disk/cryptodisk: Fix potential integer overflow

The encrypt and decrypt functions expect a grub_size_t. So, we need to
ensure that the constant bit shift is using grub_size_t rather than
unsigned int when it is performing the shift.

Fixes: CID 307788
Signed-off-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>

diff --git a/grub-core/disk/cryptodisk.c b/grub-core/disk/cryptodisk.c
index b62835accb8fdc2c5629e3ab87a9e5703f3f8ff4..41866c62de2e331984f05a7777d8c4c07c85b54e 100644 (file)
--- a/grub-core/disk/cryptodisk.c
+++ b/grub-core/disk/cryptodisk.c
@@ -325,10 +325,10 @@ grub_cryptodisk_endecrypt (struct grub_cryptodisk *dev,
        case GRUB_CRYPTODISK_MODE_CBC:
          if (do_encrypt)
            err = grub_crypto_cbc_encrypt (dev->cipher, data + i, data + i,
-                                          (1U << log_sector_size), iv);
+                                          ((grub_size_t) 1 << log_sector_size), iv);
          else
            err = grub_crypto_cbc_decrypt (dev->cipher, data + i, data + i,
-                                          (1U << log_sector_size), iv);
+                                          ((grub_size_t) 1 << log_sector_size), iv);
          if (err)
            return err;
          break;
@@ -336,10 +336,10 @@ grub_cryptodisk_endecrypt (struct grub_cryptodisk *dev,
        case GRUB_CRYPTODISK_MODE_PCBC:
          if (do_encrypt)
            err = grub_crypto_pcbc_encrypt (dev->cipher, data + i, data + i,
-                                           (1U << log_sector_size), iv);
+                                           ((grub_size_t) 1 << log_sector_size), iv);
          else
            err = grub_crypto_pcbc_decrypt (dev->cipher, data + i, data + i,
-                                           (1U << log_sector_size), iv);
+                                           ((grub_size_t) 1 << log_sector_size), iv);
          if (err)
            return err;
          break;