diff mbox series

[v4] crypto/ipsec_mb: fix coverity issue

Message ID 20220309180200.1864114-1-piotrx.bronowski@intel.com (mailing list archive)
State Accepted, archived
Delegated to: akhil goyal
Headers
Series [v4] crypto/ipsec_mb: fix coverity issue |

Checks

Context Check Description
ci/checkpatch success coding style OK
ci/Intel-compilation success Compilation OK
ci/intel-Testing success Testing PASS
ci/github-robot: build success github build: passed
ci/iol-mellanox-Performance success Performance Testing PASS
ci/iol-intel-Performance success Performance Testing PASS
ci/iol-intel-Functional success Functional Testing PASS
ci/iol-aarch64-unit-testing success Testing PASS
ci/iol-abi-testing success Testing PASS

Commit Message

Piotr Bronowski March 9, 2022, 6:02 p.m. UTC 
  This patch removes coverity defect CID 375828:
Untrusted value as argument (TAINTED_SCALAR)

Coverity issue: CID 375828

Fixes: ceb863938708 ("crypto/aesni_gcm: support all truncated digest sizes")

Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com>

Cc: stable@dpdk.org

---
v4: commit message corrected
---
 drivers/crypto/ipsec_mb/pmd_aesni_gcm.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

Comments

Power, Ciara March 10, 2022, 9:17 a.m. UTC | #1 
>-----Original Message-----
>From: Piotr Bronowski <piotrx.bronowski@intel.com>
>Sent: Wednesday 9 March 2022 18:02
>To: dev@dpdk.org
>Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>; thomas@monjalon.net;
>gakhil@marvell.com; Yigit, Ferruh <ferruh.yigit@intel.com>; Doherty, Declan
><declan.doherty@intel.com>; Bronowski, PiotrX
><piotrx.bronowski@intel.com>; stable@dpdk.org
>Subject: [PATCH v4] crypto/ipsec_mb: fix coverity issue
>
>This patch removes coverity defect CID 375828:
>Untrusted value as argument (TAINTED_SCALAR)
>
>Coverity issue: CID 375828
>
>Fixes: ceb863938708 ("crypto/aesni_gcm: support all truncated digest sizes")
>
>Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com>
>
>Cc: stable@dpdk.org
>
>---
>v4: commit message corrected
>---
> drivers/crypto/ipsec_mb/pmd_aesni_gcm.c | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
>
<snip>

Acked-by: Ciara Power <ciara.power@intel.com>
Thomas Monjalon March 14, 2022, 10:32 a.m. UTC | #2 
> >This patch removes coverity defect CID 375828:
> >Untrusted value as argument (TAINTED_SCALAR)

It lacks an explanation of the cause.

> >Coverity issue: CID 375828

You should not write CID above.
> >
> >Fixes: ceb863938708 ("crypto/aesni_gcm: support all truncated digest sizes")
> >
> >Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com>
> >
> >Cc: stable@dpdk.org

This Cc should be just below the "Fixes".

> Acked-by: Ciara Power <ciara.power@intel.com>

Fixed formatting, writing a better title, and applied.
diff mbox series

Patch

diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c b/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c
index e5ad629fe5..2c033c6f28 100644
--- a/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c
+++ b/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c
@@ -96,7 +96,9 @@  aesni_gcm_session_configure(IMB_MGR *mb_mgr, void *session,
 		sess->iv.length = auth_xform->auth.iv.length;
 		key_length = auth_xform->auth.key.length;
 		key = auth_xform->auth.key.data;
-		sess->req_digest_length = auth_xform->auth.digest_length;
+		sess->req_digest_length =
+		    RTE_MIN(auth_xform->auth.digest_length,
+				DIGEST_LENGTH_MAX);
 		break;
 	case IPSEC_MB_OP_AEAD_AUTHENTICATED_ENCRYPT:
 	case IPSEC_MB_OP_AEAD_AUTHENTICATED_DECRYPT:
@@ -116,7 +118,9 @@  aesni_gcm_session_configure(IMB_MGR *mb_mgr, void *session,
 		key_length = aead_xform->aead.key.length;
 		key = aead_xform->aead.key.data;
 		sess->aad_length = aead_xform->aead.aad_length;
-		sess->req_digest_length = aead_xform->aead.digest_length;
+		sess->req_digest_length =
+			RTE_MIN(aead_xform->aead.digest_length,
+				DIGEST_LENGTH_MAX);
 		break;
 	default:
 		IPSEC_MB_LOG(