diff mbox series

[v1] crypto/openssl: fix of ASAN heap-use-after-free

Message ID	20230308144748.28370-1-kai.ji@intel.com (mailing list archive)
State	Accepted, archived
Delegated to:	akhil goyal
Headers	From: Kai Ji <kai.ji@intel.com> To: dev@dpdk.org Cc: gakhil@marvell.com, Kai Ji <kai.ji@intel.com> Subject: [dpdk-dev v1] crypto/openssl: fix of ASAN heap-use-after-free Date: Wed, 8 Mar 2023 22:47:48 +0800 Message-Id: <20230308144748.28370-1-kai.ji@intel.com> Precedence: list Errors-To: dev-bounces@dpdk.org
Series	[v1] crypto/openssl: fix of ASAN heap-use-after-free \| [v1] crypto/openssl: fix of ASAN heap-use-after-free

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK
ci/loongarch-compilation	success	Compilation OK
ci/loongarch-unit-testing	success	Unit Testing PASS
ci/Intel-compilation	success	Compilation OK
ci/intel-Testing	success	Testing PASS
ci/intel-Functional	success	Functional PASS
ci/github-robot: build	success	github build: passed
ci/iol-mellanox-Performance	success	Performance Testing PASS
ci/iol-broadcom-Functional	success	Functional Testing PASS
ci/iol-aarch64-unit-testing	success	Testing PASS
ci/iol-broadcom-Performance	success	Performance Testing PASS
ci/iol-intel-Functional	success	Functional Testing PASS
ci/iol-intel-Performance	success	Performance Testing PASS
ci/iol-abi-testing	success	Testing PASS
ci/iol-x86_64-compile-testing	success	Testing PASS
ci/iol-testing	success	Testing PASS
ci/iol-x86_64-unit-testing	success	Testing PASS
ci/iol-aarch64-compile-testing	success	Testing PASS

Commit Message

Ji, Kai March 8, 2023, 2:47 p.m. UTC

  fix of ASAN report on heap-use-after-free error on tmp buffer.

Fixes: d7bd42f6db19 ("crypto/openssl: update RSA routine with 3.0 EVP API")
Cc: kai.ji@intel.com

Signed-off-by: Kai Ji <kai.ji@intel.com>
---
 drivers/crypto/openssl/rte_openssl_pmd.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

Comments

Power, Ciara March 10, 2023, 3:18 p.m. UTC | #1

Hey Kai,

> -----Original Message-----
> From: Kai Ji <kai.ji@intel.com>
> Sent: Wednesday 8 March 2023 14:48
> To: dev@dpdk.org
> Cc: gakhil@marvell.com; Ji, Kai <kai.ji@intel.com>
> Subject: [dpdk-dev v1] crypto/openssl: fix of ASAN heap-use-after-free
> 
> fix of ASAN report on heap-use-after-free error on tmp buffer.
> 
> Fixes: d7bd42f6db19 ("crypto/openssl: update RSA routine with 3.0 EVP
> API")
> Cc: kai.ji@intel.com
> 
> Signed-off-by: Kai Ji <kai.ji@intel.com>
> ---
>  drivers/crypto/openssl/rte_openssl_pmd.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 

[CP] 
Need to add cc for stable@dpdk.org 

Acked-by: Ciara Power <ciara.power@intel.com>

Akhil Goyal March 11, 2023, 6:57 p.m. UTC | #2

> > Subject: [dpdk-dev v1] crypto/openssl: fix of ASAN heap-use-after-free
> >
> > fix of ASAN report on heap-use-after-free error on tmp buffer.
> >
> > Fixes: d7bd42f6db19 ("crypto/openssl: update RSA routine with 3.0 EVP
> > API")
> > Cc: kai.ji@intel.com
> >
> > Signed-off-by: Kai Ji <kai.ji@intel.com>
> > ---
> >  drivers/crypto/openssl/rte_openssl_pmd.c | 4 ++--
> >  1 file changed, 2 insertions(+), 2 deletions(-)
> >
> 
> [CP]
> Need to add cc for stable@dpdk.org
> 
> Acked-by: Ciara Power <ciara.power@intel.com>
Applied to dpdk-next-crypto
Cc: stable@dpdk.org
Thanks.

diff mbox series

Patch

diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index abcb641a44..384d262621 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -2633,7 +2633,7 @@  process_openssl_rsa_op_evp(struct rte_crypto_op *cop,
 		if (EVP_PKEY_verify_recover(rsa_ctx, tmp, &outlen,
 				op->rsa.sign.data,
 				op->rsa.sign.length) <= 0) {
-			rte_free(tmp);
+			OPENSSL_free(tmp);
 			goto err_rsa;
 		}
 
@@ -2645,7 +2645,7 @@  process_openssl_rsa_op_evp(struct rte_crypto_op *cop,
 				op->rsa.message.length)) {
 			OPENSSL_LOG(ERR, "RSA sign Verification failed");
 		}
-		rte_free(tmp);
+		OPENSSL_free(tmp);
 		break;
 
 	default: