* [PATCH] crypto/openssl: fix warning on copy length
@ 2023-01-06 10:15 Ruifeng Wang
2023-01-06 10:26 ` David Marchand
2023-01-09 3:40 ` [PATCH v2] " Ruifeng Wang
0 siblings, 2 replies; 5+ messages in thread
From: Ruifeng Wang @ 2023-01-06 10:15 UTC (permalink / raw)
To: Kai Ji, Fan Zhang, Akhil Goyal; +Cc: dev, nd, Ruifeng Wang, stable, Feifei Wang
When building with gcc 11.2.0, the compiler warns as follows:
In function 'memcpy',
inlined from 'openssl_set_session_auth_parameters' at ../drivers/crypto/openssl/rte_openssl_pmd.c:699:3,
inlined from 'openssl_set_session_parameters' at ../drivers/crypto/openssl/rte_openssl_pmd.c:826:9:
/usr/include/aarch64-linux-gnu/bits/string_fortified.h:29:10: warning: '__builtin_memcpy' forming offset [4, 8] is out of the bounds [0, 4] [-Warray-bounds]
Fixed the warning by copying up to string size.
Fixes: 75adf1eae44f ("crypto/openssl: update HMAC routine with 3.0 EVP API")
Cc: stable@dpdk.org
Cc: kai.ji@intel.com
Signed-off-by: Ruifeng Wang <ruifeng.wang@arm.com>
Reviewed-by: Feifei Wang <feifei.wang2@arm.com>
---
drivers/crypto/openssl/rte_openssl_pmd.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index 05449b6e98..8458ad487a 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -696,7 +696,7 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
algo = digest_name_get(xform->auth.algo);
if (!algo)
return -EINVAL;
- rte_memcpy(algo_name, algo, (sizeof(algo)+1));
+ rte_memcpy(algo_name, algo, strlen(algo) + 1);
mac = EVP_MAC_fetch(NULL, "HMAC", NULL);
sess->auth.hmac.ctx = EVP_MAC_CTX_new(mac);
--
2.25.1
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] crypto/openssl: fix warning on copy length
2023-01-06 10:15 [PATCH] crypto/openssl: fix warning on copy length Ruifeng Wang
@ 2023-01-06 10:26 ` David Marchand
2023-01-09 3:31 ` Ruifeng Wang
2023-01-09 3:40 ` [PATCH v2] " Ruifeng Wang
1 sibling, 1 reply; 5+ messages in thread
From: David Marchand @ 2023-01-06 10:26 UTC (permalink / raw)
To: Kai Ji, Ruifeng Wang; +Cc: Fan Zhang, Akhil Goyal, dev, nd, stable, Feifei Wang
On Fri, Jan 6, 2023 at 11:16 AM Ruifeng Wang <ruifeng.wang@arm.com> wrote:
>
> When building with gcc 11.2.0, the compiler warns as follows:
> In function 'memcpy',
> inlined from 'openssl_set_session_auth_parameters' at ../drivers/crypto/openssl/rte_openssl_pmd.c:699:3,
> inlined from 'openssl_set_session_parameters' at ../drivers/crypto/openssl/rte_openssl_pmd.c:826:9:
> /usr/include/aarch64-linux-gnu/bits/string_fortified.h:29:10: warning: '__builtin_memcpy' forming offset [4, 8] is out of the bounds [0, 4] [-Warray-bounds]
>
> Fixed the warning by copying up to string size.
>
> Fixes: 75adf1eae44f ("crypto/openssl: update HMAC routine with 3.0 EVP API")
> Cc: stable@dpdk.org
> Cc: kai.ji@intel.com
>
> Signed-off-by: Ruifeng Wang <ruifeng.wang@arm.com>
> Reviewed-by: Feifei Wang <feifei.wang2@arm.com>
> ---
> drivers/crypto/openssl/rte_openssl_pmd.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
> index 05449b6e98..8458ad487a 100644
> --- a/drivers/crypto/openssl/rte_openssl_pmd.c
> +++ b/drivers/crypto/openssl/rte_openssl_pmd.c
> @@ -696,7 +696,7 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
> algo = digest_name_get(xform->auth.algo);
> if (!algo)
> return -EINVAL;
> - rte_memcpy(algo_name, algo, (sizeof(algo)+1));
> + rte_memcpy(algo_name, algo, strlen(algo) + 1);
Why is there a need for copying such a string to a local storage?
