From patchwork Fri Jun 17 11:19:37 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arkadiusz Kusztal X-Patchwork-Id: 113012 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 94335A0032; Fri, 17 Jun 2022 19:23:22 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 3121B42847; Fri, 17 Jun 2022 19:23:16 +0200 (CEST) Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by mails.dpdk.org (Postfix) with ESMTP id 53527410E7 for ; Fri, 17 Jun 2022 19:23:14 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1655486594; x=1687022594; h=from:to:cc:subject:date:message-id; bh=x2fsX6EskGBu7h7dVP0075T6V7jyejolT3QYBG1S2JA=; b=FQLKC2hjbCoOLiS1W1CKHh1iKbuNPXHtnJ5sOLhmgR5qmzd6ERdVU04K /QFNLakpvg0g6I4rqSX1SOQBi9TfIdStUzjWFxIaZD3xSPC1PB0bZINXq wq+Y3/tuLWC1b4VYgw4tT/M0lIPZ5wKlj6YpLtd+GNC3SRRHVPmmdf23x LBRf/snBtvkh7rD3z+pIIDqVVaNIFXcGoC+7939EIhVCKc27Atm9Pc/nm EhxvpZNLE69uGCivQLozBN2ccv2kUkBrCbk2/6bYvDSJeUpPxFKxBj2w9 JMeroejVkQwmhOBe6L3hYM4wppR9dFItx/WxTTbco5kPoSMrtHpyle3hV w==; X-IronPort-AV: E=McAfee;i="6400,9594,10380"; a="365831018" X-IronPort-AV: E=Sophos;i="5.92,306,1650956400"; d="scan'208";a="365831018" Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Jun 2022 05:27:33 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.92,306,1650956400"; d="scan'208";a="832018748" Received: from silpixa00399302.ir.intel.com ([10.237.214.136]) by fmsmga006.fm.intel.com with ESMTP; 17 Jun 2022 05:27:32 -0700 From: Arek Kusztal To: dev@dpdk.org Cc: gakhil@marvell.com, roy.fan.zhang@intel.com, Arek Kusztal Subject: [PATCH] crypto/qat: fix missing copy guards in asym mod Date: Fri, 17 Jun 2022 12:19:37 +0100 Message-Id: <20220617111937.18374-1-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.13.6 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org This commit fixes missing guards for size of memcpy, it is needed to prevent faulty access when incorrect length passed from the user. Fixes: 3b78aa7b2317 ("crypto/qat: refactor asymmetric crypto functions") Signed-off-by: Arek Kusztal Acked-by: Fan Zhang --- drivers/crypto/qat/qat_asym.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c index 82a0450aed..cad04e05b5 100644 --- a/drivers/crypto/qat/qat_asym.c +++ b/drivers/crypto/qat/qat_asym.c @@ -248,6 +248,10 @@ modexp_collect(struct rte_crypto_asym_op *asym_op, uint32_t alg_bytesize = cookie->alg_bytesize; uint8_t *modexp_result = asym_op->modex.result.data; + if (n.length > alg_bytesize) { + QAT_LOG(ERR, "Incorrect length of modexp modulus"); + return RTE_CRYPTO_OP_STATUS_INVALID_ARGS; + } rte_memcpy(modexp_result, cookie->output_array[0] + alg_bytesize - n.length, n.length); @@ -304,6 +308,10 @@ modinv_collect(struct rte_crypto_asym_op *asym_op, uint8_t *modinv_result = asym_op->modinv.result.data; uint32_t alg_bytesize = cookie->alg_bytesize; + if (n.length > alg_bytesize) { + QAT_LOG(ERR, "Incorrect length of modinv modulus"); + return RTE_CRYPTO_OP_STATUS_INVALID_ARGS; + } rte_memcpy(modinv_result + (asym_op->modinv.result.length - n.length), cookie->output_array[0] + alg_bytesize