From f83cc61c1f18420ad02fbbbef493d20508449840 Mon Sep 17 00:00:00 2001 From: Rubin Xu Date: Tue, 9 Oct 2018 16:13:38 +0100 Subject: [PATCH] Fix signedness mismatch and integer underflow persist_get_max_entries() is supposed to return an unsigned integer as the maximum number of entries but it also wrongly returns "-1" as an error condition. Also fix an issue where an unsigned subtraction in this routine could lead to integer underflow. Bug: 112731440 Test: manual Change-Id: I9672e39bef2c12156dda7806a08c52044962c178 --- cryptfs.cpp | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/cryptfs.cpp b/cryptfs.cpp index 5be29be..ae25e9a 100644 --- a/cryptfs.cpp +++ b/cryptfs.cpp @@ -2458,24 +2458,25 @@ int cryptfs_changepw(int crypt_type, const char* newpw) { static unsigned int persist_get_max_entries(int encrypted) { struct crypt_mnt_ftr crypt_ftr; unsigned int dsize; - unsigned int max_persistent_entries; /* If encrypted, use the values from the crypt_ftr, otherwise * use the values for the current spec. */ if (encrypted) { if (get_crypt_ftr_and_key(&crypt_ftr)) { - return -1; + /* Something is wrong, assume no space for entries */ + return 0; } dsize = crypt_ftr.persist_data_size; } else { dsize = CRYPT_PERSIST_DATA_SIZE; } - max_persistent_entries = - (dsize - sizeof(struct crypt_persist_data)) / sizeof(struct crypt_persist_entry); - - return max_persistent_entries; + if (dsize > sizeof(struct crypt_persist_data)) { + return (dsize - sizeof(struct crypt_persist_data)) / sizeof(struct crypt_persist_entry); + } else { + return 0; + } } static int persist_get_key(const char* fieldname, char* value) {