From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by dpdk.space (Postfix) with ESMTP id 02C3BA0471 for ; Mon, 17 Jun 2019 12:40:30 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 74D811BEDC; Mon, 17 Jun 2019 12:40:29 +0200 (CEST) Received: from mga17.intel.com (mga17.intel.com [192.55.52.151]) by dpdk.org (Postfix) with ESMTP id D0F0A1BEC4 for ; Mon, 17 Jun 2019 12:40:27 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga001.jf.intel.com ([10.7.209.18]) by fmsmga107.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 17 Jun 2019 03:40:26 -0700 X-ExtLoop1: 1 Received: from irsmsx154.ger.corp.intel.com ([163.33.192.96]) by orsmga001.jf.intel.com with ESMTP; 17 Jun 2019 03:40:25 -0700 Received: from irsmsx156.ger.corp.intel.com (10.108.20.68) by IRSMSX154.ger.corp.intel.com (163.33.192.96) with Microsoft SMTP Server (TLS) id 14.3.439.0; Mon, 17 Jun 2019 11:40:24 +0100 Received: from irsmsx112.ger.corp.intel.com ([169.254.1.194]) by IRSMSX156.ger.corp.intel.com ([169.254.3.131]) with mapi id 14.03.0439.000; Mon, 17 Jun 2019 11:40:24 +0100 From: "De Lara Guarch, Pablo" To: "Zhang, Roy Fan" , "dev@dpdk.org" CC: "akhil.goyal@nxp.com" , "Zhang, Roy Fan" Thread-Topic: [dpdk-dev] [PATCH] aesni_mb: fix out-of-bounds access Thread-Index: AQHVCzQii0Ad/IqHPUetcYV0C4ZTcqaf2Xrw Date: Mon, 17 Jun 2019 10:40:24 +0000 Message-ID: References: <20190515153259.74322-1-roy.fan.zhang@intel.com> In-Reply-To: <20190515153259.74322-1-roy.fan.zhang@intel.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiOWZkM2I0YTctZTUzYS00ZWJjLWI0YzItMmQxMTAxM2RkZGUzIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjEwLjE4MDQuNDkiLCJUcnVzdGVkTGFiZWxIYXNoIjoidEppWmtDZ0U4amw4ZmZqVEYwa3RkXC9JYWFyTmM5cWZQNWc5Vmt0Kzg5bkRGalwvMWNTMlM1OW5lOHZZVnBNNmlGIn0= x-ctpclassification: CTP_NT dlp-product: dlpe-windows dlp-version: 11.0.600.7 dlp-reaction: no-action x-originating-ip: [163.33.239.180] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: Re: [dpdk-dev] [PATCH] aesni_mb: fix out-of-bounds access X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Hi Fan, > -----Original Message----- > From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Fan Zhang > Sent: Wednesday, May 15, 2019 4:33 PM > To: dev@dpdk.org > Cc: akhil.goyal@nxp.com; Zhang, Roy Fan > Subject: [dpdk-dev] [PATCH] aesni_mb: fix out-of-bounds access >=20 > This patch fixes the out-of-bounds coverity issue by adding missed > algorithms to the array. >=20 > Coverity issue: 337683 >=20 > Fixes: c68d7aa354f6 ("crypto/aesni_mb: use architecture independent > macros") >=20 > Signed-off-by: Fan Zhang > --- > drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h | 8 +++++++- > 1 file changed, 7 insertions(+), 1 deletion(-) >=20 > diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h > b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h > index 4d439360f..c937b21b6 100644 > --- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h > +++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h > @@ -65,7 +65,13 @@ static const unsigned > auth_truncated_digest_byte_lengths[] =3D { > [AES_XCBC] =3D 12, > [AES_CMAC] =3D 12, > [AES_CCM] =3D 8, > - [NULL_HASH] =3D 0 > + [NULL_HASH] =3D 0, > + [AES_GMAC] =3D 12, According to the code in the IPSec MB lib, truncated value for GMAC is 16, although it can actually generate anything from 4 to 16 bytes, so I guess any value between this range could work. > + [PLAIN_SHA1] =3D 20, > + [PLAIN_SHA_224] =3D 28, > + [PLAIN_SHA_256] =3D 32, > + [PLAIN_SHA_384] =3D 48, > + [PLAIN_SHA_512] =3D 64 > }; >=20 Could you also complete the other two arrays? auth_digest_byte_lengths (missing AES_CCM) and auth_blocksize. Thanks! Pablo > /** > -- > 2.14.5