From: Shani Peretz <shperetz@nvidia.com>
To: <dev@dpdk.org>
Cc: <stephen@networkplumber.org>, Shani Peretz <shperetz@nvidia.com>,
<stable@dpdk.org>, Kai Ji <kai.ji@intel.com>,
Declan Doherty <declan.doherty@intel.com>,
Marcin Kerlin <marcinx.kerlin@intel.com>,
Slawomir Mrozowicz <slawomirx.mrozowicz@intel.com>,
Michal Kobylinski <michalx.kobylinski@intel.com>,
Piotr Azarewicz <piotr.azarewicz@intel.com>
Subject: [PATCH v2] app/crypto-perf: fix plaintext size exceeds buffer size
Date: Mon, 25 Aug 2025 10:14:50 +0300 [thread overview]
Message-ID: <20250825071450.25314-1-shperetz@nvidia.com> (raw)
In-Reply-To: <20250805063800.225231-1-shperetz@nvidia.com>
When test vector plaintext exceeds buffer size, only the first
max_buffer_size bytes are processed, causing incorrect digest
verification (computed vs expected mismatch).
This patch fixes this issue by checking that the plaintext size is
larger than the buffer size and returns an error with a log.
Fixes: f8be1786b1b8 ("app/crypto-perf: introduce performance test application")
Cc: stable@dpdk.org
Signed-off-by: Shani Peretz <shperetz@nvidia.com>
------------------
v2: added sizes to the log
---
.../cperf_test_vector_parsing.c | 47 +++++++++++--------
1 file changed, 27 insertions(+), 20 deletions(-)
diff --git a/app/test-crypto-perf/cperf_test_vector_parsing.c b/app/test-crypto-perf/cperf_test_vector_parsing.c
index 737d61d4af..5665fb425b 100644
--- a/app/test-crypto-perf/cperf_test_vector_parsing.c
+++ b/app/test-crypto-perf/cperf_test_vector_parsing.c
@@ -308,12 +308,19 @@ parse_entry(char *entry, struct cperf_test_vector *vector,
if (strstr(key_token, "plaintext")) {
rte_free(vector->plaintext.data);
vector->plaintext.data = data;
+
+ if (opts->test == CPERF_TEST_TYPE_VERIFY && data_length > opts->max_buffer_size) {
+ printf("Global plaintext (%u) larger than buffer_sz (%u)\n",
+ data_length, opts->max_buffer_size);
+ return -1;
+ }
+
if (tc_found)
vector->plaintext.length = data_length;
else {
if (opts->max_buffer_size > data_length) {
- printf("Global plaintext shorter than "
- "buffer_sz\n");
+ printf("Global plaintext (%u) shorter than "
+ "buffer_sz (%u)\n", data_length, opts->max_buffer_size);
return -1;
}
vector->plaintext.length = opts->max_buffer_size;
@@ -326,8 +333,8 @@ parse_entry(char *entry, struct cperf_test_vector *vector,
vector->cipher_key.length = data_length;
else {
if (opts->cipher_key_sz > data_length) {
- printf("Global cipher_key shorter than "
- "cipher_key_sz\n");
+ printf("Global cipher_key (%u) shorter than "
+ "cipher_key_sz (%u)\n", data_length, opts->cipher_key_sz);
return -1;
}
vector->cipher_key.length = opts->cipher_key_sz;
@@ -340,8 +347,8 @@ parse_entry(char *entry, struct cperf_test_vector *vector,
vector->auth_key.length = data_length;
else {
if (opts->auth_key_sz > data_length) {
- printf("Global auth_key shorter than "
- "auth_key_sz\n");
+ printf("Global auth_key (%u) shorter than "
+ "auth_key_sz (%u)\n", data_length, opts->auth_key_sz);
return -1;
}
vector->auth_key.length = opts->auth_key_sz;
@@ -354,8 +361,8 @@ parse_entry(char *entry, struct cperf_test_vector *vector,
vector->aead_key.length = data_length;
else {
if (opts->aead_key_sz > data_length) {
