From patchwork Mon Mar  7 15:32:33 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Piotr Bronowski <piotrx.bronowski@intel.com>
X-Patchwork-Id: 108581
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 302E4A0093;
	Mon,  7 Mar 2022 16:33:41 +0100 (CET)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id C40A940688;
	Mon,  7 Mar 2022 16:33:40 +0100 (CET)
Received: from mga05.intel.com (mga05.intel.com [192.55.52.43])
 by mails.dpdk.org (Postfix) with ESMTP id 4EBFA4014E;
 Mon,  7 Mar 2022 16:33:39 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
 d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
 t=1646667219; x=1678203219;
 h=from:to:cc:subject:date:message-id:in-reply-to:
 references:mime-version:content-transfer-encoding;
 bh=ouXhWRquK/4djpvTpvq+c2c/ftI/4eozifbDUZClo3c=;
 b=ObNfBZdtocFExE0laKF+97LT174P2fUmMnQu5SGmyNdjZSOBOciqrH3P
 X/izQWOqjhMOpoc6JRP6CX1eFW6PI1T2Zo10Q7wVZGTDEIPCHiXy+GmWu
 x1qkG/AsfDW0nMDL6U+kaB8rHW+pxyxqBYjYIbfbXgu/XP47TZKQOaQxo
 kfC43J1u+Px0ICdeFE6ZqAwZzSUQ88Lk/nYqLJcgrljWpFjdrhyaVvVVj
 cuVozZx0FfgFBDjJq3ao9oQFOOQqnfvv5VLww6Cmudag0YfKZw4vBjYdK
 y8dYgqfLHHC9HT/ADXLwr/NT7P7t+8K5L8pVe8mUiKLrN4rErC8d64Cbh g==;
X-IronPort-AV: E=McAfee;i="6200,9189,10279"; a="340850313"
X-IronPort-AV: E=Sophos;i="5.90,162,1643702400"; d="scan'208";a="340850313"
Received: from fmsmga007.fm.intel.com ([10.253.24.52])
 by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 07 Mar 2022 07:33:38 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.90,162,1643702400"; d="scan'208";a="546923691"
Received: from silpixa00400320.ir.intel.com ([10.237.214.242])
 by fmsmga007.fm.intel.com with ESMTP; 07 Mar 2022 07:33:36 -0800
From: Piotr Bronowski <piotrx.bronowski@intel.com>
To: dev@dpdk.org
Cc: roy.fan.zhang@intel.com, thomas@monjalon.net, gakhil@marvell.com,
 ferruh.yigit@intel.com, declan.doherty@intel.com,
 Piotr Bronowski <piotrx.bronowski@intel.com>, stable@dpdk.org
Subject: [PATCH v2] crypto/ipsec_mb: fix usage of untrusted value
Date: Mon,  7 Mar 2022 15:32:33 +0000
Message-Id: <20220307153233.1407564-1-piotrx.bronowski@intel.com>
X-Mailer: git-send-email 2.30.2
In-Reply-To: <20220307124802.1371808-1-piotrx.bronowski@intel.com>
References: <20220307124802.1371808-1-piotrx.bronowski@intel.com>
MIME-Version: 1.0
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

This patch removes coverity defect CID 375828:
Untrusted value as argument (TAINTED_SCALAR)

Coverity issue: CID 375828
Fixes: 918fd2f1466b ("crypto/ipsec_mb: move aesni_mb PMD")

Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com>

Cc: stable@dpdk.org
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Kai Ji <kai.ji@intel.com>
---
v2: use a different logic to check digest length
---
 drivers/crypto/ipsec_mb/pmd_aesni_gcm.c | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c b/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c
index e5ad629fe5..7cd20fc1cf 100644
--- a/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c
+++ b/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c
@@ -96,7 +96,9 @@ aesni_gcm_session_configure(IMB_MGR *mb_mgr, void *session,
 		sess->iv.length = auth_xform->auth.iv.length;
 		key_length = auth_xform->auth.key.length;
 		key = auth_xform->auth.key.data;
-		sess->req_digest_length = auth_xform->auth.digest_length;
+		sess->req_digest_length =
+		    RTE_MIN(auth_xform->auth.digest_length,
+				DIGEST_LENGTH_MAX);
 		break;
 	case IPSEC_MB_OP_AEAD_AUTHENTICATED_ENCRYPT:
 	case IPSEC_MB_OP_AEAD_AUTHENTICATED_DECRYPT:
@@ -116,7 +118,9 @@ aesni_gcm_session_configure(IMB_MGR *mb_mgr, void *session,
 		key_length = aead_xform->aead.key.length;
 		key = aead_xform->aead.key.data;
 		sess->aad_length = aead_xform->aead.aad_length;
-		sess->req_digest_length = aead_xform->aead.digest_length;
+		sess->req_digest_length =
+			RTE_MIN(aead_xform->aead.digest_length,
+				DIGEST_LENGTH_MAX);
 		break;
 	default:
 		IPSEC_MB_LOG(
@@ -146,7 +150,7 @@ aesni_gcm_session_configure(IMB_MGR *mb_mgr, void *session,
 	}
 
 	/* Digest check */
-	if (sess->req_digest_length > 16) {
+	if (sess->req_digest_length > DIGEST_LENGTH_MAX) {
 		IPSEC_MB_LOG(ERR, "Invalid digest length");
 		ret = -EINVAL;
 		goto error_exit;
@@ -157,7 +161,7 @@ aesni_gcm_session_configure(IMB_MGR *mb_mgr, void *session,
 	 * the requested number of bytes.
 	 */
 	if (sess->req_digest_length < 4)
-		sess->gen_digest_length = 16;
+		sess->gen_digest_length = DIGEST_LENGTH_MAX;
 	else
 		sess->gen_digest_length = sess->req_digest_length;