From 06627f78c2dc0f111c2cea3e127b8c3db2bd82c6 Mon Sep 17 00:00:00 2001 From: Sergio Correia Date: Fri, 3 May 2024 16:21:16 +0100 Subject: [PATCH 1/2] udisks2: check if variables are NULL before calling unref Signed-off-by: Sergio Correia --- src/luks/udisks2/clevis-luks-udisks2.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/luks/udisks2/clevis-luks-udisks2.c b/src/luks/udisks2/clevis-luks-udisks2.c index 3a520d59..be3c53f9 100644 --- a/src/luks/udisks2/clevis-luks-udisks2.c +++ b/src/luks/udisks2/clevis-luks-udisks2.c @@ -264,8 +264,10 @@ child_main(int sock) error: g_list_free_full(ctx.lst, g_free); - g_main_loop_unref(ctx.loop); - g_object_unref(ctx.clt); + if (ctx.loop) + g_main_loop_unref(ctx.loop); + if (ctx.clt) + g_object_unref(ctx.clt); close(sock); return exit_status; } From b847cb447cf33bb041d4ffa4d15a42b0c930141b Mon Sep 17 00:00:00 2001 From: Sergio Correia Date: Sat, 4 May 2024 00:38:33 +0100 Subject: [PATCH 2/2] udisks2: check for EINTR when reading in recover_key() Also try to prevent possible overflows. Signed-off-by: Sergio Correia --- src/luks/udisks2/clevis-luks-udisks2.c | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/src/luks/udisks2/clevis-luks-udisks2.c b/src/luks/udisks2/clevis-luks-udisks2.c index be3c53f9..8b48705b 100644 --- a/src/luks/udisks2/clevis-luks-udisks2.c +++ b/src/luks/udisks2/clevis-luks-udisks2.c @@ -301,12 +301,12 @@ on_signal(int sig) safeclose(&pair[0]); } -static ssize_t -recover_key(const pkt_t *jwe, char *out, size_t max, uid_t uid, gid_t gid) +static uint32_t +recover_key(const pkt_t *jwe, char *out, int32_t max, uid_t uid, gid_t gid) { int push[2] = { -1, -1 }; int pull[2] = { -1, -1 }; - ssize_t bytes = 0; + int32_t bytes = 0; pid_t chld = 0; if (pipe(push) != 0) @@ -381,12 +381,18 @@ recover_key(const pkt_t *jwe, char *out, size_t max, uid_t uid, gid_t gid) } bytes = 0; - for (ssize_t block = 1; block > 0; bytes += block) { - block = read(pull[PIPE_RD], &out[bytes], max - bytes); - if (block < 0) { + ssize_t block = 0; + while (max > 0 && max > bytes) { + do { + block = read(pull[PIPE_RD], &out[bytes], max - bytes); + } while (block < 0 && errno == EINTR); + if (block < 0 || block < INT32_MIN || block > INT32_MAX) { kill(chld, SIGTERM); goto error; } + if (block == 0) + break; + bytes += block; } safeclose(&pull[PIPE_RD]);