From a201ad17caa430aa710654fdf2e6ab4c8166f031 Mon Sep 17 00:00:00 2001 From: Darren Kenny Date: Thu, 21 Jan 2021 11:38:31 +0000 Subject: [PATCH] disk/cryptodisk: Fix potential integer overflow The encrypt and decrypt functions expect a grub_size_t. So, we need to ensure that the constant bit shift is using grub_size_t rather than unsigned int when it is performing the shift. Fixes: CID 307788 Signed-off-by: Darren Kenny Reviewed-by: Daniel Kiper Signed-off-by: Stefan Sørensen --- grub-core/disk/cryptodisk.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/grub-core/disk/cryptodisk.c b/grub-core/disk/cryptodisk.c index 5037768..6883f48 100644 --- a/grub-core/disk/cryptodisk.c +++ b/grub-core/disk/cryptodisk.c @@ -311,10 +311,10 @@ grub_cryptodisk_endecrypt (struct grub_cryptodisk *dev, case GRUB_CRYPTODISK_MODE_CBC: if (do_encrypt) err = grub_crypto_cbc_encrypt (dev->cipher, data + i, data + i, - (1U << dev->log_sector_size), iv); + ((grub_size_t) 1 << dev->log_sector_size), iv); else err = grub_crypto_cbc_decrypt (dev->cipher, data + i, data + i, - (1U << dev->log_sector_size), iv); + ((grub_size_t) 1 << dev->log_sector_size), iv); if (err) return err; break; @@ -322,10 +322,10 @@ grub_cryptodisk_endecrypt (struct grub_cryptodisk *dev, case GRUB_CRYPTODISK_MODE_PCBC: if (do_encrypt) err = grub_crypto_pcbc_encrypt (dev->cipher, data + i, data + i, - (1U << dev->log_sector_size), iv); + ((grub_size_t) 1 << dev->log_sector_size), iv); else err = grub_crypto_pcbc_decrypt (dev->cipher, data + i, data + i, - (1U << dev->log_sector_size), iv); + ((grub_size_t) 1 << dev->log_sector_size), iv); if (err) return err; break; -- 2.14.2