From: Piotr Bronowski <piotrx.bronowski@intel.com>
To: dev@dpdk.org
Cc: roy.fan.zhang@intel.com, thomas@monjalon.net, gakhil@marvell.com,
ferruh.yigit@intel.com, declan.doherty@intel.com,
Piotr Bronowski <piotrx.bronowski@intel.com>
Subject: [PATCH] crypto/ipsec_mb: fix usage of untrusted value
Date: Mon, 7 Mar 2022 12:48:02 +0000 [thread overview]
Message-ID: <20220307124802.1371808-1-piotrx.bronowski@intel.com> (raw)
This patch removes coverity defect CID 375828:
Untrusted value as argument (TAINTED_SCALAR)
Coverity issue: CID 375828
Fixes: 918fd2f1466b ("crypto/ipsec_mb: move aesni_mb PMD")
Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com>
---
drivers/crypto/ipsec_mb/pmd_aesni_gcm.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c b/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c
index e5ad629fe5..f735b77680 100644
--- a/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c
+++ b/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c
@@ -206,6 +206,9 @@ post_process_gcm_crypto_op(struct ipsec_mb_qp *qp,
op->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED;
} else {
if (session->req_digest_length != session->gen_digest_length) {
+ session->req_digest_length =
+ RTE_MIN(session->req_digest_length,
+ DIGEST_LENGTH_MAX);
if (session->op ==
IPSEC_MB_OP_AEAD_AUTHENTICATED_ENCRYPT)
memcpy(op->sym->aead.digest.data,
--
2.30.2
--------------------------------------------------------------
Intel Research and Development Ireland Limited
Registered in Ireland
Registered Office: Collinstown Industrial Park, Leixlip, County Kildare
Registered Number: 308263
This e-mail and any attachments may contain confidential material for the sole
use of the intended recipient(s). Any review or distribution by others is
strictly prohibited. If you are not the intended recipient, please contact the
sender and delete all copies.
next reply other threads:[~2022-03-07 12:48 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-07 12:48 Piotr Bronowski [this message]
2022-03-07 15:32 ` [PATCH v2] " Piotr Bronowski
2022-03-07 16:26 ` Zhang, Roy Fan
2022-03-09 13:19 ` Ji, Kai
2022-03-09 14:34 ` Zhang, Roy Fan
2022-03-09 14:40 ` Power, Ciara
2022-03-09 15:08 ` [PATCH v3] crypto/ipsec_mb: fix coverity issue Piotr Bronowski
2022-03-09 18:02 ` [PATCH v4] " Piotr Bronowski
2022-03-10 9:17 ` Power, Ciara
2022-03-14 10:32 ` Thomas Monjalon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220307124802.1371808-1-piotrx.bronowski@intel.com \
--to=piotrx.bronowski@intel.com \
--cc=declan.doherty@intel.com \
--cc=dev@dpdk.org \
--cc=ferruh.yigit@intel.com \
--cc=gakhil@marvell.com \
--cc=roy.fan.zhang@intel.com \
--cc=thomas@monjalon.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).