if (le64toh(f->header->tail_object_offset) > (le64toh(f->header->header_size) + le64toh(f->header->arena_size)))
return -ENODATA;
- if (!VALID64(f->header->data_hash_table_offset) ||
- !VALID64(f->header->field_hash_table_offset) ||
- !VALID64(f->header->tail_object_offset) ||
- !VALID64(f->header->entry_array_offset))
+ if (!VALID64(le64toh(f->header->data_hash_table_offset)) ||
+ !VALID64(le64toh(f->header->field_hash_table_offset)) ||
+ !VALID64(le64toh(f->header->tail_object_offset)) ||
+ !VALID64(le64toh(f->header->entry_array_offset)))
+ return -ENODATA;
+
+ if (le64toh(f->header->data_hash_table_offset) < le64toh(f->header->header_size) ||
+ le64toh(f->header->field_hash_table_offset) < le64toh(f->header->header_size) ||
+ le64toh(f->header->tail_object_offset) < le64toh(f->header->header_size) ||
+ le64toh(f->header->entry_array_offset) < le64toh(f->header->header_size))
return -ENODATA;
if (f->writable) {
assert(f);
assert(ret);
+ if (size <= 0)
+ return -EINVAL;
+
/* Avoid SIGBUS on invalid accesses */
if (offset + size > (uint64_t) f->last_stat.st_size) {
/* Hmm, out of range? Let's refresh the fstat() data
if (r < 0)
return r;
-#ifdef HAVE_GCRYPT
- r = journal_file_hmac_put_object(f, OBJECT_DATA, p);
- if (r < 0)
- return r;
-#endif
-
/* The linking might have altered the window, so let's
* refresh our pointer */
r = journal_file_move_to_object(f, OBJECT_DATA, p, &o);
if (r < 0)
return r;
+#ifdef HAVE_GCRYPT
+ r = journal_file_hmac_put_object(f, OBJECT_DATA, o, p);
+ if (r < 0)
+ return r;
+#endif
+
if (ret)
*ret = o;
return r;
#ifdef HAVE_GCRYPT
- r = journal_file_hmac_put_object(f, OBJECT_ENTRY_ARRAY, q);
+ r = journal_file_hmac_put_object(f, OBJECT_ENTRY_ARRAY, o, q);
if (r < 0)
return r;
#endif
o->entry.boot_id = f->header->boot_id;
#ifdef HAVE_GCRYPT
- r = journal_file_hmac_put_object(f, OBJECT_ENTRY, np);
+ r = journal_file_hmac_put_object(f, OBJECT_ENTRY, o, np);
if (r < 0)
return r;
#endif
f->flags = flags;
f->prot = prot_from_flags(flags);
f->writable = (flags & O_ACCMODE) != O_RDONLY;
+#ifdef HAVE_XZ
f->compress = compress;
+#endif
+#ifdef HAVE_GCRYPT
f->seal = seal;
+#endif
if (mmap_cache)
f->mmap = mmap_cache_ref(mmap_cache);
#ifdef HAVE_GCRYPT
/* Try to load the FSPRG state, and if we can't, then
* just don't do sealing */
- r = journal_file_fss_load(f);
- if (r < 0)
- f->seal = false;
+ if (f->seal) {
+ r = journal_file_fss_load(f);
+ if (r < 0)
+ f->seal = false;
+ }
#endif
r = journal_file_init_header(f, template);