From ef35553d530452ad6aa43832c8bc8ff76898181a Mon Sep 17 00:00:00 2001 From: Rubin Xu Date: Tue, 9 Oct 2018 16:05:39 +0100 Subject: [PATCH] [DO NOT MERGE] Fix signedness mismatch and integer underflow persist_get_max_entries() is supposed to return an unsigned integer as the maximum number of entries but it also wrongly returns "-1" as an error condition. Also fix an issue where an unsigned subtraction in this routine could lead to integer underflow. Bug: 112731440 Test: manual Change-Id: I9672e39bef2c12156dda7806a08c52044962c178 --- cryptfs.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/cryptfs.c b/cryptfs.c index eb9a8ed..c0012b4 100644 --- a/cryptfs.c +++ b/cryptfs.c @@ -3380,24 +3380,25 @@ int cryptfs_changepw(int crypt_type, const char *newpw) static unsigned int persist_get_max_entries(int encrypted) { struct crypt_mnt_ftr crypt_ftr; unsigned int dsize; - unsigned int max_persistent_entries; /* If encrypted, use the values from the crypt_ftr, otherwise * use the values for the current spec. */ if (encrypted) { if (get_crypt_ftr_and_key(&crypt_ftr)) { - return -1; + /* Something is wrong, assume no space for entries */ + return 0; } dsize = crypt_ftr.persist_data_size; } else { dsize = CRYPT_PERSIST_DATA_SIZE; } - max_persistent_entries = (dsize - sizeof(struct crypt_persist_data)) / - sizeof(struct crypt_persist_entry); - - return max_persistent_entries; + if (dsize > sizeof(struct crypt_persist_data)) { + return (dsize - sizeof(struct crypt_persist_data)) / sizeof(struct crypt_persist_entry); + } else { + return 0; + } } static int persist_get_key(const char *fieldname, char *value)