diff options
| author | Lennart Poettering <lennart@poettering.net> | 2023-01-11 10:42:05 +0100 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2023-01-11 10:46:08 +0100 |
| commit | 5e476b851251dd5addd39f06ebdf05bb3efb0be7 (patch) | |
| tree | 8ba503245922f61e74e146fb0dbbbb2f9f0baf8f /src/partition | |
| parent | a71e17f3e0f872b4264520ac6c4f9312b5312050 (diff) | |
| download | systemd-5e476b851251dd5addd39f06ebdf05bb3efb0be7.tar.gz | |
tree-wide: fix return value handling of base64mem()
This returns an ssize_t, not an int. On populare archs that's the
difference between 64bit and 32bit. hence, let's be more careful here,
and not silently drop half the bits on the ground by assigning the
return value to "int".
As noticed by @malikabhi05:
https://github.com/systemd/systemd/pull/24754#discussion_r1062903159
Diffstat (limited to 'src/partition')
| -rw-r--r-- | src/partition/repart.c | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/src/partition/repart.c b/src/partition/repart.c index 6802a9c874..674bb08015 100644 --- a/src/partition/repart.c +++ b/src/partition/repart.c @@ -3314,6 +3314,7 @@ static int partition_encrypt(Context *context, Partition *p, const char *node) { _cleanup_free_ void *pubkey = NULL; _cleanup_free_ void *blob = NULL, *hash = NULL; size_t secret_size, blob_size, hash_size, pubkey_size = 0; + ssize_t base64_encoded_size; uint16_t pcr_bank, primary_alg; int keyslot; @@ -3341,9 +3342,9 @@ static int partition_encrypt(Context *context, Partition *p, const char *node) { if (r < 0) return log_error_errno(r, "Failed to seal to TPM2: %m"); - r = base64mem(secret, secret_size, &base64_encoded); - if (r < 0) - return log_error_errno(r, "Failed to base64 encode secret key: %m"); + base64_encoded_size = base64mem(secret, secret_size, &base64_encoded); + if (base64_encoded_size < 0) + return log_error_errno(base64_encoded_size, "Failed to base64 encode secret key: %m"); r = cryptsetup_set_minimal_pbkdf(cd); if (r < 0) @@ -3355,7 +3356,7 @@ static int partition_encrypt(Context *context, Partition *p, const char *node) { NULL, VOLUME_KEY_SIZE, base64_encoded, - strlen(base64_encoded)); + base64_encoded_size); if (keyslot < 0) return log_error_errno(keyslot, "Failed to add new TPM2 key: %m"); |