* [dpdk-dev] [PATCH] test/crypto: fix null dereference for crypto op
@ 2020-10-30 13:11 Ciara Power
2020-11-02 19:55 ` Akhil Goyal
0 siblings, 1 reply; 3+ messages in thread
From: Ciara Power @ 2020-10-30 13:11 UTC (permalink / raw)
To: dev; +Cc: Ciara Power, roy.fan.zhang, Declan Doherty
In two test cases, the op value is set by the return of the
process_crypto_request function, which may be NULL. The op->status
value was checked afterwards, which was causing a dereference issue.
To fix this, a temporary op variable is used to hold the return
from the process_crypto_request function, so the original op->status
can be checked after the possible NULL return value.
The original op value is then set to hold the temporary op value.
Coverity issue: 363465
Coverity issue: 363452
Fixes: 4868f6591c6f ("test/crypto: add cases for raw datapath API")
Cc: roy.fan.zhang@intel.com
Signed-off-by: Ciara Power <ciara.power@intel.com>
---
app/test/test_cryptodev.c | 14 ++++++++------
1 file changed, 8 insertions(+), 6 deletions(-)
diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
index 0fed124d3a..ce8bcd1d4f 100644
--- a/app/test/test_cryptodev.c
+++ b/app/test/test_cryptodev.c
@@ -6676,6 +6676,7 @@ test_mixed_auth_cipher(const struct mixed_cipher_auth_test_data *tdata,
unsigned int ciphertext_len;
struct rte_cryptodev_info dev_info;
+ struct rte_crypto_op *op;
/* Check if device supports particular algorithms separately */
if (test_mixed_check_if_unsupported(tdata))
@@ -6771,17 +6772,17 @@ test_mixed_auth_cipher(const struct mixed_cipher_auth_test_data *tdata,
if (retval < 0)
return retval;
- ut_params->op = process_crypto_request(ts_params->valid_devs[0],
- ut_params->op);
+ op = process_crypto_request(ts_params->valid_devs[0], ut_params->op);
/* Check if the op failed because the device doesn't */
/* support this particular combination of algorithms */
- if (ut_params->op == NULL && ut_params->op->status ==
+ if (op == NULL && ut_params->op->status ==
RTE_CRYPTO_OP_STATUS_INVALID_SESSION) {
printf("Device doesn't support this mixed combination. "
"Test Skipped.\n");
return -ENOTSUP;
}
+ ut_params->op = op;
TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
@@ -6872,6 +6873,7 @@ test_mixed_auth_cipher_sgl(const struct mixed_cipher_auth_test_data *tdata,
uint8_t digest_buffer[10000];
struct rte_cryptodev_info dev_info;
+ struct rte_crypto_op *op;
/* Check if device supports particular algorithms */
if (test_mixed_check_if_unsupported(tdata))
@@ -6976,17 +6978,17 @@ test_mixed_auth_cipher_sgl(const struct mixed_cipher_auth_test_data *tdata,
if (retval < 0)
return retval;
- ut_params->op = process_crypto_request(ts_params->valid_devs[0],
- ut_params->op);
+ op = process_crypto_request(ts_params->valid_devs[0], ut_params->op);
/* Check if the op failed because the device doesn't */
/* support this particular combination of algorithms */
- if (ut_params->op == NULL && ut_params->op->status ==
+ if (op == NULL && ut_params->op->status ==
RTE_CRYPTO_OP_STATUS_INVALID_SESSION) {
printf("Device doesn't support this mixed combination. "
"Test Skipped.\n");
return -ENOTSUP;
}
+ ut_params->op = op;
TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
--
2.25.1
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [dpdk-dev] [PATCH] test/crypto: fix null dereference for crypto op
2020-10-30 13:11 [dpdk-dev] [PATCH] test/crypto: fix null dereference for crypto op Ciara Power
@ 2020-11-02 19:55 ` Akhil Goyal
2020-11-04 7:16 ` Akhil Goyal
0 siblings, 1 reply; 3+ messages in thread
From: Akhil Goyal @ 2020-11-02 19:55 UTC (permalink / raw)
To: Ciara Power, dev; +Cc: roy.fan.zhang, Declan Doherty
> Subject: [dpdk-dev] [PATCH] test/crypto: fix null dereference for crypto op
>
> In two test cases, the op value is set by the return of the
> process_crypto_request function, which may be NULL. The op->status
> value was checked afterwards, which was causing a dereference issue.
