Thanks for catching this! KEYCTL_GET_KEYRING_ID returns -1 on error, so
e4crypt should definitely exit here. Sending the revised path.
Joe
On Sat, Apr 1, 2017 at 9:24 AM, Theodore Ts'o <tytso@xxxxxxx> wrote:
> On Mon, Mar 20, 2017 at 08:34:36PM +0000, Joe Richey wrote:
>> + if (keyring_id == KEY_SPEC_SESSION_KEYRING) {
>> + keyring_id = keyctl(KEYCTL_GET_KEYRING_ID, keyring_id, 0);
>> + if (keyring_id < 0)
>> + printf("Could not get session keyring.\n");
>> + }
>> rc = add_key(EXT2FS_KEY_TYPE_LOGON, key_ref_full, (void *)&key,
>> sizeof(key), keyring_id);
>
> Are you sure this is right? If keyring_id is negative, we'll print
> the warning/error message --- and then pass the negative keyring_id to
> add_key. Is that going to do the right thing?
>
> - Ted
