grub

Clone
Source Code
GIT

1066336 luks: Fix out-of-bounds copy of UUID

1 file Authored by Patrick Steinhardt 3 years ago, Committed by Daniel Kiper 3 years ago,
raw patch tree parent
1 file changed. 2 lines added. 1 lines removed.
grub-core/disk/luks.c
file modified
+2 -1 
    luks: Fix out-of-bounds copy of UUID
    
    When configuring a LUKS disk, we copy over the UUID from the LUKS header
    into the new grub_cryptodisk_t structure via grub_memcpy(). As size
    we mistakenly use the size of the grub_cryptodisk_t UUID field, which
    is guaranteed to be strictly bigger than the LUKS UUID field we're
    copying. As a result, the copy always goes out-of-bounds and copies some
    garbage from other surrounding fields. During runtime, this isn't
    noticed due to the fact that we always NUL-terminate the UUID and thus
    never hit the trailing garbage.
    
    Fix the issue by using the size of the local stripped UUID field.
    
    Signed-off-by: Patrick Steinhardt <ps@pks.im>
    Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
file modified
+2 -1
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.