Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2025-11-11 19:08:26 -06:00
Code Activity

Static Code Analysis: solve issues in Expander. Use real random values for wipe buffers.

Browse Source
This commit is contained in:
Mounir IDRASSI
2015-02-08 23:42:50 +01:00
parent 516da2229d
commit 608e86c7bc
1 changed files with 23 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
src/ExpandVolume/ExpandVolume.c
View File

@@ -288,6 +288,7 @@ int QueryVolumeInfo (HWND hwndDlg, const char *lpszVolume, uint64 * pHostSizeFre
break; break;
case EV_FS_TYPE_FAT: case EV_FS_TYPE_FAT:
*pSizeLimitFS = 4 * BYTES_PER_GB - 1; *pSizeLimitFS = 4 * BYTES_PER_GB - 1;
break;
default: default:
*pSizeLimitFS = (uint64)-1; *pSizeLimitFS = (uint64)-1;
} }
@@ -410,7 +411,7 @@ int ExtendFileSystem (HWND hwndDlg , char *lpszVolume, Password *pVolumePassword
if ( !GetFileSystemType(rootPath,&fs) ) if ( !GetFileSystemType(rootPath,&fs) )
{ {
dwError = GetLastError(); dwError = GetLastError();
if (dwError = ERROR_UNRECOGNIZED_VOLUME) if (dwError == ERROR_UNRECOGNIZED_VOLUME)
{ {
// raw volume with unrecognized file system -> return with no error // raw volume with unrecognized file system -> return with no error
nStatus = ERR_SUCCESS; nStatus = ERR_SUCCESS;
@@ -517,6 +518,8 @@ static int ExpandVolume (HWND hwndDlg, char *lpszVolume, Password *pVolumePasswo
BOOL bTimeStampValid = FALSE; BOOL bTimeStampValid = FALSE;
LARGE_INTEGER headerOffset; LARGE_INTEGER headerOffset;
BOOL backupHeader; BOOL backupHeader;
byte *wipeBuffer = NULL;
uint32 workChunkSize = TC_VOLUME_HEADER_GROUP_SIZE;
if (pVolumePassword->Length == 0) return -1; if (pVolumePassword->Length == 0) return -1;
@@ -858,16 +861,22 @@ static int ExpandVolume (HWND hwndDlg, char *lpszVolume, Password *pVolumePasswo
/* wipe old backup header */ /* wipe old backup header */
if ( !cryptoInfo->LegacyVolume ) if ( !cryptoInfo->LegacyVolume )
{ {
byte *wipeBuffer = NULL;
byte wipeRandChars [TC_WIPE_RAND_CHAR_COUNT]; byte wipeRandChars [TC_WIPE_RAND_CHAR_COUNT];
byte wipeRandCharsUpdate [TC_WIPE_RAND_CHAR_COUNT]; byte wipeRandCharsUpdate [TC_WIPE_RAND_CHAR_COUNT];
byte wipePass; byte wipePass;
uint32 workChunkSize = TC_VOLUME_HEADER_GROUP_SIZE;
UINT64_STRUCT unitNo; UINT64_STRUCT unitNo;
LARGE_INTEGER offset; LARGE_INTEGER offset;
WipeAlgorithmId wipeAlgorithm = TC_WIPE_35_GUTMANN; WipeAlgorithmId wipeAlgorithm = TC_WIPE_35_GUTMANN;
if ( !RandgetBytes (hwndDlg, wipeRandChars, TC_WIPE_RAND_CHAR_COUNT, TRUE)
|| !RandgetBytes (hwndDlg, wipeRandCharsUpdate, TC_WIPE_RAND_CHAR_COUNT, TRUE)
)
{
nStatus = ERR_OS_ERROR;
goto error;
}
DebugAddProgressDlgStatus(hwndDlg, "Wiping old backup header ...\r\n"); DebugAddProgressDlgStatus(hwndDlg, "Wiping old backup header ...\r\n");
wipeBuffer = (byte *) TCalloc (workChunkSize); wipeBuffer = (byte *) TCalloc (workChunkSize);
@@ -911,11 +920,21 @@ static int ExpandVolume (HWND hwndDlg, char *lpszVolume, Password *pVolumePasswo
// we don't check FlushFileBuffers() return code, because it fails for devices // we don't check FlushFileBuffers() return code, because it fails for devices
// (same implementation in password.c - a bug or not ???) // (same implementation in password.c - a bug or not ???)
} }
burn (wipeRandChars, TC_WIPE_RAND_CHAR_COUNT);
burn (wipeRandCharsUpdate, TC_WIPE_RAND_CHAR_COUNT);
} }
error: error:
dwError = GetLastError (); dwError = GetLastError ();
if (wipeBuffer)
{
burn (wipeBuffer, workChunkSize);
TCfree (wipeBuffer);
wipeBuffer = NULL;
}
burn (buffer, sizeof (buffer)); burn (buffer, sizeof (buffer));
if (cryptoInfo != NULL) if (cryptoInfo != NULL)