Bug 2213277

Summary: stratisd invocation of CryptContextHandle::format() allows undefined behavior
Product: Red Hat Enterprise Linux 9 Reporter: Bryan Gurney <bgurney>
Component: stratisdAssignee: Bryan Gurney <bgurney>
Status: VERIFIED --- QA Contact: Filip Suba <fsuba>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 9.2CC: amulhern, cwei, dkeefe
Target Milestone: rcKeywords: Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: stratisd-3.5.7-1.el9 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Bryan Gurney 2023-06-07 17:37:16 UTC 
Description of problem:
The libcryptsetup-rs library's external API allows
clients to invoke the CryptContextHandle::format() and some other
methods while passing a parameter in a way that could result in
undefined behavior. This undefined behavior was first made evident by
the Rust 1.70 toolchain and has only been observed when
libcryptsetup-rs is compiled with the Rust 1.70 toolchain. Since
stratisd invokes the forrmat() method in a way that allows this
undefined  behavior ,all stratisd invocations of the format() method
may fail with an EINVAL, so that stratisd is unable to format
encrypted devices and consequently unable to create encrypted pools.

Version-Release number of selected component (if applicable):
stratisd-3.5.5-1.el9

How reproducible:
Likely 100%

Steps to Reproduce:
1. Build stratisd with Rust 1.70. The current released version of
stratisd will not demonstrate the error because that release was
packaged using a prior Rust version.

2. Create an encrypted pool using stratis-cli
3. The pool is not created; an error is returned.

Actual results:
The pool is not created and an error is returned.

Expected results:
The pool is created without an error.

Additional info:
stratisd 3.5.7 fixes the problem by requiring libcryptsetup-rs 0.8.0
which removes the undefined behavior in the format() method.
Comment 1 Bryan Gurney 2023-06-08 19:16:41 UTC 
Posted CentOS Stream merge request:
https://gitlab.com/redhat/centos-stream/rpms/stratisd/-/merge_requests/21
Comment 4 Filip Suba 2023-07-03 08:24:44 UTC 
Verified with stratisd-3.5.7-1.el9.