Bug#935702: marked as done (DM device size ≥2³² 512-bits sectors is truncated on 32-bits platforms)

[Debian Bug Tracking System]

Your message dated Mon, 26 Aug 2019 12:49:00 +0000
with message-id <e1i2eqe-0003he...@fasolo.debian.org>
and subject line Bug#935702: fixed in cryptsetup 2:2.2.0-3
has caused the Debian Bug report #935702,
regarding DM device size ≥2³² 512-bits sectors is truncated on 32-bits platforms
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
935702: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935702
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: cryptsetup-bin
Version: 2:2.1.0-5
Severity: serious

Dear Maintainer,

cryptsetup in Stable contains multiple severe integer handling issues.
Created DM device's size is set incorrectly due to integer truncation.

Not only the access to protected data is lost, the integritysetup's "open" operation actually succeeds. All reads on the incorrectly created DM device will of course fail with I/O errors due to bad integrity tags, but all writes will happily write wrong tags at wrong places! This makes it very easy for the administrator to destroy the data while trying to recover with --integrity-recovery-mode.

The issue is caused by a new set of functions "dm_*_target_set", introduced with cryptsetup 2:2.1.0, whose arguments use haphazardly chosen integer types, even though the actual types are easy to find.

For example, "uint64_t size" is temporarily stored in a size_t variable.

1) stored in lib/utils_dm.h: struct crypt_dm_active_device { uint64_t size, ... } 2) passed to lib/libdevmapper.c dm_*_target_set(..., (size_t)dmd.size, ...

3) stored in lib/utils_dm.h: struct dm_target { uint64_t size, ... }

Seeing such carelessness in a core crypto software makes me very uneasy.


Best,
n.b.f.

-- Notes:
64-bit systems, whose size_t is 64bit, are safe from this bug.
Partitions smaller than 2TiB (2^32 * 512) are safe from this bug.
Severity: grave may be appropriate due to the potential for data loss.

--- End Message ---

--- Begin Message ---

Source: cryptsetup
Source-Version: 2:2.2.0-3

We believe that the bug you reported is fixed in the latest version of
cryptsetup, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 935...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Guilhem Moulin <guil...@debian.org> (supplier of updated cryptsetup package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 26 Aug 2019 12:53:45 +0200
Source: cryptsetup
Architecture: source
Version: 2:2.2.0-3
Distribution: unstable
Urgency: medium
Maintainer: Debian Cryptsetup Team 
<pkg-cryptsetup-de...@alioth-lists.debian.net>
Changed-By: Guilhem Moulin <guil...@debian.org>
Closes: 935702
Changes:
 cryptsetup (2:2.2.0-3) unstable; urgency=medium
 .
   * Cherry pick upstream commit 8f8f0b32: Fix mapped segments overflow on
     32bit architectures.  Regression since 2:2.1.0-1.  (Closes: #935702)
Checksums-Sha1:
 aa18c39135e4e40a3612040e03172b2e31012a7a 2820 cryptsetup_2.2.0-3.dsc
 02670fb0ea621b8dce171d93716cdd2f3e8fc129 113736 
cryptsetup_2.2.0-3.debian.tar.xz
 4ba1e4cd3ac58ba9e958df8a33df1dbd59469ed7 9478 
cryptsetup_2.2.0-3_amd64.buildinfo
Checksums-Sha256:
 66621f299952aff659110c086d13c8f6acf806a8e4566f9a2abb3624d8bcb6c4 2820 
cryptsetup_2.2.0-3.dsc
 139a77843abd18e2c2c5280889e363b5a6e862e132ac1c11d342ff6d2344007f 113736 
cryptsetup_2.2.0-3.debian.tar.xz
 202354d6e6020e12cbda484781cafa7f85eef28e573558c39325d50b9e4b3c94 9478 
cryptsetup_2.2.0-3_amd64.buildinfo
Files:
 a42c0256a0451be0533a0b4304123f9f 2820 admin optional cryptsetup_2.2.0-3.dsc
 a4a9b60d2da591a581c5455f70fd2cde 113736 admin optional 
cryptsetup_2.2.0-3.debian.tar.xz
 36d8b1c02adcf847fca25e12f10640a7 9478 admin optional 
cryptsetup_2.2.0-3_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAl1jvMMACgkQ05pJnDwh
pVJ3IQ/8D+NLyZAIKqgfcMBN0xv0+jVc2D6h6I8d4H85dnyK5oftXv78y1JmHq6+
Yw+jsjrBqHIlTDjGvg93sUQU4ab0ot73uHudX9NFaLhTj5aXtVDNnSBEGePofJoC
U8v8yQbLmNxHKggx8iSJTeLdYCPoXQ+RLwsfbUqzNDa5h7b9aNKq9ylqFCj5r447
+IKRoJyb4HyafXr0q3zgRWl5NKOOpGFT9a2e8FYzbj9UcbYF9iiigdMga3vz2PTK
sWci72bB3GHoYdXRnWvp8593A6DqwM6TCSWyT8JeMWIOoRc3jKBt9S0FIO+Ny2yb
t6JVnXEjpnhHzN+V38AN4BbYHwlPGijUXh7wh2BmRJQp6qAcGo+xh+vYdy+BM5Qg
mBbYDOU8B2e0/Jte/fsMclFuOrBCM8V0Xxde+nRH/K1Ir/+AY3WDx+0aJiNSoH3K
h0JJJBJJbujIlNfX/H+hSySwD65Qns5ICpLGLt5oEUEgScjaXMGW8tC3XGz1hLLb
92jpevJmullVA3ToyBwjeQLoAQsMPmxli59hgCBXDC0kiygGnenig8SEKherfccE
7n30vrYOV9UAyoberme5Pe8KrrnpNUNMVtF2tyLEm2FZDJLcLvfbyFgFcLPdUr1j
hkD144OtFKtrndhK3mu/mAuny+3xDw0/uII+QhE2vkyu+d+UH78=
=yjHp
-----END PGP SIGNATURE-----

--- End Message ---