Blame SOURCES/0366-disk-cryptodisk-Fix-potential-integer-overflow.patch

b1bcb2
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
b1bcb2
From: Darren Kenny <darren.kenny@oracle.com>
b1bcb2
Date: Thu, 21 Jan 2021 11:38:31 +0000
b1bcb2
Subject: [PATCH] disk/cryptodisk: Fix potential integer overflow
b1bcb2
b1bcb2
The encrypt and decrypt functions expect a grub_size_t. So, we need to
b1bcb2
ensure that the constant bit shift is using grub_size_t rather than
b1bcb2
unsigned int when it is performing the shift.
b1bcb2
b1bcb2
Fixes: CID 307788
b1bcb2
b1bcb2
Signed-off-by: Darren Kenny <darren.kenny@oracle.com>
b1bcb2
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
b1bcb2
---
b1bcb2
 grub-core/disk/cryptodisk.c | 8 ++++----
b1bcb2
 1 file changed, 4 insertions(+), 4 deletions(-)
b1bcb2
b1bcb2
diff --git a/grub-core/disk/cryptodisk.c b/grub-core/disk/cryptodisk.c
b1bcb2
index f0e3a900ae3..9289acfc611 100644
b1bcb2
--- a/grub-core/disk/cryptodisk.c
b1bcb2
+++ b/grub-core/disk/cryptodisk.c
b1bcb2
@@ -303,10 +303,10 @@ grub_cryptodisk_endecrypt (struct grub_cryptodisk *dev,
b1bcb2
 	case GRUB_CRYPTODISK_MODE_CBC:
b1bcb2
 	  if (do_encrypt)
b1bcb2
 	    err = grub_crypto_cbc_encrypt (dev->cipher, data + i, data + i,
b1bcb2
-					   (1U << dev->log_sector_size), iv);
b1bcb2
+					   ((grub_size_t) 1 << dev->log_sector_size), iv);
b1bcb2
 	  else
b1bcb2
 	    err = grub_crypto_cbc_decrypt (dev->cipher, data + i, data + i,
b1bcb2
-					   (1U << dev->log_sector_size), iv);
b1bcb2
+					   ((grub_size_t) 1 << dev->log_sector_size), iv);
b1bcb2
 	  if (err)
b1bcb2
 	    return err;
b1bcb2
 	  break;
b1bcb2
@@ -314,10 +314,10 @@ grub_cryptodisk_endecrypt (struct grub_cryptodisk *dev,
b1bcb2
 	case GRUB_CRYPTODISK_MODE_PCBC:
b1bcb2
 	  if (do_encrypt)
b1bcb2
 	    err = grub_crypto_pcbc_encrypt (dev->cipher, data + i, data + i,
b1bcb2
-					    (1U << dev->log_sector_size), iv);
b1bcb2
+					    ((grub_size_t) 1 << dev->log_sector_size), iv);
b1bcb2
 	  else
b1bcb2
 	    err = grub_crypto_pcbc_decrypt (dev->cipher, data + i, data + i,
b1bcb2
-					    (1U << dev->log_sector_size), iv);
b1bcb2
+					    ((grub_size_t) 1 << dev->log_sector_size), iv);
b1bcb2
 	  if (err)
b1bcb2
 	    return err;
b1bcb2
 	  break;