From 94b9956824ad302da344bf43e8040c28d8b002ab Mon Sep 17 00:00:00 2001 From: Rubin Xu Date: Tue, 9 Oct 2018 16:13:38 +0100 Subject: [PATCH] [DO NOT MERGE] Fix signedness mismatch and integer underflow persist_get_max_entries() is supposed to return an unsigned integer as the maximum number of entries but it also wrongly returns "-1" as an error condition. Also fix an issue where an unsigned subtraction in this routine could lead to integer underflow. Bug: 112731440 Test: manual Change-Id: I9672e39bef2c12156dda7806a08c52044962c178 (cherry picked from commit 19ef1ae99a0138197e43658e84d860d17912a4a0) --- cryptfs.cpp | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/cryptfs.cpp b/cryptfs.cpp index c5024ae..5a061bb 100644 --- a/cryptfs.cpp +++ b/cryptfs.cpp @@ -2544,24 +2544,25 @@ int cryptfs_changepw(int crypt_type, const char *newpw) static unsigned int persist_get_max_entries(int encrypted) { struct crypt_mnt_ftr crypt_ftr; unsigned int dsize; - unsigned int max_persistent_entries; /* If encrypted, use the values from the crypt_ftr, otherwise * use the values for the current spec. */ if (encrypted) { if (get_crypt_ftr_and_key(&crypt_ftr)) { - return -1; + /* Something is wrong, assume no space for entries */ + return 0; } dsize = crypt_ftr.persist_data_size; } else { dsize = CRYPT_PERSIST_DATA_SIZE; } - max_persistent_entries = (dsize - sizeof(struct crypt_persist_data)) / - sizeof(struct crypt_persist_entry); - - return max_persistent_entries; + if (dsize > sizeof(struct crypt_persist_data)) { + return (dsize - sizeof(struct crypt_persist_data)) / sizeof(struct crypt_persist_entry); + } else { + return 0; + } } static int persist_get_key(const char *fieldname, char *value)