[PATCH v4 0/2] luks2: Fix decoding of digests and salts with escaped cha

grub-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH v4 0/2] luks2: Fix decoding of digests and salts with escaped cha

From:	Patrick Steinhardt
Subject:	[PATCH v4 0/2] luks2: Fix decoding of digests and salts with escaped chars
Date:	Mon, 6 Jun 2022 07:28:51 +0200

Hi,

this is the fourth version of my patch series which fixes decoding of
digests and salts in LUKS2 headers in case they happen to contain
escaped characters. While modern cryptsetup versions in fact don't
escape any characters part of the Base64 alphabet, old versions of
cryptsetup did this until v2.0.2.

Changes compared to v3:

    - Fixed the confusion between `size_t` and `grub_size_t` so that we
      consistently use the latter.

    - Improved error handling in `grub_json_unescape ()`: we now verify
      that the out-parameters are set, check for memory allocation
      errors and now return any errors encountered.

    - `luks2_base64_decode ()` now initializes the out-parameters it
      passes to `grub_json_unescape ()`.

This should address all the feedback by Glenn, except for modifying
`grub_json_unescape ()` to allow for in-place unescaping. I found the
end result to be less readable and more fragile when requiring the
caller to pass in a buffer, and we cannot make use of it right now
anyway. Thanks for your feedback!

Patrick

Patrick Steinhardt (2):
  json: Add function to unescape JSON-encoded strings
  luks2: Fix decoding of digests and salts with escaped chars

 grub-core/disk/luks2.c    |  28 +++++++++--
 grub-core/lib/json/json.c | 101 ++++++++++++++++++++++++++++++++++++++
 grub-core/lib/json/json.h |  12 +++++
 3 files changed, 137 insertions(+), 4 deletions(-)

Range-diff against v3:
1:  3055f9f2f ! 1:  c2233323a json: Add function to unescape JSON-encoded 
strings
    @@ grub-core/lib/json/json.c: grub_json_getint64 (grub_int64_t *out, const 
grub_jso
      }
     +
     +grub_err_t
    -+grub_json_unescape (char **out, size_t *outlen, const char *in, size_t 
inlen)
    ++grub_json_unescape (char **out, grub_size_t *outlen, const char *in, 
grub_size_t inlen)
     +{
     +  grub_err_t ret = GRUB_ERR_NONE;
    -+  size_t inpos, resultpos;
    ++  grub_size_t inpos, resultpos;
     +  char *result;
     +
    ++  if (!out || !outlen)
    ++    return grub_error (GRUB_ERR_BAD_ARGUMENT, "Output parameters are not 
set");
    ++
     +  result = grub_calloc (1, inlen + 1);
    ++  if (!result)
    ++    return GRUB_ERR_OUT_OF_MEMORY;
     +
     +  for (inpos = resultpos = 0; inpos < inlen; inpos++)
     +    {
    @@ grub-core/lib/json/json.c: grub_json_getint64 (grub_int64_t *out, const 
grub_jso
     +      }
     +  }
     +      else
    -+  {
     +    result[resultpos++] = in[inpos];
    -+  }
     +    }
     +
     +  *out = result;
    @@ grub-core/lib/json/json.c: grub_json_getint64 (grub_int64_t *out, const 
grub_jso
     +  if (ret != GRUB_ERR_NONE)
     +    grub_free (result);
     +
    -+  return GRUB_ERR_NONE;
    ++  return ret;
     +}
     
      ## grub-core/lib/json/json.h ##
    @@ grub-core/lib/json/json.h: extern grub_err_t 
EXPORT_FUNC(grub_json_getint64) (gr
     + * See https://datatracker.ietf.org/doc/html/rfc8259#section-7 for more
     + * information on escaping in JSON.
     + */
    -+extern grub_err_t EXPORT_FUNC(grub_json_unescape) (char **out, size_t 
*outlen,
    -+                                             const char *in, size_t 
inlen);
    ++extern grub_err_t EXPORT_FUNC(grub_json_unescape) (char **out, 
grub_size_t *outlen,
    ++                                             const char *in, grub_size_t 
inlen);
     +
      #endif
2:  69424b2d1 ! 2:  84370adba luks2: Fix decoding of digests and salts with 
escaped chars
    @@ grub-core/disk/luks2.c: luks2_scan (grub_disk_t disk, 
grub_cryptomount_args_t ca
      }
      
     +static grub_err_t
    -+luks2_base64_decode (const char *in, size_t inlen, grub_uint8_t *decoded, 
idx_t *decodedlen)
    ++luks2_base64_decode (const char *in, grub_size_t inlen, grub_uint8_t 
*decoded, idx_t *decodedlen)
     +{
    -+  size_t unescaped_len;
    -+  char *unescaped;
    ++  grub_size_t unescaped_len = 0;
    ++  char *unescaped = NULL;
     +  bool successful;
     +
     +  if (grub_json_unescape (&unescaped, &unescaped_len, in, inlen) != 
GRUB_ERR_NONE)
     +    return grub_error (GRUB_ERR_BAD_ARGUMENT, "Could not unescape Base64 
string");
     +
    -+  successful = base64_decode (unescaped, unescaped_len, (char *)decoded, 
decodedlen);
    ++  successful = base64_decode (unescaped, (size_t)unescaped_len, (char 
*)decoded, decodedlen);
     +  grub_free (unescaped);
     +  if (!successful)
     +    return grub_error (GRUB_ERR_BAD_ARGUMENT, "Could not decode Base64 
string");
-- 
2.36.1

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH v4 0/2] luks2: Fix decoding of digests and salts with escaped chars, Patrick Steinhardt <=
- [PATCH v4 1/2] json: Add function to unescape JSON-encoded strings, Patrick Steinhardt, 2022/06/06
  - Re: [PATCH v4 1/2] json: Add function to unescape JSON-encoded strings, Glenn Washburn, 2022/06/06
  - Re: [PATCH v4 1/2] json: Add function to unescape JSON-encoded strings, Daniel Kiper, 2022/06/30
- [PATCH v4 2/2] luks2: Fix decoding of digests and salts with escaped chars, Patrick Steinhardt, 2022/06/06
  - Re: [PATCH v4 2/2] luks2: Fix decoding of digests and salts with escaped chars, Glenn Washburn, 2022/06/06
  - Re: [PATCH v4 2/2] luks2: Fix decoding of digests and salts with escaped chars, Daniel Kiper, 2022/06/30

Prev by Date: Re: [PATCH v3 1/2] json: Add function to unescape JSON-encoded strings
Next by Date: [PATCH v4 1/2] json: Add function to unescape JSON-encoded strings
Previous by thread: Re: [PATCH v3 2/2] luks2: Fix decoding of digests and salts with escaped chars
Next by thread: [PATCH v4 1/2] json: Add function to unescape JSON-encoded strings
Index(es):
- Date
- Thread