1 files changed, 4 insertions, 0 deletions
diff --git a/src/Common/Password.c b/src/Common/Password.c
index ae6b8035..c0247207 100644
--- a/src/Common/Password.c
+++ b/src/Common/Password.c
@@ -344,60 +344,64 @@ int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5,
 			headerOffset.QuadPart = TC_HIDDEN_VOLUME_HEADER_OFFSET;
 			break;
 
 		}
 
 		if (!SetFilePointerEx ((HANDLE) dev, headerOffset, NULL, FILE_BEGIN))
 		{
 			nStatus = ERR_OS_ERROR;
 			goto error;
 		}
 
 		/* Read in volume header */
 		if (!ReadEffectiveVolumeHeader (bDevice, dev, buffer, &bytesRead))
 		{
 			nStatus = ERR_OS_ERROR;
 			goto error;
 		}
 
 		if (bytesRead != sizeof (buffer))
 		{
 			// Windows may report EOF when reading sectors from the last cluster of a device formatted as NTFS
 			memset (buffer, 0, sizeof (buffer));
 		}
 
 		/* Try to decrypt the header */
 
 		nStatus = ReadVolumeHeader (FALSE, buffer, oldPassword, old_pkcs5, old_pim, &cryptoInfo, NULL);
 		if (nStatus == ERR_CIPHER_INIT_WEAK_KEY)
 			nStatus = 0;	// We can ignore this error here
 
+		// if the XTS master key is vulnerable, return error and do not allow the user to change the password since the master key will not be changed
+		if ((nStatus == 0) && cryptoInfo->bVulnerableMasterKey)
+			nStatus = ERR_XTS_MASTERKEY_VULNERABLE;
+
 		if (nStatus == ERR_PASSWORD_WRONG)
 		{
 			continue;		// Try next volume type
 		}
 		else if (nStatus != 0)
 		{
 			cryptoInfo = NULL;
 			goto error;
 		}
 		else
 			break;
 	}
 
 	if (nStatus != 0)
 	{
 		cryptoInfo = NULL;
 		goto error;
 	}
 
 	if (cryptoInfo->HeaderFlags & TC_HEADER_FLAG_ENCRYPTED_SYSTEM)
 	{
 		nStatus = ERR_SYS_HIDVOL_HEAD_REENC_MODE_WRONG;
 		goto error;
 	}
 
 	// Change the PKCS-5 PRF if requested by user
 	if (pkcs5 != 0)
 		cryptoInfo->pkcs5 = pkcs5;
 
 	RandSetHashFunction (cryptoInfo->pkcs5);