From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 43F06A04FD; Mon, 4 Jul 2022 09:49:05 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id D286C410E5; Mon, 4 Jul 2022 09:49:04 +0200 (CEST) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mails.dpdk.org (Postfix) with ESMTP id 5E3BC40E09 for ; Mon, 4 Jul 2022 09:49:03 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1656920942; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=Sm9eo2kU+E/ENqfHR7G9agWWFwRF+YkxZO8MeLfj/Bw=; b=YDkR88MUjsethkQAsag97okIa96Lc4SwhRXC89yTnGKUMWXxIJay38l53U4GbCgGY4gGyH s2Rb4FoFe+9iDWp9DMGHR29m+zNXiQ4PO+X6JqxUm/vVDRY3hVwFhq4cDojqEI3uRVmDCD zMxgd6k4y7k+iLifIdwmR5ROSeGzCJU= Received: from mail-lj1-f198.google.com (mail-lj1-f198.google.com [209.85.208.198]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-185-0k1727VxPciFPb2GPa8IMg-1; Mon, 04 Jul 2022 03:49:01 -0400 X-MC-Unique: 0k1727VxPciFPb2GPa8IMg-1 Received: by mail-lj1-f198.google.com with SMTP id b40-20020a2ebc28000000b0025c047ea79dso2510278ljf.23 for ; Mon, 04 Jul 2022 00:49:01 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Sm9eo2kU+E/ENqfHR7G9agWWFwRF+YkxZO8MeLfj/Bw=; b=X5ZjgLOIMoHKEyxBeTuDw2CyDXkOTId0r3qQGG2GsU4udBzzmpFa/aJXrh+I+Zl93X TG5PQ2Mr4Zf10vfCxp5CMpneeC33ZceNUgFN8t1QoyOTLftzU2LEZ1rs2a9ANYwPGUqo NgEicWl8/2CfIagx8/7k7GF5dbVxCBRwHg2Z2szkh99GjVBH2N6oIKQdlSRA0dKe3j29 R46vLNZVEyfXRbHrwR1lTm2sRwhXAn3+q22SdzE93ozcYVo9pwH8vriSinqvx+RTCnb9 j/HzE3t8bPqcvy1MJSZWgZvL1Wr+zw9qBssyA2HLbt0iezZKBcpR/neNyYW2zU2ZGP/a THSA== X-Gm-Message-State: AJIora+Rob1XY7UedPlrfJN71aKDAgsmBXIMGKb3s4B3uYeM7AlhQAt3 9eimVAEr9tN1yj9hZLmazVlImAQux1wBN8NWEJYWUkYuH7PySjQyn4qPoOsdNz2o0JgbMH8ttE3 C2WoL4JqxQHaC6QZenaY= X-Received: by 2002:a05:6512:3e19:b0:47f:77d8:236c with SMTP id i25-20020a0565123e1900b0047f77d8236cmr17301351lfv.560.1656920940135; Mon, 04 Jul 2022 00:49:00 -0700 (PDT) X-Google-Smtp-Source: AGRyM1vvYEYhRbNdbX0lwUfPM5PxS2vPNR4D6jgbVILFp3pSt7Oi+ylKAsb6RB8V1Kc/co/JGwcpjUb7+bCgC3LI7o8= X-Received: by 2002:a05:6512:3e19:b0:47f:77d8:236c with SMTP id i25-20020a0565123e1900b0047f77d8236cmr17301337lfv.560.1656920939922; Mon, 04 Jul 2022 00:48:59 -0700 (PDT) MIME-Version: 1.0 References: <2acc661bc1b574166e599957c805d70eee0d3a42.1656773321.git.gmuthukrishn@marvell.com> <40cf83ba9d410a387eccfd93c04d9035f71227f2.1656773832.git.gmuthukrishn@marvell.com> In-Reply-To: <40cf83ba9d410a387eccfd93c04d9035f71227f2.1656773832.git.gmuthukrishn@marvell.com> From: David Marchand Date: Mon, 4 Jul 2022 09:48:48 +0200 Message-ID: Subject: Re: [PATCH v2] examples/fips_validation: fix memory leak in sha test To: Gowrishankar Muthukrishnan , Akhil Goyal Cc: dev , Fan Zhang , Brian Dooley , Anoob Joseph , Archana Muniganti , Jerin Jacob , Thomas Monjalon Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=dmarchan@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="UTF-8" X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org On Sat, Jul 2, 2022 at 4:59 PM Gowrishankar Muthukrishnan wrote: > > There is wrong size used for allocation of digest buffer which in > some cases cause memory corruption. Also, fixed places where memory > leak is observed. This fix would enable sha 384 and 512 NIST vectors > be supported fully. > > Fixes: 93d797d94f1 ("examples/fips_validation: add parsing for sha") This sha1 is not valid anymore, or maybe Akhil will squash the fix in the next-crypto tree before reaching main. > > Signed-off-by: Gowrishankar Muthukrishnan > --- > v2: > - doc update to support 384 and 512 sha. > --- > doc/guides/sample_app_ug/fips_validation.rst | 2 +- > examples/fips_validation/fips_validation_sha.c | 10 ++++++++-- > examples/fips_validation/main.c | 1 + > 3 files changed, 10 insertions(+), 3 deletions(-) > > diff --git a/doc/guides/sample_app_ug/fips_validation.rst b/doc/guides/sample_app_ug/fips_validation.rst > index 4b68226665..6f4bd34726 100644 > --- a/doc/guides/sample_app_ug/fips_validation.rst > +++ b/doc/guides/sample_app_ug/fips_validation.rst > @@ -63,7 +63,7 @@ ACVP > * AES-CMAC (128,192,256) - AFT > * AES-XTS (128,256) - AFT > * HMAC (SHA1, SHA224, SHA256, SHA384, SHA512) > - * SHA (1,256) - AFT, MCT > + * SHA (1, 256, 384, 512) - AFT, MCT > > > Application Information > diff --git a/examples/fips_validation/fips_validation_sha.c b/examples/fips_validation/fips_validation_sha.c > index a2928618d7..538cb6647a 100644 > --- a/examples/fips_validation/fips_validation_sha.c > +++ b/examples/fips_validation/fips_validation_sha.c > @@ -229,13 +229,19 @@ parse_test_sha_json_algorithm(void) > for (i = 0; i < RTE_DIM(phsc); i++) { > if (info.interim_info.sha_data.algo == phsc[i].algo) { > vec.cipher_auth.digest.len = atoi(phsc[i].str); > - vec.cipher_auth.digest.val = calloc(0, vec.cipher_auth.digest.len * 8); > + if (vec.cipher_auth.digest.val) > + free(vec.cipher_auth.digest.val); Unneeded if(). We just did a tree-wide cleanup to avoid these. Please don't reintroduce some. > + > + vec.cipher_auth.digest.val = calloc(1, vec.cipher_auth.digest.len); Don't we need to check for allocation success? > break; > } > } > > - if (i == RTE_DIM(phsc)) > + if (i == RTE_DIM(phsc)) { > + free(vec.cipher_auth.digest.val); > + vec.cipher_auth.digest.val = NULL; > return -1; > + } > > return 0; > } -- David Marchand