Windows/Linux/MacOSX: Set maximum PIM value to 2147468 in order to avoid having negative values for iterations count using the formula 15000 + (PIM x 1000). Add specific error message to XML language files.

2025-11-12 03:18:26 -06:00 · 2016-05-02 14:45:22 +02:00
parent 0b914c8f5d
commit b261177b8f
50 changed files with 88 additions and 15 deletions
--- a/src/Main/CommandLineInterface.cpp
+++ b/src/Main/CommandLineInterface.cpp
@@ -414,7 +414,7 @@ namespace VeraCrypt
 				throw_err (LangString["PARAMETER_INCORRECT"] + L": " + str);
 			}

-			if (ArgNewPim < 0)
+			if (ArgNewPim < 0 || ArgNewPim > (ArgMountOptions.PartitionInSystemEncryptionScope? MAX_BOOT_PIM_VALUE: MAX_PIM_VALUE))
 				throw_err (LangString["PARAMETER_INCORRECT"] + L": " + str);
 			else if (ArgNewPim > 0 && ArgTrueCryptMode)
 				throw_err (LangString["PIM_NOT_SUPPORTED_FOR_TRUECRYPT_MODE"]);
@@ -454,7 +454,7 @@ namespace VeraCrypt
 				throw_err (LangString["PARAMETER_INCORRECT"] + L": " + str);
 			}

-			if (ArgPim < 0)
+			if (ArgPim < 0 || ArgPim > (ArgMountOptions.PartitionInSystemEncryptionScope? MAX_BOOT_PIM_VALUE: MAX_PIM_VALUE))
 				throw_err (LangString["PARAMETER_INCORRECT"] + L": " + str);
 			else if (ArgPim > 0 && ArgTrueCryptMode)
 				throw_err (LangString["PIM_NOT_SUPPORTED_FOR_TRUECRYPT_MODE"]);
@@ -491,7 +491,7 @@ namespace VeraCrypt
 			try
 			{
 				pim = StringConverter::ToInt32 (wstring (str));
-				if (pim < 0)
+				if (pim < 0 || pim > (ArgMountOptions.PartitionInSystemEncryptionScope? MAX_BOOT_PIM_VALUE: MAX_PIM_VALUE))
 					throw_err (LangString["PARAMETER_INCORRECT"] + L": " + str);
 			}
 			catch (...)
--- a/src/Main/Forms/Forms.cpp
+++ b/src/Main/Forms/Forms.cpp
@@ -3240,7 +3240,7 @@ VolumePasswordPanelBase::VolumePasswordPanelBase( wxWindow* parent, wxWindowID i
 	GridBagSizer->Add( VolumePimStaticText, wxGBPosition( 3, 0 ), wxGBSpan( 1, 1 ), wxALIGN_CENTER_VERTICAL|wxALIGN_RIGHT|wxBOTTOM|wxRIGHT, 5 );
 	
 	VolumePimTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, wxTE_PASSWORD );
-	VolumePimTextCtrl->SetMaxLength( 10 ); 
+	VolumePimTextCtrl->SetMaxLength( 7 ); 
 	GridBagSizer->Add( VolumePimTextCtrl, wxGBPosition( 3, 1 ), wxGBSpan( 1, 1 ), wxALIGN_CENTER_VERTICAL|wxBOTTOM|wxEXPAND, 5 );
 	
 	VolumePimHelpStaticText = new wxStaticText( this, wxID_ANY, _("(Empty or 0 for default iterations)"), wxDefaultPosition, wxDefaultSize, 0 );
@@ -3381,7 +3381,7 @@ VolumePimWizardPageBase::VolumePimWizardPageBase( wxWindow* parent, wxWindowID i
 	PimSizer->Add( VolumePimStaticText, 0, wxALIGN_CENTER_VERTICAL|wxALL, 5 );
 	
 	VolumePimTextCtrl = new wxTextCtrl( this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, wxTE_PASSWORD );
-	VolumePimTextCtrl->SetMaxLength( 10 ); 
+	VolumePimTextCtrl->SetMaxLength( 7 ); 
 	PimSizer->Add( VolumePimTextCtrl, 0, wxALL, 5 );
 	
 	VolumePimHelpStaticText = new wxStaticText( this, wxID_ANY, _("(Empty or 0 for default iterations)"), wxDefaultPosition, wxDefaultSize, 0 );
--- a/src/Main/Forms/MountOptionsDialog.cpp
+++ b/src/Main/Forms/MountOptionsDialog.cpp
@@ -94,13 +94,13 @@ namespace VeraCrypt
 			ProtectionPasswordPanel->GetVolumePim() : 0;
 			
 		/* invalid PIM: set focus to PIM field and stop processing */
-		if (-1 == Pim)
+		if (-1 == Pim || (PartitionInSystemEncryptionScopeCheckBox->IsChecked() && Pim > MAX_BOOT_PIM_VALUE))
 		{
 			PasswordPanel->SetFocusToPimTextCtrl();
 			return;
 		}
 		
