Commit 9588a961 by Milan Broz

Do not alloc tcrypt keyfileon stack.

The keyfile has 1MB, it is better to run malloc for this code.
parent 88758703
......@@ -457,23 +457,28 @@ static int TCRYPT_pool_keyfile(struct crypt_device *cd,
unsigned char pool[TCRYPT_KEY_POOL_LEN],
const char *keyfile)
unsigned char data[TCRYPT_KEYFILE_LEN];
int i, j, fd, data_size;
unsigned char *data;
int i, j, fd, data_size, r = -EIO;
uint32_t crc;
log_dbg("TCRYPT: using keyfile %s.", keyfile);
data = malloc(TCRYPT_KEYFILE_LEN);
if (!data)
return -ENOMEM;
memset(data, 0, TCRYPT_KEYFILE_LEN);
fd = open(keyfile, O_RDONLY);
if (fd < 0) {
log_err(cd, _("Failed to open key file.\n"));
return -EIO;
goto out;
data_size = read_buffer(fd, data, TCRYPT_KEYFILE_LEN);
if (data_size < 0) {
log_err(cd, _("Error reading keyfile %s.\n"), keyfile);
return -EIO;
goto out;
for (i = 0, j = 0, crc = ~0U; i < data_size; i++) {
......@@ -484,11 +489,13 @@ static int TCRYPT_pool_keyfile(struct crypt_device *cd,
pool[j++] += (unsigned char)(crc);
r = 0;
crypt_memzero(&crc, sizeof(crc));
crypt_memzero(data, TCRYPT_KEYFILE_LEN);
return 0;
return r;
static int TCRYPT_init_hdr(struct crypt_device *cd,
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment