[PATCH v8 05/18] luks2: Make sure all fields of output argument in luks2_parse_digest() are written to

Glenn Washburn Tue, 08 Dec 2020 14:58:52 -0800

We should assume that the output argument "out" is uninitialized and could
have random data. So, make sure to initialize the segments and keyslots bit
fields because potentially not all bits of those fields are written to.
Otherwise, the digest could say it belongs to keyslots and segments that it
does not.


Signed-off-by: Glenn Washburn <developm...@efficientek.com>
Reviewed-by: Daniel Kiper <daniel.ki...@oracle.com>
Reviewed-by: Patrick Steinhardt <p...@pks.im>
---
 grub-core/disk/luks2.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/grub-core/disk/luks2.c b/grub-core/disk/luks2.c
index 402926680..9b19d35c1 100644
--- a/grub-core/disk/luks2.c
+++ b/grub-core/disk/luks2.c
@@ -230,6 +230,7 @@ luks2_parse_digest (grub_luks2_digest_t *out, const 
grub_json_t *digest)
     return grub_error (GRUB_ERR_BAD_ARGUMENT,
                       "Digest references no segments");
 
+  out->segments = 0;
   for (i = 0; i < size; i++)
     {
       if (grub_json_getchild (&o, &segments, i) ||
@@ -242,6 +243,7 @@ luks2_parse_digest (grub_luks2_digest_t *out, const 
grub_json_t *digest)
     return grub_error (GRUB_ERR_BAD_ARGUMENT,
                       "Digest references no keyslots");
 
+  out->keyslots = 0;
   for (i = 0; i < size; i++)
     {
       if (grub_json_getchild (&o, &keyslots, i) ||
-- 
2.27.0


_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel

[PATCH v8 05/18] luks2: Make sure all fields of output argument in luks2_parse_digest() are written to

Reply via email to