>
> To fix this, a temporary op variable is used to hold the return
> from the process_crypto_request function, so the original op->status
> can be checked after the possible NULL return value.
> The original op value is then set to hold the temporary op value.
>
> Coverity issue: 363465
> Coverity issue: 363452
> Fixes: 4868f6591c6f ("test/crypto: add cases for raw datapath API")
> Cc: roy.fan.zhang@intel.com
>
> Signed-off-by: Ciara Power <ciara.power@intel.com>
> ---
> app/test/test_cryptodev.c | 14 ++++++++------
> 1 file changed, 8 insertions(+), 6 deletions(-)
>
> diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
> index 0fed124d3a..ce8bcd1d4f 100644
> --- a/app/test/test_cryptodev.c
> +++ b/app/test/test_cryptodev.c
> @@ -6676,6 +6676,7 @@ test_mixed_auth_cipher(const struct
> mixed_cipher_auth_test_data *tdata,
> unsigned int ciphertext_len;
>
> struct rte_cryptodev_info dev_info;
> + struct rte_crypto_op *op;
>
> /* Check if device supports particular algorithms separately */
> if (test_mixed_check_if_unsupported(tdata))
> @@ -6771,17 +6772,17 @@ test_mixed_auth_cipher(const struct
> mixed_cipher_auth_test_data *tdata,
> if (retval < 0)
> return retval;
>
> - ut_params->op = process_crypto_request(ts_params->valid_devs[0],
> - ut_params->op);
> + op = process_crypto_request(ts_params->valid_devs[0], ut_params-
> >op);
>
> /* Check if the op failed because the device doesn't */
> /* support this particular combination of algorithms */
> - if (ut_params->op == NULL && ut_params->op->status ==
> + if (op == NULL && ut_params->op->status ==
> RTE_CRYPTO_OP_STATUS_INVALID_SESSION) {
> printf("Device doesn't support this mixed combination. "
> "Test Skipped.\n");
> return -ENOTSUP;
> }
I believe the original check was also good. But instead of
if (ut_params->op == NULL && ut_params->op->status == RTE_CRYPTO_OP_STATUS_INVALID_SESSION)
it should be
if (ut_params->op == NULL || ut_params->op->status == RTE_CRYPTO_OP_STATUS_INVALID_SESSION)
In this way the coverity should not raise an issue for this. What say?
