diff options
author | Milan Broz <gmazyland@gmail.com> | 2023-11-28 10:01:40 +0100 |
---|---|---|
committer | Milan Broz <gmazyland@gmail.com> | 2023-11-28 18:52:25 +0000 |
commit | c0dfd1178de62f380ac5b181ac42728dbc32c0ac (patch) | |
tree | d93edf575e82bc042c40b6b5a8e00b11af2923da | |
parent | b3f1f611cd3645879d067010ed946006af23412d (diff) | |
download | cryptsetup-c0dfd1178de62f380ac5b181ac42728dbc32c0ac.tar.gz |
Fix some coverity scan issues.
The read in kernel crypto backend is part of user crypto API
encryption call, we have to trust it here.
JSON fix is just one place where return code was not checked
for this particular function.
-rw-r--r-- | lib/crypto_backend/crypto_cipher_kernel.c | 1 | ||||
-rw-r--r-- | lib/luks2/luks2_digest_pbkdf2.c | 9 |
2 files changed, 8 insertions, 2 deletions
diff --git a/lib/crypto_backend/crypto_cipher_kernel.c b/lib/crypto_backend/crypto_cipher_kernel.c index 40c4246c..6b60f114 100644 --- a/lib/crypto_backend/crypto_cipher_kernel.c +++ b/lib/crypto_backend/crypto_cipher_kernel.c @@ -109,6 +109,7 @@ int crypt_cipher_init_kernel(struct crypt_cipher_kernel *ctx, const char *name, } /* The in/out should be aligned to page boundary */ +/* coverity[ -taint_source : arg-3 ] */ static int _crypt_cipher_crypt(struct crypt_cipher_kernel *ctx, const char *in, size_t in_length, char *out, size_t out_length, diff --git a/lib/luks2/luks2_digest_pbkdf2.c b/lib/luks2/luks2_digest_pbkdf2.c index 0eedb23d..cc564516 100644 --- a/lib/luks2/luks2_digest_pbkdf2.c +++ b/lib/luks2/luks2_digest_pbkdf2.c @@ -172,8 +172,13 @@ static int PBKDF2_digest_store(struct crypt_device *cd, json_object_object_add(jobj_digest, "digest", json_object_new_string(base64_str)); free(base64_str); - if (jobj_digests) - json_object_object_add_by_uint(jobj_digests, digest, jobj_digest); + if (jobj_digests) { + r = json_object_object_add_by_uint(jobj_digests, digest, jobj_digest); + if (r < 0) { + json_object_put(jobj_digest); + return r; + } + } JSON_DBG(cd, jobj_digest, "Digest JSON:"); return 0; |