According to the LUKS specification the uuid header field is of data type
"char[]", which is defined as "a string stored as null terminated sequence
of 8-bit characters". So enforce this by adding a null byte as the last byte
of the uuid. The LUKS2 specification defers to the LUKS1 specification in
this regard.
Signed-off-by: Glenn Washburn <developm...@efficientek.com>
---
grub-core/disk/luks.c | 3 +++
grub-core/disk/luks2.c | 3 +++
2 files changed, 6 insertions(+)
diff --git a/grub-core/disk/luks.c b/grub-core/disk/luks.c
index 13103ea6a..9a7323920 100644
--- a/grub-core/disk/luks.c
+++ b/grub-core/disk/luks.c
@@ -90,6 +90,9 @@ configure_ciphers (grub_disk_t disk, const char *check_uuid,
return NULL;
}
+ /* According to the spec the uuid field is NULL terminated, so enforce it. */
+ header.uuid[sizeof(header.uuid)-1] = '\0';
+
/* Look for LUKS magic sequence. */
if (grub_memcmp (header.magic, LUKS_MAGIC, sizeof (header.magic))
|| grub_be_to_cpu16 (header.version) != 1)
diff --git a/grub-core/disk/luks2.c b/grub-core/disk/luks2.c
index 125e8609a..a7e614470 100644
--- a/grub-core/disk/luks2.c
+++ b/grub-core/disk/luks2.c
@@ -344,6 +344,9 @@ luks2_read_header (grub_disk_t disk, grub_luks2_header_t
*outhdr)
header = &secondary;
grub_memcpy (outhdr, header, sizeof (*header));
+ /* According to the spec the uuid field is NULL terminated, so enforce it. */
+ header->uuid[sizeof(header->uuid)-1] = '\0';
+
return GRUB_ERR_NONE;
}
--
2.27.0
_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
