diff options
| author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2014-10-26 00:58:49 +0200 |
|---|---|---|
| committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2014-11-08 23:24:27 +0100 |
| commit | f7d8e565b47c1577830f7b9d44b77480d83d9aee (patch) | |
| tree | 7cc5169a43a77258cf57781098e3b4a23ce0325a | |
| parent | 3f2e20e33941c51b3956adc4e653c2ec7457238e (diff) | |
| download | VeraCrypt-f7d8e565b47c1577830f7b9d44b77480d83d9aee.tar.gz VeraCrypt-f7d8e565b47c1577830f7b9d44b77480d83d9aee.zip | |
Windows Driver Sanity check: check that the password length passed from the bootloader is less than or equal to 64 before using it.
| -rw-r--r-- | src/Driver/DriveFilter.c | 38 |
1 files changed, 21 insertions, 17 deletions
diff --git a/src/Driver/DriveFilter.c b/src/Driver/DriveFilter.c index 3d50d3d8..eaf93329 100644 --- a/src/Driver/DriveFilter.c +++ b/src/Driver/DriveFilter.c @@ -97,28 +97,32 @@ NTSTATUS LoadBootArguments () TC_BUG_CHECK (STATUS_CRC_ERROR);
}
- BootLoaderSegment = bootLoaderSegment;
+ // Sanity check: for valid boot argument, the password is less than 64 bytes long
+ if (bootArguments->BootPassword.Length <= MAX_PASSWORD)
+ {
+ BootLoaderSegment = bootLoaderSegment;
- BootArgs = *bootArguments;
- BootArgsValid = TRUE;
- burn (bootArguments, sizeof (*bootArguments));
+ BootArgs = *bootArguments;
+ BootArgsValid = TRUE;
+ burn (bootArguments, sizeof (*bootArguments));
- BootDriveSignatureValid = TRUE;
+ BootDriveSignatureValid = TRUE;
- Dump ("BootLoaderVersion = %x\n", (int) BootArgs.BootLoaderVersion);
- Dump ("HeaderSaltCrc32 = %x\n", (int) BootArgs.HeaderSaltCrc32);
- Dump ("CryptoInfoOffset = %x\n", (int) BootArgs.CryptoInfoOffset);
- Dump ("CryptoInfoLength = %d\n", (int) BootArgs.CryptoInfoLength);
- Dump ("HiddenSystemPartitionStart = %I64u\n", BootArgs.HiddenSystemPartitionStart);
- Dump ("DecoySystemPartitionStart = %I64u\n", BootArgs.DecoySystemPartitionStart);
- Dump ("Flags = %x\n", BootArgs.Flags);
- Dump ("BootDriveSignature = %x\n", BootArgs.BootDriveSignature);
- Dump ("BootArgumentsCrc32 = %x\n", BootArgs.BootArgumentsCrc32);
+ Dump ("BootLoaderVersion = %x\n", (int) BootArgs.BootLoaderVersion);
+ Dump ("HeaderSaltCrc32 = %x\n", (int) BootArgs.HeaderSaltCrc32);
+ Dump ("CryptoInfoOffset = %x\n", (int) BootArgs.CryptoInfoOffset);
+ Dump ("CryptoInfoLength = %d\n", (int) BootArgs.CryptoInfoLength);
+ Dump ("HiddenSystemPartitionStart = %I64u\n", BootArgs.HiddenSystemPartitionStart);
+ Dump ("DecoySystemPartitionStart = %I64u\n", BootArgs.DecoySystemPartitionStart);
+ Dump ("Flags = %x\n", BootArgs.Flags);
+ Dump ("BootDriveSignature = %x\n", BootArgs.BootDriveSignature);
+ Dump ("BootArgumentsCrc32 = %x\n", BootArgs.BootArgumentsCrc32);
- if (CacheBootPassword && BootArgs.BootPassword.Length > 0)
- AddPasswordToCache (&BootArgs.BootPassword);
+ if (CacheBootPassword && BootArgs.BootPassword.Length > 0)
+ AddPasswordToCache (&BootArgs.BootPassword);
- status = STATUS_SUCCESS;
+ status = STATUS_SUCCESS;
+ }
}
MmUnmapIoSpace (mappedBootArgs, sizeof (BootArguments));
|