This service will be undergoing maintenance at 00:00 UTC, 2016-09-28. It is expected to last about 1 hours
Bug 444667 - cryptsetup seg-faults with SIGSEGV, when key-slot number is greater than or equal to 8 (max number of keys)
cryptsetup seg-faults with SIGSEGV, when key-slot number is greater than or e...
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: cryptsetup-luks (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Peter Jones
Fedora Extras Quality Assurance
:
Depends On: 444665
Blocks:
  Show dependency treegraph
 
Reported: 2008-04-29 16:18 EDT by Brad Hinson
Modified: 2008-04-29 17:05 EDT (History)
5 users (show)

See Also:
Fixed In Version: 1.0.6-2.fc9
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-04-29 17:05:00 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
Reverse keyIndex test in case out of range (444 bytes, patch)
2008-04-29 16:18 EDT, Brad Hinson
no flags Details | Diff

  None (edit)
Description Brad Hinson 2008-04-29 16:18:28 EDT
+++ This bug was initially created as a clone of Bug #444665 +++

Escalated to Bugzilla from IssueTracker

-- Additional comment from tao@redhat.com on 2008-04-29 16:11 EST --
LTC Owner is: gcwilson@us.ibm.com
LTC Originator is: srinivass@in.ibm.com


---Problem Description---
cryptsetup seg-faults with SIGSEGV, when key-slot number is greater than or equal
to 80(hex value of 128)
 
Contact Information = srinivass@in.ibm.com
 
---uname output---
Linux xxxx.xxxx.xxx.com 2.6.18-86.el5 #1 SMP Tue Mar 18 18:20:53 EDT 2008 s390x
s390x s390x GNU/Linux
 
Machine Type = s390x
 
---Debugger---
A debugger is not configured
 
---Steps to Reproduce---
#cryptsetup --cipher aes-cbc-plain:sha256 --verbose --verify-passphrase
luksFormat /dev/dasdc1

#cryptsetup luksOpen /dev/dasdc1 test01

#mkfs.ext3 -j -m 1 -O dir_index,filetype,sparse_super /dev/mapper/test01

#mke2fs -j /dev/mapper/test01

#mount /dev/mapper/test01 /mnt



#cryptsetup luksAddKey /dev/dasdc1

Enter any LUKS passphrase:xxxx

Verify passphrase:xxxx

key slot 0 unlocked.

Enter new passphrase for key slot:xxxx

Verify passphrase:xxxx

Command successful.


# cryptsetup luksDelKey /dev/dasdb1 1
Command failed: Key 1 not active. Can't wipe.

# cryptsetup luksDelKey /dev/dasdb1 88
Segmentation fault

# cryptsetup luksDelKey /dev/dasdb1 80
Segmentation fault

# cryptsetup luksDelKey /dev/dasdb1 79
Command failed: Key 79 not active. Can't wipe.


---Security Component Data--- 
/etc/selinux/config output: [root@h0530020 ~]# cat /etc/selinux/config 
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - SELinux is fully disabled.
SELINUX=enforcing
# SELINUXTYPE= type of policy in use. Possible values are:
#       targeted - Only targeted network daemons are protected.
#       strict - Full SELinux protection.
SELINUXTYPE=targeted


Userspace tool common name: cryptsetup
 
"rpm -qa | grep -i selinux" output: libselinux-devel-1.33.4-5.el5
selinux-policy-2.4.6-125.el5
selinux-policy-targeted-2.4.6-125.el5
libselinux-devel-1.33.4-5.el5
libselinux-1.33.4-5.el5
libselinux-1.33.4-5.el5
libselinux-python-1.33.4-5.el5


The userspace tool has the following bit modes: 64bit

Userspace rpm: cryptsetup-luks-1.0.3-2.2.el5
 

This event sent from IssueTracker by bhinson  [Support Engineering Group]
 issue 174169

-- Additional comment from tao@redhat.com on 2008-04-29 16:11 EST --
File uploaded: cryptsetup-luks-1.0.3-keyindex_segv.patch

This event sent from IssueTracker by bhinson  [Support Engineering Group]
 issue 174169
it_file 130993

-- Additional comment from tao@redhat.com on 2008-04-29 16:11 EST --
Attaching patch and test package.  Problem was an incorrect test for an
index out of range.

bhinson assigned to issue for SEG - Storage.

This event sent from IssueTracker by bhinson  [Support Engineering Group]
 issue 174169
Comment 1 Brad Hinson 2008-04-29 16:18:28 EDT
Created attachment 304154 [details]
Reverse keyIndex test in case out of range
Comment 2 Till Maas 2008-04-29 17:05:00 EDT
You set the version to rawhide, there this issue is already fixed (and in F9),
therefore I close this bug. At least the patch is already applied. Also note
that the version in rawhide is much newer than the one you tested (1.0.6 vs. 1.0.3).

Note You need to log in before you can comment on or make changes to this bug.