mirror of
https://github.com/systemd/systemd
synced 2024-10-06 16:21:34 +00:00
veritysetup: fix memory corruption
We must copy the option string, since in one case we are called with a pointer into dynamic memory that will be freed by the caller. As discussed here: https://github.com/systemd/systemd/pull/22908/files#r839394490 Follow-up for: #22908
This commit is contained in:
parent
95cd21928f
commit
bd4dea76de
|
@ -17,7 +17,9 @@
|
|||
#include "terminal-util.h"
|
||||
|
||||
static uint32_t arg_activate_flags = CRYPT_ACTIVATE_READONLY;
|
||||
static const char *arg_root_hash_signature = NULL;
|
||||
static char *arg_root_hash_signature = NULL;
|
||||
|
||||
STATIC_DESTRUCTOR_REGISTER(arg_root_hash_signature, freep);
|
||||
|
||||
static int help(void) {
|
||||
_cleanup_free_ char *link = NULL;
|
||||
|
@ -39,13 +41,17 @@ static int help(void) {
|
|||
}
|
||||
|
||||
static int save_roothashsig_option(const char *option, bool strict) {
|
||||
int r;
|
||||
|
||||
if (path_is_absolute(option) || startswith(option, "base64:")) {
|
||||
if (!HAVE_CRYPT_ACTIVATE_BY_SIGNED_KEY)
|
||||
return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP),
|
||||
"Activation of verity device with signature requested, but cryptsetup does not support crypt_activate_by_signed_key().");
|
||||
|
||||
arg_root_hash_signature = option;
|
||||
r = free_and_strdup_warn(&arg_root_hash_signature, option);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
|
@ -60,10 +66,10 @@ static int parse_options(const char *options) {
|
|||
int r;
|
||||
|
||||
/* backward compatibility with the obsolete ROOTHASHSIG positional argument */
|
||||
r = save_roothashsig_option(options, false);
|
||||
r = save_roothashsig_option(options, /* strict= */ false);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 1) {
|
||||
if (r > 0) {
|
||||
log_warning("Usage of ROOTHASHSIG positional argument is deprecated. "
|
||||
"Please use the option root-hash-signature=%s instead.", options);
|
||||
return 0;
|
||||
|
@ -99,7 +105,7 @@ static int parse_options(const char *options) {
|
|||
arg_activate_flags |= CRYPT_ACTIVATE_PANIC_ON_CORRUPTION;
|
||||
#endif
|
||||
else if ((val = startswith(word, "root-hash-signature="))) {
|
||||
r = save_roothashsig_option(val, true);
|
||||
r = save_roothashsig_option(val, /* strict= */ true);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
|
|
Loading…
Reference in a new issue