DPDK-dev Archive on lore.kernel.org
 help / color / Atom feed
From: "De Lara Guarch, Pablo" <pablo.de.lara.guarch@intel.com>
To: "Zhang, Roy Fan" <roy.fan.zhang@intel.com>,
	"dev@dpdk.org" <dev@dpdk.org>
Cc: "akhil.goyal@nxp.com" <akhil.goyal@nxp.com>,
	"Zhang, Roy Fan" <roy.fan.zhang@intel.com>
Subject: Re: [dpdk-dev] [PATCH] aesni_mb: fix out-of-bounds access
Date: Mon, 17 Jun 2019 10:40:24 +0000
Message-ID: <E115CCD9D858EF4F90C690B0DCB4D89780404298@irsmsx112.ger.corp.intel.com> (raw)
In-Reply-To: <20190515153259.74322-1-roy.fan.zhang@intel.com>

Hi Fan,

> -----Original Message-----
> From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Fan Zhang
> Sent: Wednesday, May 15, 2019 4:33 PM
> To: dev@dpdk.org
> Cc: akhil.goyal@nxp.com; Zhang, Roy Fan <roy.fan.zhang@intel.com>
> Subject: [dpdk-dev] [PATCH] aesni_mb: fix out-of-bounds access
> 
> This patch fixes the out-of-bounds coverity issue by adding missed
> algorithms to the array.
> 
> Coverity issue: 337683
> 
> Fixes: c68d7aa354f6 ("crypto/aesni_mb: use architecture independent
> macros")
> 
> Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
> ---
>  drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h | 8 +++++++-
>  1 file changed, 7 insertions(+), 1 deletion(-)
> 
> diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
> b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
> index 4d439360f..c937b21b6 100644
> --- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
> +++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
> @@ -65,7 +65,13 @@ static const unsigned
> auth_truncated_digest_byte_lengths[] = {
>  		[AES_XCBC]	= 12,
>  		[AES_CMAC]	= 12,
>  		[AES_CCM]	= 8,
> -		[NULL_HASH]	= 0
> +		[NULL_HASH]	= 0,
> +		[AES_GMAC]	= 12,

According to the code in the IPSec MB lib, truncated value for GMAC is 16,
although it can actually generate anything from 4 to 16 bytes,
so I guess any value between this range could work.

> +		[PLAIN_SHA1]	= 20,
> +		[PLAIN_SHA_224]	= 28,
> +		[PLAIN_SHA_256]	= 32,
> +		[PLAIN_SHA_384]	= 48,
> +		[PLAIN_SHA_512]	= 64
>  };
> 

Could you also complete the other two arrays?
auth_digest_byte_lengths (missing AES_CCM) and auth_blocksize.

Thanks!
Pablo

>  /**
> --
> 2.14.5


  reply index

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-05-15 15:32 Fan Zhang
2019-06-17 10:40 ` De Lara Guarch, Pablo [this message]
2019-06-17 14:31 ` [dpdk-dev] [PATCH v2] " Fan Zhang
2019-06-18 13:36   ` Akhil Goyal
2019-06-18 16:34   ` De Lara Guarch, Pablo
2019-06-24 15:40   ` [dpdk-dev] [PATCH v3] " Fan Zhang
2019-06-25 12:47     ` Akhil Goyal

Reply instructions:

You may reply publically to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=E115CCD9D858EF4F90C690B0DCB4D89780404298@irsmsx112.ger.corp.intel.com \
    --to=pablo.de.lara.guarch@intel.com \
    --cc=akhil.goyal@nxp.com \
    --cc=dev@dpdk.org \
    --cc=roy.fan.zhang@intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

DPDK-dev Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/dpdk-dev/0 dpdk-dev/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 dpdk-dev dpdk-dev/ https://lore.kernel.org/dpdk-dev \
		dev@dpdk.org dpdk-dev@archiver.kernel.org
	public-inbox-index dpdk-dev


Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.dpdk.dev


AGPL code for this site: git clone https://public-inbox.org/ public-inbox