* [PATCH v2] crypto/virtio: fix out of bounds access bug [not found] <20220221180542.439823-1-brian.dooley@intel.com> @ 2022-02-22 9:54 ` Brian Dooley 2022-02-23 10:58 ` Zhang, Roy Fan 2022-02-23 11:10 ` Zhang, Roy Fan 0 siblings, 2 replies; 4+ messages in thread From: Brian Dooley @ 2022-02-22 9:54 UTC (permalink / raw) To: dev; +Cc: Brian Dooley, roy.fan.zhang, stable, Jay Zhou Coverity flags an untrusted loop bound. Check length of session iv. Coverity issue: 375802 Fixes: b063e843fa03 ("crypto/virtio: fix IV physical address") Cc: roy.fan.zhang@intel.com Cc: stable@dpdk.org Signed-off-by: Brian Dooley <brian.dooley@intel.com> --- v2: Fix checkpatch warning --- drivers/crypto/virtio/virtio_rxtx.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/crypto/virtio/virtio_rxtx.c b/drivers/crypto/virtio/virtio_rxtx.c index a65524a306..08359b3a39 100644 --- a/drivers/crypto/virtio/virtio_rxtx.c +++ b/drivers/crypto/virtio/virtio_rxtx.c @@ -264,6 +264,9 @@ virtqueue_crypto_sym_enqueue_xmit( if (cop->phys_addr) desc[idx].addr = cop->phys_addr + session->iv.offset; else { + if (session->iv.length > VIRTIO_CRYPTO_MAX_IV_SIZE) + return -ENOMEM; + rte_memcpy(crypto_op_cookie->iv, rte_crypto_op_ctod_offset(cop, uint8_t *, session->iv.offset), -- 2.25.1 ^ permalink raw reply [flat|nested] 4+ messages in thread
* RE: [PATCH v2] crypto/virtio: fix out of bounds access bug 2022-02-22 9:54 ` [PATCH v2] crypto/virtio: fix out of bounds access bug Brian Dooley @ 2022-02-23 10:58 ` Zhang, Roy Fan 2022-02-23 11:10 ` Zhang, Roy Fan 1 sibling, 0 replies; 4+ messages in thread From: Zhang, Roy Fan @ 2022-02-23 10:58 UTC (permalink / raw) To: Dooley, Brian, dev; +Cc: stable, Jay Zhou > -----Original Message----- > From: Dooley, Brian <brian.dooley@intel.com> > Sent: Tuesday, February 22, 2022 9:55 AM > To: dev@dpdk.org > Cc: Dooley, Brian <brian.dooley@intel.com>; Zhang, Roy Fan > <roy.fan.zhang@intel.com>; stable@dpdk.org; Jay Zhou > <jianjay.zhou@huawei.com> > Subject: [PATCH v2] crypto/virtio: fix out of bounds access bug > > Coverity flags an untrusted loop bound. Check length of session iv. > > Coverity issue: 375802 > > Fixes: b063e843fa03 ("crypto/virtio: fix IV physical address") > Cc: roy.fan.zhang@intel.com > Cc: stable@dpdk.org > > Signed-off-by: Brian Dooley <brian.dooley@intel.com> > > --- Acked-by: Fan Zhang <roy.fan.zhang@intel.com> ^ permalink raw reply [flat|nested] 4+ messages in thread
* RE: [PATCH v2] crypto/virtio: fix out of bounds access bug 2022-02-22 9:54 ` [PATCH v2] crypto/virtio: fix out of bounds access bug Brian Dooley 2022-02-23 10:58 ` Zhang, Roy Fan @ 2022-02-23 11:10 ` Zhang, Roy Fan 2022-02-23 11:12 ` Akhil Goyal 1 sibling, 1 reply; 4+ messages in thread From: Zhang, Roy Fan @ 2022-02-23 11:10 UTC (permalink / raw) To: Dooley, Brian, dev; +Cc: stable, Jay Zhou > -----Original Message----- > From: Dooley, Brian <brian.dooley@intel.com> > Sent: Tuesday, February 22, 2022 9:55 AM > To: dev@dpdk.org > Cc: Dooley, Brian <brian.dooley@intel.com>; Zhang, Roy Fan > <roy.fan.zhang@intel.com>; stable@dpdk.org; Jay Zhou > <jianjay.zhou@huawei.com> > Subject: [PATCH v2] crypto/virtio: fix out of bounds access bug > > Coverity flags an untrusted loop bound. Check length of session iv. > > Coverity issue: 375802 > > Fixes: b063e843fa03 ("crypto/virtio: fix IV physical address") > Cc: roy.fan.zhang@intel.com > Cc: stable@dpdk.org > > Signed-off-by: Brian Dooley <brian.dooley@intel.com> > > --- Reacking as the last ack not shown in patchwork Acked-by: Fan Zhang <roy.fan.zhang@intel.com> ^ permalink raw reply [flat|nested] 4+ messages in thread
* RE: [PATCH v2] crypto/virtio: fix out of bounds access bug 2022-02-23 11:10 ` Zhang, Roy Fan @ 2022-02-23 11:12 ` Akhil Goyal 0 siblings, 0 replies; 4+ messages in thread From: Akhil Goyal @ 2022-02-23 11:12 UTC (permalink / raw) To: Zhang, Roy Fan, Dooley, Brian, dev; +Cc: stable, Jay Zhou > > Coverity flags an untrusted loop bound. Check length of session iv. > > > > Coverity issue: 375802 > > > > Fixes: b063e843fa03 ("crypto/virtio: fix IV physical address") > > Cc: roy.fan.zhang@intel.com > > Cc: stable@dpdk.org > > > > Signed-off-by: Brian Dooley <brian.dooley@intel.com> > > > > --- > Reacking as the last ack not shown in patchwork > Acked-by: Fan Zhang <roy.fan.zhang@intel.com> Applied to dpdk-next-crypto Thanks. ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2022-02-23 11:12 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <20220221180542.439823-1-brian.dooley@intel.com>
2022-02-22 9:54 ` [PATCH v2] crypto/virtio: fix out of bounds access bug Brian Dooley
2022-02-23 10:58 ` Zhang, Roy Fan
2022-02-23 11:10 ` Zhang, Roy Fan
2022-02-23 11:12 ` Akhil Goyal
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).