-		if (-1 == ProtectionPim)
+		if (-1 == ProtectionPim || (PartitionInSystemEncryptionScopeCheckBox->IsChecked() && ProtectionPim > MAX_BOOT_PIM_VALUE))
 		{
 			ProtectionPasswordPanel->SetFocusToPimTextCtrl();
 			return;
--- a/src/Main/Forms/TrueCrypt.fbp
+++ b/src/Main/Forms/TrueCrypt.fbp
@@ -26270,7 +26270,7 @@
                                <property name="max_size"></property>
                                <property name="maximize_button">0</property>
                                <property name="maximum_size"></property>
-                                <property name="maxlength">10</property>
+                                <property name="maxlength">7</property>
                                <property name="min_size"></property>
                                <property name="minimize_button">0</property>
                                <property name="minimum_size"></property>
@@ -27710,7 +27710,7 @@
                                                <property name="max_size"></property>
                                                <property name="maximize_button">0</property>
                                                <property name="maximum_size"></property>
-                                                <property name="maxlength">10</property>
+                                                <property name="maxlength">7</property>
                                                <property name="min_size"></property>
                                                <property name="minimize_button">0</property>
                                                <property name="minimum_size"></property>
--- a/src/Main/Forms/VolumePasswordPanel.cpp
+++ b/src/Main/Forms/VolumePasswordPanel.cpp
@@ -63,6 +63,7 @@ namespace VeraCrypt
 		EnablePimEntry = enablePassword && (!enableConfirmation || (enablePkcs5Prf && !isMountPassword));
 		PimCheckBox->Show (EnablePimEntry);
 		VolumePimStaticText->Show (false);
+		VolumePimTextCtrl->SetMaxLength (MAX_PIM_DIGITS);
 		VolumePimTextCtrl->Show (false);
 		VolumePimHelpStaticText->Show (false);

@@ -198,7 +199,7 @@ namespace VeraCrypt
 		int colspan = isPim? 1 : 2;

 		wxTextCtrl *newTextCtrl = new wxTextCtrl (this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, display ? 0 : wxTE_PASSWORD);
-		newTextCtrl->SetMaxLength (isPim? 10 : VolumePassword::MaxSize); 
+		newTextCtrl->SetMaxLength (isPim? MAX_PIM_DIGITS : VolumePassword::MaxSize); 
 		newTextCtrl->SetValue ((*textCtrl)->GetValue());
 		newTextCtrl->SetMinSize ((*textCtrl)->GetSize());

@@ -279,7 +280,8 @@ namespace VeraCrypt
 			if (pimStr.IsEmpty())
 				return 0;
 			if (((size_t) wxNOT_FOUND == pimStr.find_first_not_of (wxT("0123456789"))) 
-				&& pimStr.ToLong (&pim))
+				&& pimStr.ToLong (&pim)
+				&& pim <= MAX_PIM_VALUE)
 				return (int) pim;
 			else
 				return -1;
--- a/src/Main/Forms/VolumePimWizardPage.cpp
+++ b/src/Main/Forms/VolumePimWizardPage.cpp
@@ -103,7 +103,7 @@ namespace VeraCrypt
 		bool display = event.IsChecked ();

 		wxTextCtrl *newTextCtrl = new wxTextCtrl (this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, display ? 0 : wxTE_PASSWORD);
-		newTextCtrl->SetMaxLength (10); 
+		newTextCtrl->SetMaxLength (MAX_PIM_DIGITS); 
 		newTextCtrl->SetValue (VolumePimTextCtrl->GetValue());
 		newTextCtrl->SetMinSize (VolumePimTextCtrl->GetSize());

--- a/src/Main/Main.h
+++ b/src/Main/Main.h
@@ -18,4 +18,9 @@
 #include "Core/Core.h"
 #include "Main/StringFormatter.h"

+#define MAX_PIM_DIGITS			7		// Maximum allowed digits in a PIM (enough for maximum value)
+#define MAX_PIM_VALUE		2147468 // Maximum value to have a positive 32-bit result for formula 15000 + (PIM x 1000)
+#define MAX_BOOT_PIM_DIGITS		5		// Maximum allowed digits in a PIM for boot (enough for 16-bit value)
+#define MAX_BOOT_PIM_VALUE	65535
+
 #endif // TC_HEADER_Main_Main
--- a/src/Main/TextUserInterface.cpp
+++ b/src/Main/TextUserInterface.cpp
@@ -182,6 +182,12 @@ namespace VeraCrypt
 				try
 				{
 					pim = (int) StringConverter::ToUInt32 (pimStr);
+					if (pim > MAX_PIM_VALUE)
+					{
+						pim = -1;
+						ShowError ("PIM_TOO_BIG");
+						continue;
+					}
 				}
 				catch (...)
 				{