[PATCH] crypto/openssl: fix memory leak in auth processing function

patches for DPDK stable branches
 help / color / mirror / Atom feed

* [PATCH] crypto/openssl: fix memory leak in auth processing function
@ 2023-04-18 14:26 Didier Pallard
       [not found] ` <SN7PR11MB763991660B6600688B66C5E3E65CA@SN7PR11MB7639.namprd11.prod.outlook.com>
  0 siblings, 1 reply; 3+ messages in thread
From: Didier Pallard @ 2023-04-18 14:26 UTC (permalink / raw)
  To: dev; +Cc: stable, Kai Ji, Akhil Goyal, Fan Zhang, Ashwin Sekhar T K

Contexts allocated with EVP_MAC_CTX_new calls are leaking, they are created
then overwritten by the return value of EVP_MAC_CTX_dup call.

Fixes: 75adf1eae44f ("crypto/openssl: update HMAC routine with 3.0 EVP API")
Fixes: 2b9c693f6ef5 ("crypto/openssl: support AES-CMAC operations")
Signed-off-by: Didier Pallard <didier.pallard@6wind.com>
Cc: stable@dpdk.org
---
 drivers/crypto/openssl/rte_openssl_pmd.c | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index 384d26262105..e00db0facba5 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -1797,7 +1797,6 @@ process_openssl_auth_op(struct openssl_qp *qp, struct rte_crypto_op *op,
 # if OPENSSL_VERSION_NUMBER >= 0x30000000L
 	EVP_MAC_CTX *ctx_h;
 	EVP_MAC_CTX *ctx_c;
-	EVP_MAC *mac;
 # else
 	HMAC_CTX *ctx_h;
 	CMAC_CTX *ctx_c;
@@ -1818,10 +1817,7 @@ process_openssl_auth_op(struct openssl_qp *qp, struct rte_crypto_op *op,
 		break;
 	case OPENSSL_AUTH_AS_HMAC:
 # if OPENSSL_VERSION_NUMBER >= 0x30000000L
-		mac = EVP_MAC_fetch(NULL, "HMAC", NULL);
-		ctx_h = EVP_MAC_CTX_new(mac);
 		ctx_h = EVP_MAC_CTX_dup(sess->auth.hmac.ctx);
-		EVP_MAC_free(mac);
 		status = process_openssl_auth_mac(mbuf_src, dst,
 				op->sym->auth.data.offset, srclen,
 				ctx_h);
@@ -1836,10 +1832,7 @@ process_openssl_auth_op(struct openssl_qp *qp, struct rte_crypto_op *op,
 		break;
 	case OPENSSL_AUTH_AS_CMAC:
 # if OPENSSL_VERSION_NUMBER >= 0x30000000L
-		mac = EVP_MAC_fetch(NULL, OSSL_MAC_NAME_CMAC, NULL);
-		ctx_c = EVP_MAC_CTX_new(mac);
 		ctx_c = EVP_MAC_CTX_dup(sess->auth.cmac.ctx);
-		EVP_MAC_free(mac);
 		status = process_openssl_auth_mac(mbuf_src, dst,
 				op->sym->auth.data.offset, srclen,
 				ctx_c);
-- 
2.30.2


^ permalink raw reply	[flat|nested] 3+ messages in thread

[parent not found: <SN7PR11MB763991660B6600688B66C5E3E65CA@SN7PR11MB7639.namprd11.prod.outlook.com>]

* Re: [PATCH] crypto/openssl: fix memory leak in auth processing function
       [not found] ` <SN7PR11MB763991660B6600688B66C5E3E65CA@SN7PR11MB7639.namprd11.prod.outlook.com>
@ 2023-06-20 10:01   ` Ji, Kai
  2023-06-20 11:00     ` Akhil Goyal
  0 siblings, 1 reply; 3+ messages in thread
From: Ji, Kai @ 2023-06-20 10:01 UTC (permalink / raw)
  To: dev, pallard, didier; +Cc: dpdk stable, Akhil Goyal, Fan Zhang, asekhar

[-- Attachment #1: Type: text/plain, Size: 867 bytes --]

Acked-by: Kai Ji <kai.ji@intel.com<mailto:kai.ji@intel.com>>


> -----Original Message-----
> From: Didier Pallard <didier.pallard@6wind.com>
> Sent: Tuesday 18 April 2023 15:26
> To: dev@dpdk.org
> Cc: stable@dpdk.org; Ji, Kai <kai.ji@intel.com>; Akhil Goyal
> <gakhil@marvell.com>; Fan Zhang <fanzhang.oss@gmail.com>; Ashwin
> Sekhar T K <asekhar@marvell.com>
> Subject: [PATCH] crypto/openssl: fix memory leak in auth processing
> function
>
> Contexts allocated with EVP_MAC_CTX_new calls are leaking, they are
> created then overwritten by the return value of EVP_MAC_CTX_dup call.
>
> Fixes: 75adf1eae44f ("crypto/openssl: update HMAC routine with 3.0 EVP
> API")
> Fixes: 2b9c693f6ef5 ("crypto/openssl: support AES-CMAC operations")
> Signed-off-by: Didier Pallard <didier.pallard@6wind.com>
> Cc: stable@dpdk.org
> ---
> --
> 2.30.2


[-- Attachment #2: Type: text/html, Size: 1672 bytes --]

^ permalink raw reply	[flat|nested] 3+ messages in thread

* RE: [PATCH] crypto/openssl: fix memory leak in auth processing function
  2023-06-20 10:01   ` Ji, Kai
@ 2023-06-20 11:00     ` Akhil Goyal
  0 siblings, 0 replies; 3+ messages in thread
From: Akhil Goyal @ 2023-06-20 11:00 UTC (permalink / raw)
  To: Ji, Kai, dev, pallard, didier; +Cc: dpdk stable, Fan Zhang, Ashwin Sekhar T K

[-- Attachment #1: Type: text/plain, Size: 38 bytes --]

Applied to dpdk-next-crypto
Thanks.

[-- Attachment #2: Type: text/html, Size: 1495 bytes --]

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2023-06-20 11:00 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-04-18 14:26 [PATCH] crypto/openssl: fix memory leak in auth processing function Didier Pallard
     [not found] ` <SN7PR11MB763991660B6600688B66C5E3E65CA@SN7PR11MB7639.namprd11.prod.outlook.com>
2023-06-20 10:01   ` Ji, Kai
2023-06-20 11:00     ` Akhil Goyal

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).