From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from tansi.org (ns.km10532-04.keymachine.de [87.118.102.195]) by mail.saout.de (Postfix) with ESMTP for ; Fri, 11 Dec 2009 05:06:19 +0100 (CET) Received: from gatewagner.dyndns.org (84-74-164-239.dclient.hispeed.ch [84.74.164.239]) by tansi.org (Postfix) with ESMTP id 986E64250004 for ; Fri, 11 Dec 2009 05:06:18 +0100 (CET) Date: Fri, 11 Dec 2009 05:06:19 +0100 From: Arno Wagner Message-ID: <20091211040619.GA6979@tansi.org> References: <4B2023F1.6050306@gmx.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable In-Reply-To: <4B2023F1.6050306@gmx.net> Subject: Re: [dm-crypt] Exhaustive key reading seems to silently stop on error List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de Hmm. This seems to indeed be a bug. I gather there is no code later that distinguishes=20 EOF and error and deals with the second possibility? Arno On Wed, Dec 09, 2009 at 11:25:53PM +0100, Nico R. wrote: > Hello! >=20 > Just a minute ago, I have subscribed to this list in order to let you > know about what I have found in the cryptsetup code and which seems to > be a bug to me. >=20 > In lib/utils.c (line 450f. in cryptsetup-1.0.7; line 490f. in current > SVN revision, r132, equal to r152), we see the following code: >=20 > if(read(fd, pass + i, 1) !=3D 1 || (newline_stop && pass[i] =3D=3D '\n')) > break; >=20 > If I interpret that snipped (and its surroundings) correctly, the code > will read until EOF *or* until an error occurs. >=20 > If my interpretation is true, that code causes a problem: imagine a > hardware failure while reading the key the first two times (for > luksFormat/luksOpen). The read function returns -1 and sets errno to > EIO. cryptsetup continues with a truncated key, it seems. On a later > attempt to read the key (for luksOpen), the hardware failure is gone, > and the key can be read completely. cryptsetup will not be able to open > the encrypted partition anymore. >=20 > Please correct me if I got the code wrong?????? :-) >=20 > Thanks > --=20 > Nico >=20 > _______________________________________________ > dm-crypt mailing list > dm-crypt@saout.de > http://www.saout.de/mailman/listinfo/dm-crypt --=20 Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@wagner.nam= e=20 GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans If it's in the news, don't worry about it. The very definition of=20 "news" is "something that hardly ever happens." -- Bruce Schneier=20