On 03/15/2011 02:02 AM, Arno Wagner wrote: > On Tue, Mar 15, 2011 at 12:45:59AM +0100, Rudolf Deilmann wrote: >> On Mon, 14 Mar 2011 23:10:37 +0100 >> On my machine, $x greater than 90 results in different internal keys >> for 'cat keyfile | cryptsetup ' and 'cryptsetup --key-file keyfile'. If >> the key-file is even large, I get at least an error message. Sample >> keyfile ( x=91 ) attached or at http://pastebin.com/PeLUZ5a4, if the >> mailing list removes attachements. > > Wups, buffer overflow or cutdown (with the later being a whole > lot better, but still a problem)? There are no fixed buffers :) Increasing LOOPAES_KEYFILE_MAXSIZE helps. (it is clearly visible in debug output - when reading from stdout, it reads 8125 bytes, but from keyfile it is limited to 8000). I will also limit LUKS keyfile in next version, mistake will cause problems (reading the whole device in locked memory -> OOPS or something like that). I guess max 8MB is enough? We have already limit on passphrase from terminal to 512 bytes. Fixed in svn already. Milan _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
