From: TristanInSec Date: Mon, 18 May 2026 18:39:44 +0000 (-0400) Subject: dissect: use practical 16 MiB limit instead of SSIZE_MAX X-Git-Tag: v261-rc1~106^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a190e64dfb348273c626267efa5876055939fdeb;p=thirdparty%2Fsystemd.git dissect: use practical 16 MiB limit instead of SSIZE_MAX As suggested by @yuwata, SSIZE_MAX is still too large and would cause malloc() to fail anyway. Use a 16 MiB limit which is generous compared to the typical 4 MiB maximum in cryptsetup (LUKS2_HDR_OFFSET_MAX). --- diff --git a/src/shared/dissect-image.c b/src/shared/dissect-image.c index 3aeb254fd4d..8483a16e944 100644 --- a/src/shared/dissect-image.c +++ b/src/shared/dissect-image.c @@ -446,7 +446,7 @@ static int partition_is_luks2_integrity(int part_fd, uint64_t offset, uint64_t s if (be64toh(header.hdr_len) <= LUKS2_FIXED_HDR_SIZE || offset > UINT64_MAX - be64toh(header.hdr_len)) return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Invalid LUKS header length: %" PRIu64 ".", be64toh(header.hdr_len)); - if (be64toh(header.hdr_len) - LUKS2_FIXED_HDR_SIZE > (uint64_t) SSIZE_MAX) + if (be64toh(header.hdr_len) - LUKS2_FIXED_HDR_SIZE > 16U * 1024U * 1024U) return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "LUKS header JSON area too large: %" PRIu64 ".", be64toh(header.hdr_len)); json_len = be64toh(header.hdr_len) - LUKS2_FIXED_HDR_SIZE;