> + ut_params->op = op;
>
> TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
>
> @@ -6872,6 +6873,7 @@ test_mixed_auth_cipher_sgl(const struct
> mixed_cipher_auth_test_data *tdata,
> uint8_t digest_buffer[10000];
>
> struct rte_cryptodev_info dev_info;
> + struct rte_crypto_op *op;
>
> /* Check if device supports particular algorithms */
> if (test_mixed_check_if_unsupported(tdata))
> @@ -6976,17 +6978,17 @@ test_mixed_auth_cipher_sgl(const struct
> mixed_cipher_auth_test_data *tdata,
> if (retval < 0)
> return retval;
>
> - ut_params->op = process_crypto_request(ts_params->valid_devs[0],
> - ut_params->op);
> + op = process_crypto_request(ts_params->valid_devs[0], ut_params-
> >op);
>
> /* Check if the op failed because the device doesn't */
> /* support this particular combination of algorithms */
> - if (ut_params->op == NULL && ut_params->op->status ==
> + if (op == NULL && ut_params->op->status ==
> RTE_CRYPTO_OP_STATUS_INVALID_SESSION) {
> printf("Device doesn't support this mixed combination. "
> "Test Skipped.\n");
> return -ENOTSUP;
> }
> + ut_params->op = op;
>
> TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf");
>
> --
> 2.25.1
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [dpdk-dev] [PATCH] test/crypto: fix null dereference for crypto op
2020-11-02 19:55 ` Akhil Goyal
@ 2020-11-04 7:16 ` Akhil Goyal
0 siblings, 0 replies; 3+ messages in thread
From: Akhil Goyal @ 2020-11-04 7:16 UTC (permalink / raw)
To: Ciara Power, dev; +Cc: roy.fan.zhang, Declan Doherty
> > Subject: [dpdk-dev] [PATCH] test/crypto: fix null dereference for crypto op
> >
> > In two test cases, the op value is set by the return of the
> > process_crypto_request function, which may be NULL. The op->status
> > value was checked afterwards, which was causing a dereference issue.
> >
> > To fix this, a temporary op variable is used to hold the return
> > from the process_crypto_request function, so the original op->status
> > can be checked after the possible NULL return value.
> > The original op value is then set to hold the temporary op value.
> >
> > Coverity issue: 363465
> > Coverity issue: 363452
> > Fixes: 4868f6591c6f ("test/crypto: add cases for raw datapath API")
> > Cc: roy.fan.zhang@intel.com
> >
> > Signed-off-by: Ciara Power <ciara.power@intel.com>
> > ---
> > app/test/test_cryptodev.c | 14 ++++++++------
> > 1 file changed, 8 insertions(+), 6 deletions(-)
> >
> > diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
> > index 0fed124d3a..ce8bcd1d4f 100644
> > --- a/app/test/test_cryptodev.c
> > +++ b/app/test/test_cryptodev.c
> > @@ -6676,6 +6676,7 @@ test_mixed_auth_cipher(const struct
> > mixed_cipher_auth_test_data *tdata,
> > unsigned int ciphertext_len;
> >
> > struct rte_cryptodev_info dev_info;
> > + struct rte_crypto_op *op;
> >
> > /* Check if device supports particular algorithms separately */
> > if (test_mixed_check_if_unsupported(tdata))
> > @@ -6771,17 +6772,17 @@ test_mixed_auth_cipher(const struct
> > mixed_cipher_auth_test_data *tdata,
> > if (retval < 0)
> > return retval;
> >
> > - ut_params->op = process_crypto_request(ts_params->valid_devs[0],
> > - ut_params->op);
> > + op = process_crypto_request(ts_params->valid_devs[0], ut_params-
> > >op);
> >
> > /* Check if the op failed because the device doesn't */
> > /* support this particular combination of algorithms */
> > - if (ut_params->op == NULL && ut_params->op->status ==
> > + if (op == NULL && ut_params->op->status ==
> > RTE_CRYPTO_OP_STATUS_INVALID_SESSION) {
> > printf("Device doesn't support this mixed combination. "
> > "Test Skipped.\n");
> > return -ENOTSUP;
> > }
>
> I believe the original check was also good. But instead of
> if (ut_params->op == NULL && ut_params->op->status ==
> RTE_CRYPTO_OP_STATUS_INVALID_SESSION)
> it should be
> if (ut_params->op == NULL || ut_params->op->status ==
> RTE_CRYPTO_OP_STATUS_INVALID_SESSION)
>
> In this way the coverity should not raise an issue for this. What say?
>
Please disregard my comment. The patch is good.
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Applied to dpdk-next-crypto
Thanks.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2020-11-04 7:16 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-10-30 13:11 [dpdk-dev] [PATCH] test/crypto: fix null dereference for crypto op Ciara Power
2020-11-02 19:55 ` Akhil Goyal
2020-11-04 7:16 ` Akhil Goyal
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).