[v4] crypto/ipsec_mb: fix coverity issue
Checks
Commit Message
This patch removes coverity defect CID 375828:
Untrusted value as argument (TAINTED_SCALAR)
Coverity issue: CID 375828
Fixes: ceb863938708 ("crypto/aesni_gcm: support all truncated digest sizes")
Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com>
Cc: stable@dpdk.org
---
v4: commit message corrected
---
drivers/crypto/ipsec_mb/pmd_aesni_gcm.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
Comments
>-----Original Message-----
>From: Piotr Bronowski <piotrx.bronowski@intel.com>
>Sent: Wednesday 9 March 2022 18:02
>To: dev@dpdk.org
>Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>; thomas@monjalon.net;
>gakhil@marvell.com; Yigit, Ferruh <ferruh.yigit@intel.com>; Doherty, Declan
><declan.doherty@intel.com>; Bronowski, PiotrX
><piotrx.bronowski@intel.com>; stable@dpdk.org
>Subject: [PATCH v4] crypto/ipsec_mb: fix coverity issue
>
>This patch removes coverity defect CID 375828:
>Untrusted value as argument (TAINTED_SCALAR)
>
>Coverity issue: CID 375828
>
>Fixes: ceb863938708 ("crypto/aesni_gcm: support all truncated digest sizes")
>
>Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com>
>
>Cc: stable@dpdk.org
>
>---
>v4: commit message corrected
>---
> drivers/crypto/ipsec_mb/pmd_aesni_gcm.c | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
>
<snip>
Acked-by: Ciara Power <ciara.power@intel.com>
> >This patch removes coverity defect CID 375828:
> >Untrusted value as argument (TAINTED_SCALAR)
It lacks an explanation of the cause.
> >Coverity issue: CID 375828
You should not write CID above.
> >
> >Fixes: ceb863938708 ("crypto/aesni_gcm: support all truncated digest sizes")
> >
> >Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com>
> >
> >Cc: stable@dpdk.org
This Cc should be just below the "Fixes".
> Acked-by: Ciara Power <ciara.power@intel.com>
Fixed formatting, writing a better title, and applied.
@@ -96,7 +96,9 @@ aesni_gcm_session_configure(IMB_MGR *mb_mgr, void *session,
sess->iv.length = auth_xform->auth.iv.length;
key_length = auth_xform->auth.key.length;
key = auth_xform->auth.key.data;
- sess->req_digest_length = auth_xform->auth.digest_length;
+ sess->req_digest_length =
+ RTE_MIN(auth_xform->auth.digest_length,
+ DIGEST_LENGTH_MAX);
break;
case IPSEC_MB_OP_AEAD_AUTHENTICATED_ENCRYPT:
case IPSEC_MB_OP_AEAD_AUTHENTICATED_DECRYPT:
@@ -116,7 +118,9 @@ aesni_gcm_session_configure(IMB_MGR *mb_mgr, void *session,
key_length = aead_xform->aead.key.length;
key = aead_xform->aead.key.data;
sess->aad_length = aead_xform->aead.aad_length;
- sess->req_digest_length = aead_xform->aead.digest_length;
+ sess->req_digest_length =
+ RTE_MIN(aead_xform->aead.digest_length,
+ DIGEST_LENGTH_MAX);
break;
default:
IPSEC_MB_LOG(