Re: [PATCH v2] grub-core/disk/cryptodisk.c: Fix unintentional integer ov

grub-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2] grub-core/disk/cryptodisk.c: Fix unintentional integer ov

From:	Daniel Kiper
Subject:	Re: [PATCH v2] grub-core/disk/cryptodisk.c: Fix unintentional integer overflow
Date:	Mon, 17 Oct 2022 17:32:25 +0200
User-agent:	NeoMutt/20170113 (1.7.2)

On Sat, Oct 15, 2022 at 11:13:09AM +0200, Patrick Steinhardt wrote:
> On Fri, Oct 14, 2022 at 05:47:08PM -0400, Alec Brown wrote:
> > In the function grub_cryptodisk_endecrypt(), a for loop is incrementing the
> > variable i by (1U << log_sector_size). The variable i is of type grub_size_t
> > which is a 64-bit unsigned integer on x86_64 architecture. On the other 
> > hand, 1U
> > is a 32-bit unsigned integer. By performing a left shift on a 32-bit value 
> > and
> > assigning it to a 64-bit variable, the 64-bit variable may have incorrect 
> > values
> > in the high 32-bits if the shift has an overflow. To avoid this, we replace 
> > 1U
> > with (grub_size_t) 1.
> >
> > Fixes: CID 307788
> >
> > Signed-off-by: Alec Brown <alec.r.brown@oracle.com>
>
> Reviewed-by: Patrick Steinhardt <ps@pks.im>

Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>

Daniel

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH v2] grub-core/disk/cryptodisk.c: Fix unintentional integer overflow, Alec Brown, 2022/10/14
- Re: [PATCH v2] grub-core/disk/cryptodisk.c: Fix unintentional integer overflow, Patrick Steinhardt, 2022/10/15
  - Re: [PATCH v2] grub-core/disk/cryptodisk.c: Fix unintentional integer overflow, Daniel Kiper <=

Prev by Date: Re: [PATCH v4 6/6] linux: ignore FDT unless we need to modify it
Next by Date: Re: [PATCH 0/2] Fixes for CIDs 86750 and 396931
Previous by thread: Re: [PATCH v2] grub-core/disk/cryptodisk.c: Fix unintentional integer overflow
Next by thread: [PATCH] multiboot: fix memory leak
Index(es):
- Date
- Thread