This project has moved and is read-only. For the latest updates, please go here.

VirtualBox crash with scan for hidden sectors

Topics: Users Discussion
Nov 21, 2014 at 8:30 PM
Edited Nov 21, 2014 at 9:09 PM
Maybe you want to report the bug in VirtualBox over at Oracles Bugtracker when using the VeraCrypt System Encryption and scanning for hidden sectors, the VirtualBox-Instance crashes, even the neweset release from today ^^

tried it with Windows 7 x86 as guest and veracrypt 1.0f-beta

Nov 22, 2014 at 8:46 AM
Thank you for reporting this.
Just to understand correctly, the crash happens during the process of creation a the hidden operating system? Did you resize the VirtualBox vdi file recently?
Nov 22, 2014 at 8:52 AM
No it happens while it scans for the hidden sectors, so before any encryption is done. Sure you can skip to scan, this is not a problem for VeraCrypt but VirtualBox.
Nov 22, 2014 at 9:01 AM
OK, I see. And what about the question on resizing? I asked it because I know that VirtualBox can have issues with resized vdi files.

As you said, this is an issue in VirtualBox. Before posting a bug on their tracker, I'll try to reproduce here in order to be able to give them more details if needed.
Nov 22, 2014 at 7:15 PM
Afaik I did not resize the Disk but it it a dynamic one, I use VHD-Format. And as additional information I successfully encrypted the OS + an additional disk.
Now the size shows as:
virtual size: 25GB
real sizte: 25.01

Maybe I can try to rescan now again even if the system is completely encrypted already or I have to decrypt it.
Nov 22, 2014 at 7:38 PM
Edited Nov 22, 2014 at 7:43 PM
This may or may not be relevant but VirtualBox has introduced a new "security" feature which has caused many problems for users.

Something to do with checking signed DLL's and such.

Many users cannot even get the latest release to work at all, even without VeraCrypt installed.

Dedicated threads to the VirtualBox problem

Again here for the latest release.

There are also many other individual posts about it on their forum.
Nov 22, 2014 at 8:13 PM
Edited Nov 22, 2014 at 10:11 PM
Yes I know about the new security feature, thats why I waited long time to update, but I tested VeraCrypt startng from v 4.3.16, then 4.3.18, then 4.3.20 (because it was funny directly after I downloaded 4.3.18 some minutes later they released 4.3.20 ) and all with its current guest additions.

I am decrypting the VM currently, needs some time.


Decrypted the whole VM now and did a new scan for hidden sectors and it crashed again even if the dynamic disk was now fully filled because of the whole system encryption before.
So I think you should be able to reproduce the problem. (even if it is a VirtualBox problem and not VeraCrypt and no priority because very little impact I think ^^)

Maybe the VirtualBox devs can help out with optimized bootloader development? Did you (or L0ck :) ) ask for help anywhere where you know they should have the skills for helping out where you need help?

Thats's really the next big thing everybody is waiting I think, if VeraCrypt will support UEFI and faster boot it will be THE successor to TrueCrypt.
Jan 5, 2015 at 11:31 AM
I might up this topic, as I can confirm that VeraCrypt crashes the virtual machine (i'm using a vmdk so, it doesn't matter wether it's vdi, vhd, or anything else) when it scans for hidden sectors.

I'll submit an issue.
Jan 7, 2015 at 10:04 PM
I reproduce here the analysis I have written in the issue tracker entry for this:

In VeraCrypt, during this operation, an algorithm is implemented in order to get the real physical size of the drive that may be bigger than the one reported by the device. In this algorithm, VeraCrypt performs reader/write operations beyond the advertized size in order to check if this limit is real (some drives have extra space).

Correctly implemented drivers just return an error when we try to read or write beyond the physical size. In case of VirtualBox, the driver crashes the system.

This is a sort of Denial of Service vulnerability in VirtualBox driver because a simple call can crash the system. They clearly have to solve this issue from their side.