From 5e476b851251dd5addd39f06ebdf05bb3efb0be7 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Wed, 11 Jan 2023 10:42:05 +0100 Subject: tree-wide: fix return value handling of base64mem() This returns an ssize_t, not an int. On populare archs that's the difference between 64bit and 32bit. hence, let's be more careful here, and not silently drop half the bits on the ground by assigning the return value to "int". As noticed by @malikabhi05: https://github.com/systemd/systemd/pull/24754#discussion_r1062903159 --- src/partition/repart.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'src/partition') diff --git a/src/partition/repart.c b/src/partition/repart.c index 6802a9c874..674bb08015 100644 --- a/src/partition/repart.c +++ b/src/partition/repart.c @@ -3314,6 +3314,7 @@ static int partition_encrypt(Context *context, Partition *p, const char *node) { _cleanup_free_ void *pubkey = NULL; _cleanup_free_ void *blob = NULL, *hash = NULL; size_t secret_size, blob_size, hash_size, pubkey_size = 0; + ssize_t base64_encoded_size; uint16_t pcr_bank, primary_alg; int keyslot; @@ -3341,9 +3342,9 @@ static int partition_encrypt(Context *context, Partition *p, const char *node) { if (r < 0) return log_error_errno(r, "Failed to seal to TPM2: %m"); - r = base64mem(secret, secret_size, &base64_encoded); - if (r < 0) - return log_error_errno(r, "Failed to base64 encode secret key: %m"); + base64_encoded_size = base64mem(secret, secret_size, &base64_encoded); + if (base64_encoded_size < 0) + return log_error_errno(base64_encoded_size, "Failed to base64 encode secret key: %m"); r = cryptsetup_set_minimal_pbkdf(cd); if (r < 0) @@ -3355,7 +3356,7 @@ static int partition_encrypt(Context *context, Partition *p, const char *node) { NULL, VOLUME_KEY_SIZE, base64_encoded, - strlen(base64_encoded)); + base64_encoded_size); if (keyslot < 0) return log_error_errno(keyslot, "Failed to add new TPM2 key: %m"); -- cgit v1.2.1