encrypt ? grub_crypto_ecb_encrypt (dev->cipher, data, data, len) > : grub_crypto_ecb_decrypt (dev->cipher, data, data, len)); > > - for (i = 0; i < len; i += (1U << log_sector_size)) > + for (i = 0; i < len; i += ((grub_size_t) 1 << log_sector_size)) > { > grub_size_t sz = ((dev->cipher->cipher->blocksize > + sizeof (grub_uint32_t) - 1) > -- > 2.27.0