[PATCH 01/11] crypto: sanity check that LUKS header strings are NUL-term

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH 01/11] crypto: sanity check that LUKS header strings are NUL-term

From:	Daniel P . Berrangé
Subject:	[PATCH 01/11] crypto: sanity check that LUKS header strings are NUL-terminated
Date:	Tue, 6 Sep 2022 09:41:37 +0100

The LUKS spec requires that header strings are NUL-terminated, and our
code relies on that. Protect against maliciously crafted headers by
adding validation.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
 crypto/block-luks.c | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/crypto/block-luks.c b/crypto/block-luks.c
index f62be6836b..27d1b34c1d 100644
--- a/crypto/block-luks.c
+++ b/crypto/block-luks.c
@@ -554,6 +554,24 @@ qcrypto_block_luks_check_header(const QCryptoBlockLUKS 
*luks, Error **errp)
         return -1;
     }
 
+    if (!memchr(luks->header.cipher_name, '\0',
+                sizeof(luks->header.cipher_name))) {
+        error_setg(errp, "LUKS header cipher name is not NUL terminated");
+        return -1;
+    }
+
+    if (!memchr(luks->header.cipher_mode, '\0',
+                sizeof(luks->header.cipher_mode))) {
+        error_setg(errp, "LUKS header cipher mode is not NUL terminated");
+        return -1;
+    }
+
+    if (!memchr(luks->header.hash_spec, '\0',
+                sizeof(luks->header.hash_spec))) {
+        error_setg(errp, "LUKS header hash spec is not NUL terminated");
+        return -1;
+    }
+
     /* Check all keyslots for corruption  */
     for (i = 0 ; i < QCRYPTO_BLOCK_LUKS_NUM_KEY_SLOTS ; i++) {
 
-- 
2.37.2

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH 02/11] crypto: enforce that LUKS stripes is always a fixed value, (continued)
- [PATCH 11/11] crypto: add test cases for many malformed LUKS header scenarios, Daniel P . Berrangé, 2022/09/06
- [PATCH 04/11] crypto: validate that LUKS payload doesn't overlap with header, Daniel P . Berrangé, 2022/09/06
  - Re: [PATCH 04/11] crypto: validate that LUKS payload doesn't overlap with header, Richard W.M. Jones, 2022/09/06
- [PATCH 09/11] crypto: quote algorithm names in error messages, Daniel P . Berrangé, 2022/09/06
- [PATCH 05/11] crypto: strengthen the check for key slots overlapping with LUKS header, Daniel P . Berrangé, 2022/09/06
- [PATCH 06/11] crypto: check that LUKS PBKDF2 iterations count is non-zero, Daniel P . Berrangé, 2022/09/06
  - Re: [PATCH 06/11] crypto: check that LUKS PBKDF2 iterations count is non-zero, Richard W.M. Jones, 2022/09/06
- [PATCH 03/11] crypto: enforce that key material doesn't overlap with LUKS header, Daniel P . Berrangé, 2022/09/06
- [PATCH 10/11] crypto: ensure LUKS tests run with GNUTLS crypto provider, Daniel P . Berrangé, 2022/09/06
- [PATCH 01/11] crypto: sanity check that LUKS header strings are NUL-terminated, Daniel P . Berrangé <=
  - Re: [PATCH 01/11] crypto: sanity check that LUKS header strings are NUL-terminated, Richard W.M. Jones, 2022/09/06
- [PATCH 07/11] crypto: split LUKS header definitions off into file, Daniel P . Berrangé, 2022/09/06
- [PATCH 08/11] crypto: split off helpers for converting LUKS header endianess, Daniel P . Berrangé, 2022/09/06
- Re: [PATCH 00/11] crypto: improve robustness of LUKS metadata validation, Richard W.M. Jones, 2022/09/06

Prev by Date: [PATCH 10/11] crypto: ensure LUKS tests run with GNUTLS crypto provider
Next by Date: [PATCH 07/11] crypto: split LUKS header definitions off into file
Previous by thread: [PATCH 10/11] crypto: ensure LUKS tests run with GNUTLS crypto provider
Next by thread: Re: [PATCH 01/11] crypto: sanity check that LUKS header strings are NUL-terminated
Index(es):
- Date
- Thread