1*4882a593SmuzhiyunFrom a201ad17caa430aa710654fdf2e6ab4c8166f031 Mon Sep 17 00:00:00 2001
2*4882a593SmuzhiyunFrom: Darren Kenny <darren.kenny@oracle.com>
3*4882a593SmuzhiyunDate: Thu, 21 Jan 2021 11:38:31 +0000
4*4882a593SmuzhiyunSubject: [PATCH] disk/cryptodisk: Fix potential integer overflow
5*4882a593Smuzhiyun
6*4882a593SmuzhiyunThe encrypt and decrypt functions expect a grub_size_t. So, we need to
7*4882a593Smuzhiyunensure that the constant bit shift is using grub_size_t rather than
8*4882a593Smuzhiyununsigned int when it is performing the shift.
9*4882a593Smuzhiyun
10*4882a593SmuzhiyunFixes: CID 307788
11*4882a593Smuzhiyun
12*4882a593SmuzhiyunSigned-off-by: Darren Kenny <darren.kenny@oracle.com>
13*4882a593SmuzhiyunReviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
14*4882a593SmuzhiyunSigned-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
15*4882a593Smuzhiyun---
16*4882a593Smuzhiyun grub-core/disk/cryptodisk.c | 8 ++++----
17*4882a593Smuzhiyun 1 file changed, 4 insertions(+), 4 deletions(-)
18*4882a593Smuzhiyun
19*4882a593Smuzhiyundiff --git a/grub-core/disk/cryptodisk.c b/grub-core/disk/cryptodisk.c
20*4882a593Smuzhiyunindex 5037768..6883f48 100644
21*4882a593Smuzhiyun--- a/grub-core/disk/cryptodisk.c
22*4882a593Smuzhiyun+++ b/grub-core/disk/cryptodisk.c
23*4882a593Smuzhiyun@@ -311,10 +311,10 @@ grub_cryptodisk_endecrypt (struct grub_cryptodisk *dev,
24*4882a593Smuzhiyun 	case GRUB_CRYPTODISK_MODE_CBC:
25*4882a593Smuzhiyun 	  if (do_encrypt)
26*4882a593Smuzhiyun 	    err = grub_crypto_cbc_encrypt (dev->cipher, data + i, data + i,
27*4882a593Smuzhiyun-					   (1U << dev->log_sector_size), iv);
28*4882a593Smuzhiyun+					   ((grub_size_t) 1 << dev->log_sector_size), iv);
29*4882a593Smuzhiyun 	  else
30*4882a593Smuzhiyun 	    err = grub_crypto_cbc_decrypt (dev->cipher, data + i, data + i,
31*4882a593Smuzhiyun-					   (1U << dev->log_sector_size), iv);
32*4882a593Smuzhiyun+					   ((grub_size_t) 1 << dev->log_sector_size), iv);
33*4882a593Smuzhiyun 	  if (err)
34*4882a593Smuzhiyun 	    return err;
35*4882a593Smuzhiyun 	  break;
36*4882a593Smuzhiyun@@ -322,10 +322,10 @@ grub_cryptodisk_endecrypt (struct grub_cryptodisk *dev,
37*4882a593Smuzhiyun 	case GRUB_CRYPTODISK_MODE_PCBC:
38*4882a593Smuzhiyun 	  if (do_encrypt)
39*4882a593Smuzhiyun 	    err = grub_crypto_pcbc_encrypt (dev->cipher, data + i, data + i,
40*4882a593Smuzhiyun-					    (1U << dev->log_sector_size), iv);
41*4882a593Smuzhiyun+					    ((grub_size_t) 1 << dev->log_sector_size), iv);
42*4882a593Smuzhiyun 	  else
43*4882a593Smuzhiyun 	    err = grub_crypto_pcbc_decrypt (dev->cipher, data + i, data + i,
44*4882a593Smuzhiyun-					    (1U << dev->log_sector_size), iv);
45*4882a593Smuzhiyun+					    ((grub_size_t) 1 << dev->log_sector_size), iv);
46*4882a593Smuzhiyun 	  if (err)
47*4882a593Smuzhiyun 	    return err;
48*4882a593Smuzhiyun 	  break;
49*4882a593Smuzhiyun--
50*4882a593Smuzhiyun2.14.2
51*4882a593Smuzhiyun
52