From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <stable-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id A9721A00BE
	for <public@inbox.dpdk.org>; Mon,  7 Mar 2022 16:33:41 +0100 (CET)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 9C8FC411CE;
	Mon,  7 Mar 2022 16:33:41 +0100 (CET)
Received: from mga05.intel.com (mga05.intel.com [192.55.52.43])
 by mails.dpdk.org (Postfix) with ESMTP id 4EBFA4014E;
 Mon,  7 Mar 2022 16:33:39 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
 d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
 t=1646667219; x=1678203219;
 h=from:to:cc:subject:date:message-id:in-reply-to:
 references:mime-version:content-transfer-encoding;
 bh=ouXhWRquK/4djpvTpvq+c2c/ftI/4eozifbDUZClo3c=;
 b=ObNfBZdtocFExE0laKF+97LT174P2fUmMnQu5SGmyNdjZSOBOciqrH3P
 X/izQWOqjhMOpoc6JRP6CX1eFW6PI1T2Zo10Q7wVZGTDEIPCHiXy+GmWu
 x1qkG/AsfDW0nMDL6U+kaB8rHW+pxyxqBYjYIbfbXgu/XP47TZKQOaQxo
 kfC43J1u+Px0ICdeFE6ZqAwZzSUQ88Lk/nYqLJcgrljWpFjdrhyaVvVVj
 cuVozZx0FfgFBDjJq3ao9oQFOOQqnfvv5VLww6Cmudag0YfKZw4vBjYdK
 y8dYgqfLHHC9HT/ADXLwr/NT7P7t+8K5L8pVe8mUiKLrN4rErC8d64Cbh g==;
X-IronPort-AV: E=McAfee;i="6200,9189,10279"; a="340850313"
X-IronPort-AV: E=Sophos;i="5.90,162,1643702400"; d="scan'208";a="340850313"
Received: from fmsmga007.fm.intel.com ([10.253.24.52])
 by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 07 Mar 2022 07:33:38 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.90,162,1643702400"; d="scan'208";a="546923691"
Received: from silpixa00400320.ir.intel.com ([10.237.214.242])
 by fmsmga007.fm.intel.com with ESMTP; 07 Mar 2022 07:33:36 -0800
From: Piotr Bronowski <piotrx.bronowski@intel.com>
To: dev@dpdk.org
Cc: roy.fan.zhang@intel.com, thomas@monjalon.net, gakhil@marvell.com,
 ferruh.yigit@intel.com, declan.doherty@intel.com,
 Piotr Bronowski <piotrx.bronowski@intel.com>, stable@dpdk.org
Subject: [PATCH v2] crypto/ipsec_mb: fix usage of untrusted value
Date: Mon,  7 Mar 2022 15:32:33 +0000
Message-Id: <20220307153233.1407564-1-piotrx.bronowski@intel.com>
X-Mailer: git-send-email 2.30.2
In-Reply-To: <20220307124802.1371808-1-piotrx.bronowski@intel.com>
References: <20220307124802.1371808-1-piotrx.bronowski@intel.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-BeenThere: stable@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: patches for DPDK stable branches <stable.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/stable>,
 <mailto:stable-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/stable/>
List-Post: <mailto:stable@dpdk.org>
List-Help: <mailto:stable-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/stable>,
 <mailto:stable-request@dpdk.org?subject=subscribe>
Errors-To: stable-bounces@dpdk.org

This patch removes coverity defect CID 375828:
Untrusted value as argument (TAINTED_SCALAR)

Coverity issue: CID 375828
Fixes: 918fd2f1466b ("crypto/ipsec_mb: move aesni_mb PMD")

Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com>

Cc: stable@dpdk.org

---
v2: use a different logic to check digest length
---
 drivers/crypto/ipsec_mb/pmd_aesni_gcm.c | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c b/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c
index e5ad629fe5..7cd20fc1cf 100644
--- a/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c
+++ b/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c
@@ -96,7 +96,9 @@ aesni_gcm_session_configure(IMB_MGR *mb_mgr, void *session,
 		sess->iv.length = auth_xform->auth.iv.length;
 		key_length = auth_xform->auth.key.length;
 		key = auth_xform->auth.key.data;
-		sess->req_digest_length = auth_xform->auth.digest_length;
+		sess->req_digest_length =
+		    RTE_MIN(auth_xform->auth.digest_length,
+				DIGEST_LENGTH_MAX);
 		break;
 	case IPSEC_MB_OP_AEAD_AUTHENTICATED_ENCRYPT:
 	case IPSEC_MB_OP_AEAD_AUTHENTICATED_DECRYPT:
@@ -116,7 +118,9 @@ aesni_gcm_session_configure(IMB_MGR *mb_mgr, void *session,
 		key_length = aead_xform->aead.key.length;
 		key = aead_xform->aead.key.data;
 		sess->aad_length = aead_xform->aead.aad_length;
-		sess->req_digest_length = aead_xform->aead.digest_length;
+		sess->req_digest_length =
+			RTE_MIN(aead_xform->aead.digest_length,
+				DIGEST_LENGTH_MAX);
 		break;
 	default:
 		IPSEC_MB_LOG(
@@ -146,7 +150,7 @@ aesni_gcm_session_configure(IMB_MGR *mb_mgr, void *session,
 	}
 
 	/* Digest check */
-	if (sess->req_digest_length > 16) {
+	if (sess->req_digest_length > DIGEST_LENGTH_MAX) {
 		IPSEC_MB_LOG(ERR, "Invalid digest length");
 		ret = -EINVAL;
 		goto error_exit;
@@ -157,7 +161,7 @@ aesni_gcm_session_configure(IMB_MGR *mb_mgr, void *session,
 	 * the requested number of bytes.
 	 */
 	if (sess->req_digest_length < 4)
-		sess->gen_digest_length = 16;
+		sess->gen_digest_length = DIGEST_LENGTH_MAX;
 	else
 		sess->gen_digest_length = sess->req_digest_length;
 
-- 
2.30.2

--------------------------------------------------------------
Intel Research and Development Ireland Limited
Registered in Ireland
Registered Office: Collinstown Industrial Park, Leixlip, County Kildare
Registered Number: 308263


This e-mail and any attachments may contain confidential material for the sole
use of the intended recipient(s). Any review or distribution by others is
strictly prohibited. If you are not the intended recipient, please contact the
sender and delete all copies.