Bug#935702: marked as done (Mapped devices of size ≥2TiB are truncated on 32-bits platforms)

[Debian Bug Tracking System]

Your message dated Sat, 31 Aug 2019 23:17:09 +0000
with message-id <e1i4cch-000j7l...@fasolo.debian.org>
and subject line Bug#935702: fixed in cryptsetup 2:2.1.0-5+deb10u2
has caused the Debian Bug report #935702,
regarding Mapped devices of size ≥2TiB are truncated on 32-bits platforms
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
935702: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935702
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: cryptsetup-bin
Version: 2:2.1.0-5
Severity: serious

Dear Maintainer,

cryptsetup in Stable contains multiple severe integer handling issues.
Created DM device's size is set incorrectly due to integer truncation.

Not only the access to protected data is lost, the integritysetup's "open" operation actually succeeds. All reads on the incorrectly created DM device will of course fail with I/O errors due to bad integrity tags, but all writes will happily write wrong tags at wrong places! This makes it very easy for the administrator to destroy the data while trying to recover with --integrity-recovery-mode.

The issue is caused by a new set of functions "dm_*_target_set", introduced with cryptsetup 2:2.1.0, whose arguments use haphazardly chosen integer types, even though the actual types are easy to find.

For example, "uint64_t size" is temporarily stored in a size_t variable.

1) stored in lib/utils_dm.h: struct crypt_dm_active_device { uint64_t size, ... } 2) passed to lib/libdevmapper.c dm_*_target_set(..., (size_t)dmd.size, ...

3) stored in lib/utils_dm.h: struct dm_target { uint64_t size, ... }

Seeing such carelessness in a core crypto software makes me very uneasy.


Best,
n.b.f.

-- Notes:
64-bit systems, whose size_t is 64bit, are safe from this bug.
Partitions smaller than 2TiB (2^32 * 512) are safe from this bug.
Severity: grave may be appropriate due to the potential for data loss.

--- End Message ---

--- Begin Message ---

Source: cryptsetup
Source-Version: 2:2.1.0-5+deb10u2

We believe that the bug you reported is fixed in the latest version of
cryptsetup, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 935...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Guilhem Moulin <guil...@debian.org> (supplier of updated cryptsetup package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 26 Aug 2019 14:54:10 +0200
Source: cryptsetup
Architecture: source
Version: 2:2.1.0-5+deb10u2
Distribution: buster
Urgency: medium
Maintainer: Debian Cryptsetup Team 
<pkg-cryptsetup-de...@alioth-lists.debian.net>
Changed-By: Guilhem Moulin <guil...@debian.org>
Closes: 935702
Changes:
 cryptsetup (2:2.1.0-5+deb10u2) buster; urgency=medium
 .
   * Cherry pick upstream commit 8f8f0b32: Fix mapped segments overflow on
     32bit architectures.  Regression since 2:2.1.0-1.  (Closes: #935702)
Checksums-Sha1:
 fde100155d525dd034556a44391067022d622383 2842 cryptsetup_2.1.0-5+deb10u2.dsc
 2c4559ec0b077016ab39e4b5019774786386c67b 112312 
cryptsetup_2.1.0-5+deb10u2.debian.tar.xz
 16cf0cd7a1faf9952c0296769e1a36a6a6005061 9337 
cryptsetup_2.1.0-5+deb10u2_amd64.buildinfo
Checksums-Sha256:
 be8654f3862a7271cb313a31a862729697c92e28c4dff94d7b575d98e98d9e1a 2842 
cryptsetup_2.1.0-5+deb10u2.dsc
 f775f41955845c849659b83e324514e3b14dbf7a63a7331b9ccbcf3c77252ab0 112312 
cryptsetup_2.1.0-5+deb10u2.debian.tar.xz
 d6c88fbe8cb9bfa549ad7e7ffaa7bc39a466cda9c1c6423db1925cd2d7a34d70 9337 
cryptsetup_2.1.0-5+deb10u2_amd64.buildinfo
Files:
 447dbeb9f41865c7ceabe72f9a768c27 2842 admin optional 
cryptsetup_2.1.0-5+deb10u2.dsc
 0b06ca7e75f6faef108858ca8a1eb4e9 112312 admin optional 
cryptsetup_2.1.0-5+deb10u2.debian.tar.xz
 767e007596382b54eddeab0e58e2daf1 9337 admin optional 
cryptsetup_2.1.0-5+deb10u2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAl1lKDUACgkQ05pJnDwh
pVJ94Q//XIAMsnVtbBE9BytPil+neehdrGkb2/4cX7YRYVgsGHzDhGFbPEoM1ONS
0UeP9xK+tj46/gDnq5bSICwQBdm49ntHh+ABcxaXtFv9d6nf2drxtQsHRzSWFyX4
fU5BD7bnB7+NrOzNRLmV7u+arcycezQoJF/nr2X8YsbMI7kkZHLMf70BZ3lyuNMN
aA7GMSp1qj+muzZxBl4cs3dWatFW/oHR9gMjoi6H2kDVlHnPQSMaDIK8CQj0FKMH
TOAlpQ6MXu2laIOoTFLZYeDT5YSUIyIHekwEg2USf01OszaRL/KMFA7YtMbS56s6
EHgkITB/YfH11Tkb80ewIVlUXAHQTm7VT4j15hLwZXA9l3wwoPeEtCVbZjIHV3sw
cgWRwodCFQBP0+21JyyGUXccubxhqCb2elqvlTZSGtvmtjwPNa/HyaYczdRExYCp
h61iUpGbcb4RHRJIX8YcBsgG7cSPAx+qoo8Mi4mQh9u6VS9MJqvZTMWMFh8Q/VCn
uEaSQZbjyQMNf2d0+/hI2p6pmSHlxiFs526MovGOQ5G38ZByKzdtw5r62PHE0dD9
i/ap0aUj2j6fwXkY79iB649fUd118U9qVQSKl5YqpdpA+AoHI8wTX66PKq8sFHVb
O8LmfMx7llVxVC8fmb1vrwsxlc8s8osAQ7K/ZAI+CsaRjmKO+hI=
=UK1W
-----END PGP SIGNATURE-----

--- End Message ---