VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Driver
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2014-10-26 00:58:49 +0200
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2014-11-08 23:24:27 +0100
commitf7d8e565b47c1577830f7b9d44b77480d83d9aee (patch)
tree7cc5169a43a77258cf57781098e3b4a23ce0325a /src/Driver
parent3f2e20e33941c51b3956adc4e653c2ec7457238e (diff)
downloadVeraCrypt-f7d8e565b47c1577830f7b9d44b77480d83d9aee.tar.gz
VeraCrypt-f7d8e565b47c1577830f7b9d44b77480d83d9aee.zip
Windows Driver Sanity check: check that the password length passed from the bootloader is less than or equal to 64 before using it.
Diffstat (limited to 'src/Driver')
-rw-r--r--src/Driver/DriveFilter.c38
1 files changed, 21 insertions, 17 deletions
diff --git a/src/Driver/DriveFilter.c b/src/Driver/DriveFilter.c
index 3d50d3d8..eaf93329 100644
--- a/src/Driver/DriveFilter.c
+++ b/src/Driver/DriveFilter.c
@@ -97,28 +97,32 @@ NTSTATUS LoadBootArguments ()
TC_BUG_CHECK (STATUS_CRC_ERROR);
}
- BootLoaderSegment = bootLoaderSegment;
+ // Sanity check: for valid boot argument, the password is less than 64 bytes long
+ if (bootArguments->BootPassword.Length <= MAX_PASSWORD)
+ {
+ BootLoaderSegment = bootLoaderSegment;
- BootArgs = *bootArguments;
- BootArgsValid = TRUE;
- burn (bootArguments, sizeof (*bootArguments));
+ BootArgs = *bootArguments;
+ BootArgsValid = TRUE;
+ burn (bootArguments, sizeof (*bootArguments));
- BootDriveSignatureValid = TRUE;
+ BootDriveSignatureValid = TRUE;
- Dump ("BootLoaderVersion = %x\n", (int) BootArgs.BootLoaderVersion);
- Dump ("HeaderSaltCrc32 = %x\n", (int) BootArgs.HeaderSaltCrc32);
- Dump ("CryptoInfoOffset = %x\n", (int) BootArgs.CryptoInfoOffset);
- Dump ("CryptoInfoLength = %d\n", (int) BootArgs.CryptoInfoLength);
- Dump ("HiddenSystemPartitionStart = %I64u\n", BootArgs.HiddenSystemPartitionStart);
- Dump ("DecoySystemPartitionStart = %I64u\n", BootArgs.DecoySystemPartitionStart);
- Dump ("Flags = %x\n", BootArgs.Flags);
- Dump ("BootDriveSignature = %x\n", BootArgs.BootDriveSignature);
- Dump ("BootArgumentsCrc32 = %x\n", BootArgs.BootArgumentsCrc32);
+ Dump ("BootLoaderVersion = %x\n", (int) BootArgs.BootLoaderVersion);
+ Dump ("HeaderSaltCrc32 = %x\n", (int) BootArgs.HeaderSaltCrc32);
+ Dump ("CryptoInfoOffset = %x\n", (int) BootArgs.CryptoInfoOffset);
+ Dump ("CryptoInfoLength = %d\n", (int) BootArgs.CryptoInfoLength);
+ Dump ("HiddenSystemPartitionStart = %I64u\n", BootArgs.HiddenSystemPartitionStart);
+ Dump ("DecoySystemPartitionStart = %I64u\n", BootArgs.DecoySystemPartitionStart);
+ Dump ("Flags = %x\n", BootArgs.Flags);
+ Dump ("BootDriveSignature = %x\n", BootArgs.BootDriveSignature);
+ Dump ("BootArgumentsCrc32 = %x\n", BootArgs.BootArgumentsCrc32);
- if (CacheBootPassword && BootArgs.BootPassword.Length > 0)
- AddPasswordToCache (&BootArgs.BootPassword);
+ if (CacheBootPassword && BootArgs.BootPassword.Length > 0)
+ AddPasswordToCache (&BootArgs.BootPassword);
- status = STATUS_SUCCESS;
+ status = STATUS_SUCCESS;
+ }
}
MmUnmapIoSpace (mappedBootArgs, sizeof (BootArguments));