From: Darren Kenny <darren.kenny@oracle.com>
Date: Thu, 21 Jan 2021 11:38:31 +0000 (+0000)
Subject: disk/cryptodisk: Fix potential integer overflow
X-Git-Tag: grub-2.06-rc1~109
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a201ad17caa430aa710654fdf2e6ab4c8166f031;p=thirdparty%2Fgrub.git

disk/cryptodisk: Fix potential integer overflow

The encrypt and decrypt functions expect a grub_size_t. So, we need to
ensure that the constant bit shift is using grub_size_t rather than
unsigned int when it is performing the shift.

Fixes: CID 307788

Signed-off-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
---

diff --git a/grub-core/disk/cryptodisk.c b/grub-core/disk/cryptodisk.c
index b62835acc..41866c62d 100644
--- a/grub-core/disk/cryptodisk.c
+++ b/grub-core/disk/cryptodisk.c
@@ -325,10 +325,10 @@ grub_cryptodisk_endecrypt (struct grub_cryptodisk *dev,
 	case GRUB_CRYPTODISK_MODE_CBC:
 	  if (do_encrypt)
 	    err = grub_crypto_cbc_encrypt (dev->cipher, data + i, data + i,
-					   (1U << log_sector_size), iv);
+					   ((grub_size_t) 1 << log_sector_size), iv);
 	  else
 	    err = grub_crypto_cbc_decrypt (dev->cipher, data + i, data + i,
-					   (1U << log_sector_size), iv);
+					   ((grub_size_t) 1 << log_sector_size), iv);
 	  if (err)
 	    return err;
 	  break;
@@ -336,10 +336,10 @@ grub_cryptodisk_endecrypt (struct grub_cryptodisk *dev,
 	case GRUB_CRYPTODISK_MODE_PCBC:
 	  if (do_encrypt)
 	    err = grub_crypto_pcbc_encrypt (dev->cipher, data + i, data + i,
-					    (1U << log_sector_size), iv);
+					    ((grub_size_t) 1 << log_sector_size), iv);
 	  else
 	    err = grub_crypto_pcbc_decrypt (dev->cipher, data + i, data + i,
-					    (1U << log_sector_size), iv);
+					    ((grub_size_t) 1 << log_sector_size), iv);
 	  if (err)
 	    return err;
 	  break;