[dpdk-dev] [PATCH] examples/l2fwd-crypto: fix possible out-of-bounds

DPDK patches and discussions
 help / color / mirror / Atom feed

* [dpdk-dev] [PATCH] examples/l2fwd-crypto: fix possible out-of-bounds
@ 2017-07-31  4:40 Pablo de Lara
  2017-07-31 20:47 ` Thomas Monjalon
  0 siblings, 1 reply; 2+ messages in thread
From: Pablo de Lara @ 2017-07-31  4:40 UTC (permalink / raw)
  To: declan.doherty; +Cc: dev, Pablo de Lara

rte_cryptodev_socket_id() returns the socket id of
a crypto device, unless the device id is not valid,
in which case, it returns -1.
This should not happen, as the device id is controlled
by the application, but just for safety, a check is added.

Coverity issue: 158628, 158638, 158656, 158662
Fixes: b3bbd9e5f265 ("cryptodev: support device independent sessions")

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
 examples/l2fwd-crypto/main.c | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/examples/l2fwd-crypto/main.c b/examples/l2fwd-crypto/main.c
index 83446f3..f020be3 100644
--- a/examples/l2fwd-crypto/main.c
+++ b/examples/l2fwd-crypto/main.c
@@ -662,7 +662,12 @@ initialize_crypto_session(struct l2fwd_crypto_options *options, uint8_t cdev_id)
 {
 	struct rte_crypto_sym_xform *first_xform;
 	struct rte_cryptodev_sym_session *session;
-	uint8_t socket_id = rte_cryptodev_socket_id(cdev_id);
+	int retval = rte_cryptodev_socket_id(cdev_id);
+
+	if (retval < 0)
+		return NULL;
+
+	uint8_t socket_id = (uint8_t) retval;
 	struct rte_mempool *sess_mp = session_pool_socket[socket_id];
 
 	if (options->xform_chain == L2FWD_CRYPTO_AEAD) {
@@ -1996,7 +2001,14 @@ initialize_cryptodevs(struct l2fwd_crypto_options *options, unsigned nb_ports,
 			cdev_id++) {
 		struct rte_cryptodev_qp_conf qp_conf;
 		struct rte_cryptodev_info dev_info;
-		uint8_t socket_id = rte_cryptodev_socket_id(cdev_id);
+		retval = rte_cryptodev_socket_id(cdev_id);
+
+		if (retval < 0) {
+			printf("Invalid crypto device id used\n");
+			return -1;
+		}
+
+		uint8_t socket_id = (uint8_t) retval;
 
 		struct rte_cryptodev_config conf = {
 			.nb_queue_pairs = 1,
-- 
2.9.4

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: [dpdk-dev] [PATCH] examples/l2fwd-crypto: fix possible out-of-bounds
  2017-07-31  4:40 [dpdk-dev] [PATCH] examples/l2fwd-crypto: fix possible out-of-bounds Pablo de Lara
@ 2017-07-31 20:47 ` Thomas Monjalon
  0 siblings, 0 replies; 2+ messages in thread
From: Thomas Monjalon @ 2017-07-31 20:47 UTC (permalink / raw)
  To: Pablo de Lara; +Cc: dev, declan.doherty

31/07/2017 06:40, Pablo de Lara:
> rte_cryptodev_socket_id() returns the socket id of
> a crypto device, unless the device id is not valid,
> in which case, it returns -1.
> This should not happen, as the device id is controlled
> by the application, but just for safety, a check is added.
> 
> Coverity issue: 158628, 158638, 158656, 158662
> Fixes: b3bbd9e5f265 ("cryptodev: support device independent sessions")
> 
> Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

Applied, thanks

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2017-07-31 20:47 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-07-31  4:40 [dpdk-dev] [PATCH] examples/l2fwd-crypto: fix possible out-of-bounds Pablo de Lara
2017-07-31 20:47 ` Thomas Monjalon

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).