Bug#381973: [Pkg-cryptsetup-devel] Bug#381973: cryptsetup segfaults
with unsupported keysize
David Härdeman
david at hardeman.nu
Tue Nov 21 01:56:44 CET 2006
On Mon, Nov 20, 2006 at 11:42:13PM +0100, Jonas Meurer wrote:
>Hello Clemens,
>
>Debian bugreport #381973 reports that cryptsetup segfaults when an
>incompatible keysize is given as an option.
Actually I think it is whenever a keysize > 256 is used (and only when
trying to unlock the partition, not when creating it).
>Later David Härdeman analyzed the following:
>
>> During "cryptsetup luksOpen" with the previously set 448 bit (56 byte)
>> key, we'll have the following call chain:
>>
>> main -> action_luksOpen -> crypt_job -> __crypt_luks_open ->
>> LUKS_open_any_key -> LUKS_open_key -> AF_merge
>>
>> AF_merge is being called as:
>> AF_merge(AfKey,mk->key,mk->keyLength,hdr->keyblock[keyIndex].stripes);
>>
>> mk->keyLength is here (correctly) set to 56, and mk->key is a statically
>> allocated 32 byte buffer (defined as part of struct luks_masterkey in
>> luks.h).
>>
>> This will lead the last call to XORblock in AF_merge to scribble 56 - 32
>> bytes outside that buffer, thus corrupting the stack and leading to
>> interesting crashes in unrelated places later.
>
>The simplest solution would be to check whether mk->keyLength is a
>multible of eigth and exit with an error message otherwise, correct?
If I understood the LUKS parts of the code correctly...it is written
with the assumption that keysizes will not be > 256 bits. So the easiest
fix would perhaps be to refuse to create > 256 bit keyed LUKS partitions
for now...or fix the real limitation, but that requires more
understanding of the code than I have time to gather right now.
>or would that break something?
>If not, it would be rather easy to fix, and i would love to see it
>fixed in debian etch.
>
>...
> jonas
--
David Härdeman
More information about the Pkg-cryptsetup-devel
mailing list