From: Piotr Bronowski <piotrx.bronowski@intel.com>
To: dev@dpdk.org
Cc: roy.fan.zhang@intel.com, thomas@monjalon.net, gakhil@marvell.com,
ferruh.yigit@intel.com, declan.doherty@intel.com,
Piotr Bronowski <piotrx.bronowski@intel.com>,
stable@dpdk.org
Subject: [PATCH v2] crypto/ipsec_mb: fix usage of untrusted value
Date: Mon, 7 Mar 2022 15:32:33 +0000 [thread overview]
Message-ID: <20220307153233.1407564-1-piotrx.bronowski@intel.com> (raw)
In-Reply-To: <20220307124802.1371808-1-piotrx.bronowski@intel.com>
This patch removes coverity defect CID 375828:
Untrusted value as argument (TAINTED_SCALAR)
Coverity issue: CID 375828
Fixes: 918fd2f1466b ("crypto/ipsec_mb: move aesni_mb PMD")
Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com>
Cc: stable@dpdk.org
---
v2: use a different logic to check digest length
---
drivers/crypto/ipsec_mb/pmd_aesni_gcm.c | 12 ++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c b/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c
index e5ad629fe5..7cd20fc1cf 100644
--- a/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c
+++ b/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c
@@ -96,7 +96,9 @@ aesni_gcm_session_configure(IMB_MGR *mb_mgr, void *session,
sess->iv.length = auth_xform->auth.iv.length;
key_length = auth_xform->auth.key.length;
key = auth_xform->auth.key.data;
- sess->req_digest_length = auth_xform->auth.digest_length;
+ sess->req_digest_length =
+ RTE_MIN(auth_xform->auth.digest_length,
+ DIGEST_LENGTH_MAX);
break;
case IPSEC_MB_OP_AEAD_AUTHENTICATED_ENCRYPT:
case IPSEC_MB_OP_AEAD_AUTHENTICATED_DECRYPT:
@@ -116,7 +118,9 @@ aesni_gcm_session_configure(IMB_MGR *mb_mgr, void *session,
key_length = aead_xform->aead.key.length;
key = aead_xform->aead.key.data;
sess->aad_length = aead_xform->aead.aad_length;
- sess->req_digest_length = aead_xform->aead.digest_length;
+ sess->req_digest_length =
+ RTE_MIN(aead_xform->aead.digest_length,
+ DIGEST_LENGTH_MAX);
break;
default:
IPSEC_MB_LOG(
@@ -146,7 +150,7 @@ aesni_gcm_session_configure(IMB_MGR *mb_mgr, void *session,
}
/* Digest check */
- if (sess->req_digest_length > 16) {
+ if (sess->req_digest_length > DIGEST_LENGTH_MAX) {
IPSEC_MB_LOG(ERR, "Invalid digest length");
ret = -EINVAL;
goto error_exit;
@@ -157,7 +161,7 @@ aesni_gcm_session_configure(IMB_MGR *mb_mgr, void *session,
* the requested number of bytes.
*/
if (sess->req_digest_length < 4)
- sess->gen_digest_length = 16;
+ sess->gen_digest_length = DIGEST_LENGTH_MAX;
else
sess->gen_digest_length = sess->req_digest_length;
--
2.30.2
--------------------------------------------------------------
Intel Research and Development Ireland Limited
Registered in Ireland
Registered Office: Collinstown Industrial Park, Leixlip, County Kildare
Registered Number: 308263
This e-mail and any attachments may contain confidential material for the sole
use of the intended recipient(s). Any review or distribution by others is
strictly prohibited. If you are not the intended recipient, please contact the
sender and delete all copies.
next parent reply other threads:[~2022-03-07 15:33 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20220307124802.1371808-1-piotrx.bronowski@intel.com>
2022-03-07 15:32 ` Piotr Bronowski [this message]
2022-03-07 16:26 ` Zhang, Roy Fan
2022-03-09 13:19 ` Ji, Kai
2022-03-09 14:34 ` Zhang, Roy Fan
2022-03-09 14:40 ` Power, Ciara
2022-03-09 15:08 ` [PATCH v3] crypto/ipsec_mb: fix coverity issue Piotr Bronowski
2022-03-09 18:02 ` [PATCH v4] " Piotr Bronowski
2022-03-10 9:17 ` Power, Ciara
2022-03-14 10:32 ` Thomas Monjalon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220307153233.1407564-1-piotrx.bronowski@intel.com \
--to=piotrx.bronowski@intel.com \
--cc=declan.doherty@intel.com \
--cc=dev@dpdk.org \
--cc=ferruh.yigit@intel.com \
--cc=gakhil@marvell.com \
--cc=roy.fan.zhang@intel.com \
--cc=stable@dpdk.org \
--cc=thomas@monjalon.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).