[PATCH v4] crypto/ipsec_mb: fix coverity issue
Piotr Bronowski
piotrx.bronowski at intel.com
Wed Mar 9 19:02:00 CET 2022
This patch removes coverity defect CID 375828:
Untrusted value as argument (TAINTED_SCALAR)
Coverity issue: CID 375828
Fixes: ceb863938708 ("crypto/aesni_gcm: support all truncated digest sizes")
Signed-off-by: Piotr Bronowski <piotrx.bronowski at intel.com>
Cc: stable at dpdk.org
---
v4: commit message corrected
---
drivers/crypto/ipsec_mb/pmd_aesni_gcm.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c b/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c
index e5ad629fe5..2c033c6f28 100644
--- a/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c
+++ b/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c
@@ -96,7 +96,9 @@ aesni_gcm_session_configure(IMB_MGR *mb_mgr, void *session,
sess->iv.length = auth_xform->auth.iv.length;
key_length = auth_xform->auth.key.length;
key = auth_xform->auth.key.data;
- sess->req_digest_length = auth_xform->auth.digest_length;
+ sess->req_digest_length =
+ RTE_MIN(auth_xform->auth.digest_length,
+ DIGEST_LENGTH_MAX);
break;
case IPSEC_MB_OP_AEAD_AUTHENTICATED_ENCRYPT:
case IPSEC_MB_OP_AEAD_AUTHENTICATED_DECRYPT:
@@ -116,7 +118,9 @@ aesni_gcm_session_configure(IMB_MGR *mb_mgr, void *session,
key_length = aead_xform->aead.key.length;
key = aead_xform->aead.key.data;
sess->aad_length = aead_xform->aead.aad_length;
- sess->req_digest_length = aead_xform->aead.digest_length;
+ sess->req_digest_length =
+ RTE_MIN(aead_xform->aead.digest_length,
+ DIGEST_LENGTH_MAX);
break;
default:
IPSEC_MB_LOG(
--
2.30.2
--------------------------------------------------------------
Intel Research and Development Ireland Limited
Registered in Ireland
Registered Office: Collinstown Industrial Park, Leixlip, County Kildare
Registered Number: 308263
This e-mail and any attachments may contain confidential material for the sole
use of the intended recipient(s). Any review or distribution by others is
strictly prohibited. If you are not the intended recipient, please contact the
sender and delete all copies.
More information about the stable
mailing list