If it is really needed, we are dealing with strings, so I suggest:
strlcpy(algo_name, algo, sizeof(algo_name));
--
David Marchand
^ permalink raw reply [flat|nested] 5+ messages in thread
* RE: [PATCH] crypto/openssl: fix warning on copy length
2023-01-06 10:26 ` David Marchand
@ 2023-01-09 3:31 ` Ruifeng Wang
0 siblings, 0 replies; 5+ messages in thread
From: Ruifeng Wang @ 2023-01-09 3:31 UTC (permalink / raw)
To: David Marchand, Kai Ji
Cc: Fan Zhang, Akhil Goyal, dev, nd, stable, Feifei Wang, nd
> -----Original Message-----
> From: David Marchand <david.marchand@redhat.com>
> Sent: Friday, January 6, 2023 6:27 PM
> To: Kai Ji <kai.ji@intel.com>; Ruifeng Wang <Ruifeng.Wang@arm.com>
> Cc: Fan Zhang <fanzhang.oss@gmail.com>; Akhil Goyal <gakhil@marvell.com>; dev@dpdk.org; nd
> <nd@arm.com>; stable@dpdk.org; Feifei Wang <Feifei.Wang2@arm.com>
> Subject: Re: [PATCH] crypto/openssl: fix warning on copy length
>
> On Fri, Jan 6, 2023 at 11:16 AM Ruifeng Wang <ruifeng.wang@arm.com> wrote:
> >
> > When building with gcc 11.2.0, the compiler warns as follows:
> > In function 'memcpy',
> > inlined from 'openssl_set_session_auth_parameters'
> at ../drivers/crypto/openssl/rte_openssl_pmd.c:699:3,
> > inlined from 'openssl_set_session_parameters'
> at ../drivers/crypto/openssl/rte_openssl_pmd.c:826:9:
> > /usr/include/aarch64-linux-gnu/bits/string_fortified.h:29:10: warning:
> '__builtin_memcpy' forming offset [4, 8] is out of the bounds [0, 4] [-Warray-bounds]
> >
> > Fixed the warning by copying up to string size.
> >
> > Fixes: 75adf1eae44f ("crypto/openssl: update HMAC routine with 3.0 EVP API")
> > Cc: stable@dpdk.org
> > Cc: kai.ji@intel.com
> >
> > Signed-off-by: Ruifeng Wang <ruifeng.wang@arm.com>
> > Reviewed-by: Feifei Wang <feifei.wang2@arm.com>
> > ---
> > drivers/crypto/openssl/rte_openssl_pmd.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c
> b/drivers/crypto/openssl/rte_openssl_pmd.c
> > index 05449b6e98..8458ad487a 100644
> > --- a/drivers/crypto/openssl/rte_openssl_pmd.c
> > +++ b/drivers/crypto/openssl/rte_openssl_pmd.c
> > @@ -696,7 +696,7 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
> > algo = digest_name_get(xform->auth.algo);
> > if (!algo)
> > return -EINVAL;
> > - rte_memcpy(algo_name, algo, (sizeof(algo)+1));
> > + rte_memcpy(algo_name, algo, strlen(algo) + 1);
>
> Why is there a need for copying such a string to a local storage?
From OpenSSL document, I can see OSSL_PARAM_construct_utf8_string() takes a buffer
as input. But I'm not sure if a const is acceptable.
I would keep the fix simple for backport. Removing copy is an improvement that
can be done by someone who has more knowledge of OpenSSL library.
>
> If it is really needed, we are dealing with strings, so I suggest:
> strlcpy(algo_name, algo, sizeof(algo_name));
Thanks for the suggestion. Will update in v2.
