diff mbox

[dpdk-dev] crypto/qat: fix possible out-of-bounds error

Message ID 1499095467-6516-1-git-send-email-fiona.trahe@intel.com (mailing list archive)
State Accepted, archived
Delegated to: Pablo de Lara Guarch
Headers

Checks

Context Check Description
ci/checkpatch success coding style OK
ci/Intel-compilation success Compilation OK

Commit Message

Fiona Trahe July 3, 2017, 3:24 p.m. UTC 
  Out-of-bounds access possible if ctx.qat_cipher_alg has invalid value.
This should never happen at this point on data path, but fix for safety.

Coverity issue: 143458
Coverity issue: 143465

Fixes: d18ab45f7654 ("crypto/qat: support DOCSIS BPI mode")

Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
---
 drivers/crypto/qat/qat_crypto.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

Comments

De Lara Guarch, Pablo July 6, 2017, 2:20 p.m. UTC | #1 
> -----Original Message-----
> From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Fiona Trahe
> Sent: Monday, July 3, 2017 4:24 PM
> To: dev@dpdk.org; De Lara Guarch, Pablo
> <pablo.de.lara.guarch@intel.com>; Trahe, Fiona <fiona.trahe@intel.com>
> Subject: [dpdk-dev] [PATCH] crypto/qat: fix possible out-of-bounds error
> 
> Out-of-bounds access possible if ctx.qat_cipher_alg has invalid value.
> This should never happen at this point on data path, but fix for safety.
> 
> Coverity issue: 143458
> Coverity issue: 143465
> 
> Fixes: d18ab45f7654 ("crypto/qat: support DOCSIS BPI mode")
> 
> Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
> ---
>  drivers/crypto/qat/qat_crypto.c | 6 ++++--
>  1 file changed, 4 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/crypto/qat/qat_crypto.c
> b/drivers/crypto/qat/qat_crypto.c index f8e1d01..33b6eb0 100644
> --- a/drivers/crypto/qat/qat_crypto.c
> +++ b/drivers/crypto/qat/qat_crypto.c
> @@ -618,7 +618,8 @@ qat_bpicipher_preprocess(struct qat_session *ctx,
> {
>  	uint8_t block_len = qat_cipher_get_block_size(ctx-
> >qat_cipher_alg);
>  	struct rte_crypto_sym_op *sym_op = op->sym;
> -	uint8_t last_block_len = sym_op->cipher.data.length % block_len;
> +	uint8_t last_block_len = block_len > 0 ?
> +			sym_op->cipher.data.length % block_len : 0;
> 
>  	if (last_block_len &&
>  			ctx->qat_dir == ICP_QAT_HW_CIPHER_DECRYPT) {
> @@ -671,7 +672,8 @@ qat_bpicipher_postprocess(struct qat_session
> *ctx,  {
>  	uint8_t block_len = qat_cipher_get_block_size(ctx-
> >qat_cipher_alg);
>  	struct rte_crypto_sym_op *sym_op = op->sym;
> -	uint8_t last_block_len = sym_op->cipher.data.length % block_len;
> +	uint8_t last_block_len = block_len > 0 ?
> +			sym_op->cipher.data.length % block_len : 0;
> 
>  	if (last_block_len > 0 &&
>  			ctx->qat_dir == ICP_QAT_HW_CIPHER_ENCRYPT) {
> --
> 2.7.4

CC'ing stable.

Applied to dpdk-next-crypto.
Thanks,

Pablo
diff mbox

Patch

diff --git a/drivers/crypto/qat/qat_crypto.c b/drivers/crypto/qat/qat_crypto.c
index f8e1d01..33b6eb0 100644
--- a/drivers/crypto/qat/qat_crypto.c
+++ b/drivers/crypto/qat/qat_crypto.c
@@ -618,7 +618,8 @@  qat_bpicipher_preprocess(struct qat_session *ctx,
 {
 	uint8_t block_len = qat_cipher_get_block_size(ctx->qat_cipher_alg);
 	struct rte_crypto_sym_op *sym_op = op->sym;
-	uint8_t last_block_len = sym_op->cipher.data.length % block_len;
+	uint8_t last_block_len = block_len > 0 ?
+			sym_op->cipher.data.length % block_len : 0;
 
 	if (last_block_len &&
 			ctx->qat_dir == ICP_QAT_HW_CIPHER_DECRYPT) {
@@ -671,7 +672,8 @@  qat_bpicipher_postprocess(struct qat_session *ctx,
 {
 	uint8_t block_len = qat_cipher_get_block_size(ctx->qat_cipher_alg);
 	struct rte_crypto_sym_op *sym_op = op->sym;
-	uint8_t last_block_len = sym_op->cipher.data.length % block_len;
+	uint8_t last_block_len = block_len > 0 ?
+			sym_op->cipher.data.length % block_len : 0;
 
 	if (last_block_len > 0 &&
 			ctx->qat_dir == ICP_QAT_HW_CIPHER_ENCRYPT) {