On Fri, Dec 04, 2020 at 10:43:33AM -0600, Glenn Washburn wrote: > We should assume that the output argument "out" is uninitialized and could > have random data. So, make sure to initialize the segments and keyslots bit > fields because potentially not all bits of those fields are written to. > Otherwise, the digest could say it belongs to keyslots and segments that it > does not. > > Signed-off-by: Glenn Washburn <developm...@efficientek.com>
Makes sense. Signed-off-by: Patrick Steinhardt <p...@pks.im> > --- > grub-core/disk/luks2.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/grub-core/disk/luks2.c b/grub-core/disk/luks2.c > index bdb90e4b6..eadd529e9 100644 > --- a/grub-core/disk/luks2.c > +++ b/grub-core/disk/luks2.c > @@ -230,6 +230,7 @@ luks2_parse_digest (grub_luks2_digest_t *out, const > grub_json_t *digest) > return grub_error (GRUB_ERR_BAD_ARGUMENT, > "Digest references no segments"); > > + out->segments = 0; > for (i = 0; i < size; i++) > { > if (grub_json_getchild (&o, &segments, i) || > @@ -242,6 +243,7 @@ luks2_parse_digest (grub_luks2_digest_t *out, const > grub_json_t *digest) > return grub_error (GRUB_ERR_BAD_ARGUMENT, > "Digest references no keyslots"); > > + out->keyslots = 0; > for (i = 0; i < size; i++) > { > if (grub_json_getchild (&o, &keyslots, i) || > -- > 2.27.0 >
signature.asc
Description: PGP signature
_______________________________________________ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel