X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Fcryptsetup%2Fcryptsetup.c;h=94570eb82d07ac9b836907d86b8cadfb34305176;hb=74a550c5d8228e58b936dd70e183f633bf373632;hp=a647a94e6e52ffa47d8d0147bff80477a4ad05de;hpb=9fa1de965a0954dcb6d855ebe0513077515a0daa;p=elogind.git

diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c
index a647a94e6..94570eb82 100644
--- a/src/cryptsetup/cryptsetup.c
+++ b/src/cryptsetup/cryptsetup.c
@@ -88,6 +88,13 @@ static int parse_one_option(const char *option) {
                         return 0;
                 }
 
+                if (arg_key_size % 8) {
+                        log_error("size= not a multiple of 8, ignoring.");
+                        return 0;
+                }
+
+                arg_key_size /= 8;
+
         } else if (startswith(option, "key-slot=")) {
 
                 arg_type = CRYPT_LUKS1;
@@ -168,16 +175,16 @@ static int parse_one_option(const char *option) {
 }
 
 static int parse_options(const char *options) {
-        char *state, *w;
+        const char *word, *state;
         size_t l;
         int r;
 
         assert(options);
 
-        FOREACH_WORD_SEPARATOR(w, l, options, ",", state) {
+        FOREACH_WORD_SEPARATOR(word, l, options, ",", state) {
                 _cleanup_free_ char *o;
 
-                o = strndup(w, l);
+                o = strndup(word, l);
                 if (!o)
                         return -ENOMEM;
                 r = parse_one_option(o);
@@ -337,7 +344,7 @@ static int attach_tcrypt(struct crypt_device *cd,
 
         assert(cd);
         assert(name);
-        assert(key_file || passwords);
+        assert(key_file || (passwords && passwords[0]));
 
         if (arg_tcrypt_hidden)
                 params.flags |= CRYPT_TCRYPT_HIDDEN_HEADER;
@@ -414,7 +421,7 @@ static int attach_luks_or_plain(struct crypt_device *cd,
                 /* for CRYPT_PLAIN limit reads
                  * from keyfile to key length, and
                  * ignore keyfile-size */
-                arg_keyfile_size = arg_key_size / 8;
+                arg_keyfile_size = arg_key_size;
 
                 /* In contrast to what the name
                  * crypt_setup() might suggest this
@@ -542,13 +549,18 @@ int main(int argc, char *argv[]) {
                         description = NULL;
                 }
 
+                k = 0;
                 if (mount_point && description)
-                        asprintf(&name_buffer, "%s (%s) on %s", description, argv[2], mount_point);
+                        k = asprintf(&name_buffer, "%s (%s) on %s", description, argv[2], mount_point);
                 else if (mount_point)
-                        asprintf(&name_buffer, "%s on %s", argv[2], mount_point);
+                        k = asprintf(&name_buffer, "%s on %s", argv[2], mount_point);
                 else if (description)
-                        asprintf(&name_buffer, "%s (%s)", description, argv[2]);
+                        k = asprintf(&name_buffer, "%s (%s)", description, argv[2]);
 
+                if (k < 0) {
+                        log_oom();
+                        goto finish;
+                }
                 name = name_buffer ? name_buffer : argv[2];
 
                 k = crypt_init(&cd, argv[3]);
@@ -577,7 +589,7 @@ int main(int argc, char *argv[]) {
                 else
                         until = 0;
 
-                arg_key_size = (arg_key_size > 0 ? arg_key_size : 256);
+                arg_key_size = (arg_key_size > 0 ? arg_key_size : (256 / 8));
 
                 if (key_file) {
                         struct stat st;