From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from dpdk.org (dpdk.org [92.243.14.124])
	by dpdk.space (Postfix) with ESMTP id 02C3BA0471
	for <public@inbox.dpdk.org>; Mon, 17 Jun 2019 12:40:30 +0200 (CEST)
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id 74D811BEDC;
	Mon, 17 Jun 2019 12:40:29 +0200 (CEST)
Received: from mga17.intel.com (mga17.intel.com [192.55.52.151])
 by dpdk.org (Postfix) with ESMTP id D0F0A1BEC4
 for <dev@dpdk.org>; Mon, 17 Jun 2019 12:40:27 +0200 (CEST)
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from orsmga001.jf.intel.com ([10.7.209.18])
 by fmsmga107.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 17 Jun 2019 03:40:26 -0700
X-ExtLoop1: 1
Received: from irsmsx154.ger.corp.intel.com ([163.33.192.96])
 by orsmga001.jf.intel.com with ESMTP; 17 Jun 2019 03:40:25 -0700
Received: from irsmsx156.ger.corp.intel.com (10.108.20.68) by
 IRSMSX154.ger.corp.intel.com (163.33.192.96) with Microsoft SMTP Server (TLS)
 id 14.3.439.0; Mon, 17 Jun 2019 11:40:24 +0100
Received: from irsmsx112.ger.corp.intel.com ([169.254.1.194]) by
 IRSMSX156.ger.corp.intel.com ([169.254.3.131]) with mapi id 14.03.0439.000;
 Mon, 17 Jun 2019 11:40:24 +0100
From: "De Lara Guarch, Pablo" <pablo.de.lara.guarch@intel.com>
To: "Zhang, Roy Fan" <roy.fan.zhang@intel.com>, "dev@dpdk.org" <dev@dpdk.org>
CC: "akhil.goyal@nxp.com" <akhil.goyal@nxp.com>, "Zhang, Roy Fan"
 <roy.fan.zhang@intel.com>
Thread-Topic: [dpdk-dev] [PATCH] aesni_mb: fix out-of-bounds access
Thread-Index: AQHVCzQii0Ad/IqHPUetcYV0C4ZTcqaf2Xrw
Date: Mon, 17 Jun 2019 10:40:24 +0000
Message-ID: <E115CCD9D858EF4F90C690B0DCB4D89780404298@irsmsx112.ger.corp.intel.com>
References: <20190515153259.74322-1-roy.fan.zhang@intel.com>
In-Reply-To: <20190515153259.74322-1-roy.fan.zhang@intel.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiOWZkM2I0YTctZTUzYS00ZWJjLWI0YzItMmQxMTAxM2RkZGUzIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjEwLjE4MDQuNDkiLCJUcnVzdGVkTGFiZWxIYXNoIjoidEppWmtDZ0U4amw4ZmZqVEYwa3RkXC9JYWFyTmM5cWZQNWc5Vmt0Kzg5bkRGalwvMWNTMlM1OW5lOHZZVnBNNmlGIn0=
x-ctpclassification: CTP_NT
dlp-product: dlpe-windows
dlp-version: 11.0.600.7
dlp-reaction: no-action
x-originating-ip: [163.33.239.180]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [dpdk-dev] [PATCH] aesni_mb: fix out-of-bounds access
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

Hi Fan,

> -----Original Message-----
> From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Fan Zhang
> Sent: Wednesday, May 15, 2019 4:33 PM
> To: dev@dpdk.org
> Cc: akhil.goyal@nxp.com; Zhang, Roy Fan <roy.fan.zhang@intel.com>
> Subject: [dpdk-dev] [PATCH] aesni_mb: fix out-of-bounds access
>=20
> This patch fixes the out-of-bounds coverity issue by adding missed
> algorithms to the array.
>=20
> Coverity issue: 337683
>=20
> Fixes: c68d7aa354f6 ("crypto/aesni_mb: use architecture independent
> macros")
>=20
> Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
> ---
>  drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h | 8 +++++++-
>  1 file changed, 7 insertions(+), 1 deletion(-)
>=20
> diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
> b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
> index 4d439360f..c937b21b6 100644
> --- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
> +++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
> @@ -65,7 +65,13 @@ static const unsigned
> auth_truncated_digest_byte_lengths[] =3D {
>  		[AES_XCBC]	=3D 12,
>  		[AES_CMAC]	=3D 12,
>  		[AES_CCM]	=3D 8,
> -		[NULL_HASH]	=3D 0
> +		[NULL_HASH]	=3D 0,
> +		[AES_GMAC]	=3D 12,

According to the code in the IPSec MB lib, truncated value for GMAC is 16,
although it can actually generate anything from 4 to 16 bytes,
so I guess any value between this range could work.

> +		[PLAIN_SHA1]	=3D 20,
> +		[PLAIN_SHA_224]	=3D 28,
> +		[PLAIN_SHA_256]	=3D 32,
> +		[PLAIN_SHA_384]	=3D 48,
> +		[PLAIN_SHA_512]	=3D 64
>  };
>=20

Could you also complete the other two arrays?
auth_digest_byte_lengths (missing AES_CCM) and auth_blocksize.

Thanks!
Pablo

>  /**
> --
> 2.14.5