VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Format
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2014-08-31 23:56:37 +0200
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2014-11-08 23:23:05 +0100
commit4fa4d6d22708231a51bdff93ef3220aa95b6fc80 (patch)
treee4ad7b2f67f98699c4964f1152120e49329ffb0d /src/Format
parente0efb36f337be3e57e528addd714e10745da6d1f (diff)
downloadVeraCrypt-4fa4d6d22708231a51bdff93ef3220aa95b6fc80.tar.gz
VeraCrypt-4fa4d6d22708231a51bdff93ef3220aa95b6fc80.zip
Windows vulnerability fix: correct possible BSOD attack targeted towards GetWipePassCount() / WipeBuffer() found by the Open Crypto Audit Project.
Diffstat (limited to 'src/Format')
-rw-r--r--src/Format/InPlace.c10
1 files changed, 9 insertions, 1 deletions
diff --git a/src/Format/InPlace.c b/src/Format/InPlace.c
index b1bfac98..5c8cb3b4 100644
--- a/src/Format/InPlace.c
+++ b/src/Format/InPlace.c
@@ -861,10 +861,18 @@ inplace_enc_read:
if (wipeAlgorithm != TC_WIPE_NONE)
{
byte wipePass;
+ int wipePassCount = GetWipePassCount (wipeAlgorithm);
+
+ if (wipePassCount <= 0)
+ {
+ SetLastError (ERROR_INVALID_PARAMETER);
+ nStatus = ERR_PARAMETER_INCORRECT;
+ goto closing_seq;
+ }
offset.QuadPart = masterCryptoInfo->EncryptedAreaStart.Value - workChunkSize;
- for (wipePass = 1; wipePass <= GetWipePassCount (wipeAlgorithm); ++wipePass)
+ for (wipePass = 1; wipePass <= wipePassCount; ++wipePass)
{
if (!WipeBuffer (wipeAlgorithm, wipeRandChars, wipePass, wipeBuffer, workChunkSize))
{