- printf("Global aead_key shorter than "
- "aead_key_sz\n");
+ printf("Global aead_key (%u) shorter than "
+ "aead_key_sz (%u)\n", data_length, opts->aead_key_sz);
return -1;
}
vector->aead_key.length = opts->aead_key_sz;
@@ -368,8 +375,8 @@ parse_entry(char *entry, struct cperf_test_vector *vector,
vector->cipher_iv.length = data_length;
else {
if (opts->cipher_iv_sz > data_length) {
- printf("Global cipher iv shorter than "
- "cipher_iv_sz\n");
+ printf("Global cipher iv (%u) shorter than "
+ "cipher_iv_sz (%u)\n", data_length, opts->cipher_iv_sz);
return -1;
}
vector->cipher_iv.length = opts->cipher_iv_sz;
@@ -382,8 +389,8 @@ parse_entry(char *entry, struct cperf_test_vector *vector,
vector->auth_iv.length = data_length;
else {
if (opts->auth_iv_sz > data_length) {
- printf("Global auth iv shorter than "
- "auth_iv_sz\n");
+ printf("Global auth iv (%u) shorter than "
+ "auth_iv_sz (%u)\n", data_length, opts->auth_iv_sz);
return -1;
}
vector->auth_iv.length = opts->auth_iv_sz;
@@ -396,8 +403,8 @@ parse_entry(char *entry, struct cperf_test_vector *vector,
vector->aead_iv.length = data_length;
else {
if (opts->aead_iv_sz > data_length) {
- printf("Global aead iv shorter than "
- "aead_iv_sz\n");
+ printf("Global aead iv (%u) shorter than "
+ "aead_iv_sz (%u)\n", data_length, opts->aead_iv_sz);
return -1;
}
vector->aead_iv.length = opts->aead_iv_sz;
@@ -410,8 +417,8 @@ parse_entry(char *entry, struct cperf_test_vector *vector,
vector->ciphertext.length = data_length;
else {
if (opts->max_buffer_size > data_length) {
- printf("Global ciphertext shorter than "
- "buffer_sz\n");
+ printf("Global ciphertext (%u) shorter than "
+ "buffer_sz (%u)\n", data_length, opts->max_buffer_size);
return -1;
}
vector->ciphertext.length = opts->max_buffer_size;
@@ -425,8 +432,8 @@ parse_entry(char *entry, struct cperf_test_vector *vector,
vector->aad.length = data_length;
else {
if (opts->aead_aad_sz > data_length) {
- printf("Global aad shorter than "
- "aead_aad_sz\n");
+ printf("Global aad (%u) shorter than "
+ "aead_aad_sz (%u)\n", data_length, opts->aead_aad_sz);
return -1;
}
vector->aad.length = opts->aead_aad_sz;
@@ -441,8 +448,8 @@ parse_entry(char *entry, struct cperf_test_vector *vector,
vector->digest.length = data_length;
else {
if (opts->digest_sz > data_length) {
- printf("Global digest shorter than "
- "digest_sz\n");
+ printf("Global digest (%u) shorter than "
+ "digest_sz (%u)\n", data_length, opts->digest_sz);
return -1;
}
vector->digest.length = opts->digest_sz;
--
2.34.1
prev parent reply other threads:[~2025-08-25 7:15 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-08-05 6:38 [PATCH] " Shani Peretz
2025-08-05 15:49 ` Stephen Hemminger
2025-08-25 7:14 ` Shani Peretz [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250825071450.25314-1-shperetz@nvidia.com \
--to=shperetz@nvidia.com \
--cc=declan.doherty@intel.com \
--cc=dev@dpdk.org \
--cc=kai.ji@intel.com \
--cc=marcinx.kerlin@intel.com \
--cc=michalx.kobylinski@intel.com \
--cc=piotr.azarewicz@intel.com \
--cc=slawomirx.mrozowicz@intel.com \
--cc=stable@dpdk.org \
--cc=stephen@networkplumber.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).