Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2025-11-11 19:08:26 -06:00
Code Activity

Windows vulnerability fix: correct possible BSOD attack targeted towards GetWipePassCount() / WipeBuffer() found by the Open Crypto Audit Project.

Browse Source
This commit is contained in:
Mounir IDRASSI
2014-08-31 23:56:37 +02:00
parent e0efb36f33
commit 4fa4d6d227
5 changed files with 42 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/Format/InPlace.c
View File

@@ -861,10 +861,18 @@ inplace_enc_read:
if (wipeAlgorithm != TC_WIPE_NONE)
{
byte wipePass;
int wipePassCount = GetWipePassCount (wipeAlgorithm);
if (wipePassCount <= 0)
{
SetLastError (ERROR_INVALID_PARAMETER);
nStatus = ERR_PARAMETER_INCORRECT;
goto closing_seq;
}
offset.QuadPart = masterCryptoInfo->EncryptedAreaStart.Value - workChunkSize;
for (wipePass = 1; wipePass <= GetWipePassCount (wipeAlgorithm); ++wipePass)
for (wipePass = 1; wipePass <= wipePassCount; ++wipePass)
{
if (!WipeBuffer (wipeAlgorithm, wipeRandChars, wipePass, wipeBuffer, workChunkSize))
{