Regards,
Ruifeng
>
>
> --
> David Marchand
^ permalink raw reply [flat|nested] 5+ messages in thread
* [PATCH v2] crypto/openssl: fix warning on copy length
2023-01-06 10:15 [PATCH] crypto/openssl: fix warning on copy length Ruifeng Wang
2023-01-06 10:26 ` David Marchand
@ 2023-01-09 3:40 ` Ruifeng Wang
2023-01-31 8:09 ` [EXT] " Akhil Goyal
1 sibling, 1 reply; 5+ messages in thread
From: Ruifeng Wang @ 2023-01-09 3:40 UTC (permalink / raw)
To: kai.ji, fanzhang.oss, gakhil
Cc: dev, stable, david.marchand, feifei.wang2, nd, Ruifeng Wang
When building with gcc 11.2.0, the compiler warns as follows:
In function 'memcpy',
inlined from 'openssl_set_session_auth_parameters' at ../drivers/crypto/openssl/rte_openssl_pmd.c:699:3,
inlined from 'openssl_set_session_parameters' at ../drivers/crypto/openssl/rte_openssl_pmd.c:826:9:
/usr/include/aarch64-linux-gnu/bits/string_fortified.h:29:10: warning: '__builtin_memcpy' forming offset [4, 8] is out of the bounds [0, 4] [-Warray-bounds]
Fixed the warning by copying up to string / buffer size.
Fixes: 75adf1eae44f ("crypto/openssl: update HMAC routine with 3.0 EVP API")
Cc: stable@dpdk.org
Cc: kai.ji@intel.com
Signed-off-by: Ruifeng Wang <ruifeng.wang@arm.com>
Reviewed-by: Feifei Wang <feifei.wang2@arm.com>
---
drivers/crypto/openssl/rte_openssl_pmd.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index 05449b6e98..abcb641a44 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -696,7 +696,7 @@ openssl_set_session_auth_parameters(struct openssl_session *sess,
algo = digest_name_get(xform->auth.algo);
if (!algo)
return -EINVAL;
- rte_memcpy(algo_name, algo, (sizeof(algo)+1));
+ strlcpy(algo_name, algo, sizeof(algo_name));
mac = EVP_MAC_fetch(NULL, "HMAC", NULL);
sess->auth.hmac.ctx = EVP_MAC_CTX_new(mac);
--
2.25.1
^ permalink raw reply [flat|nested] 5+ messages in thread
* RE: [EXT] [PATCH v2] crypto/openssl: fix warning on copy length
2023-01-09 3:40 ` [PATCH v2] " Ruifeng Wang
@ 2023-01-31 8:09 ` Akhil Goyal
0 siblings, 0 replies; 5+ messages in thread
From: Akhil Goyal @ 2023-01-31 8:09 UTC (permalink / raw)
To: Ruifeng Wang, kai.ji, fanzhang.oss
Cc: dev, stable, david.marchand, feifei.wang2, nd
> When building with gcc 11.2.0, the compiler warns as follows:
> In function 'memcpy',
> inlined from 'openssl_set_session_auth_parameters' at
> ../drivers/crypto/openssl/rte_openssl_pmd.c:699:3,
> inlined from 'openssl_set_session_parameters' at
> ../drivers/crypto/openssl/rte_openssl_pmd.c:826:9:
> /usr/include/aarch64-linux-gnu/bits/string_fortified.h:29:10: warning:
> '__builtin_memcpy' forming offset [4, 8] is out of the bounds [0, 4] [-Warray-
> bounds]
>
> Fixed the warning by copying up to string / buffer size.
>
> Fixes: 75adf1eae44f ("crypto/openssl: update HMAC routine with 3.0 EVP API")
> Cc: stable@dpdk.org
> Cc: kai.ji@intel.com
>
> Signed-off-by: Ruifeng Wang <ruifeng.wang@arm.com>
> Reviewed-by: Feifei Wang <feifei.wang2@arm.com>
Applied to dpdk-next-crypto
Thanks.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2023-01-31 8:09 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-01-06 10:15 [PATCH] crypto/openssl: fix warning on copy length Ruifeng Wang
2023-01-06 10:26 ` David Marchand
2023-01-09 3:31 ` Ruifeng Wang
2023-01-09 3:40 ` [PATCH v2] " Ruifeng Wang
2023-01-31 8:09 ` [EXT] " Akhil Goyal
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).