[PATCH v2] crypto/ipsec_mb: fix usage of untrusted value

Piotr Bronowski piotrx.bronowski at intel.com
Mon Mar 7 16:32:33 CET 2022

Previous message (by thread): please help backporting some patches to stable release 19.11.12 - part II
Next message (by thread): [PATCH v2] crypto/ipsec_mb: fix usage of untrusted value
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This patch removes coverity defect CID 375828:
Untrusted value as argument (TAINTED_SCALAR)

Coverity issue: CID 375828
Fixes: 918fd2f1466b ("crypto/ipsec_mb: move aesni_mb PMD")

Signed-off-by: Piotr Bronowski <piotrx.bronowski at intel.com>

Cc: stable at dpdk.org

---
v2: use a different logic to check digest length
---
 drivers/crypto/ipsec_mb/pmd_aesni_gcm.c | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c b/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c
index e5ad629fe5..7cd20fc1cf 100644
--- a/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c
+++ b/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c
@@ -96,7 +96,9 @@ aesni_gcm_session_configure(IMB_MGR *mb_mgr, void *session,
 		sess->iv.length = auth_xform->auth.iv.length;
 		key_length = auth_xform->auth.key.length;
 		key = auth_xform->auth.key.data;
-		sess->req_digest_length = auth_xform->auth.digest_length;
+		sess->req_digest_length =
+		    RTE_MIN(auth_xform->auth.digest_length,
+				DIGEST_LENGTH_MAX);
 		break;
 	case IPSEC_MB_OP_AEAD_AUTHENTICATED_ENCRYPT:
 	case IPSEC_MB_OP_AEAD_AUTHENTICATED_DECRYPT:
@@ -116,7 +118,9 @@ aesni_gcm_session_configure(IMB_MGR *mb_mgr, void *session,
 		key_length = aead_xform->aead.key.length;
 		key = aead_xform->aead.key.data;
 		sess->aad_length = aead_xform->aead.aad_length;
-		sess->req_digest_length = aead_xform->aead.digest_length;
+		sess->req_digest_length =
+			RTE_MIN(aead_xform->aead.digest_length,
+				DIGEST_LENGTH_MAX);
 		break;
 	default:
 		IPSEC_MB_LOG(
@@ -146,7 +150,7 @@ aesni_gcm_session_configure(IMB_MGR *mb_mgr, void *session,
 	}
 
 	/* Digest check */
-	if (sess->req_digest_length > 16) {
+	if (sess->req_digest_length > DIGEST_LENGTH_MAX) {
 		IPSEC_MB_LOG(ERR, "Invalid digest length");
 		ret = -EINVAL;
 		goto error_exit;
@@ -157,7 +161,7 @@ aesni_gcm_session_configure(IMB_MGR *mb_mgr, void *session,
 	 * the requested number of bytes.
 	 */
 	if (sess->req_digest_length < 4)
-		sess->gen_digest_length = 16;
+		sess->gen_digest_length = DIGEST_LENGTH_MAX;
 	else
 		sess->gen_digest_length = sess->req_digest_length;
 
-- 
2.30.2

--------------------------------------------------------------
Intel Research and Development Ireland Limited
Registered in Ireland
Registered Office: Collinstown Industrial Park, Leixlip, County Kildare
Registered Number: 308263


This e-mail and any attachments may contain confidential material for the sole
use of the intended recipient(s). Any review or distribution by others is
strictly prohibited. If you are not the intended recipient, please contact the
sender and delete all copies.

Previous message (by thread): please help backporting some patches to stable release 19.11.12 - part II
Next message (by thread): [PATCH v2] crypto/ipsec_mb: fix usage of untrusted value
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the stable mailing list