examples/fips_validation: fix coverity issues

Message ID 20240615113118.2137-1-gmuthukrishn@marvell.com (mailing list archive)
State Superseded
Delegated to: akhil goyal
Headers
Series examples/fips_validation: fix coverity issues |

Checks

Context Check Description
ci/checkpatch success coding style OK
ci/loongarch-compilation success Compilation OK
ci/loongarch-unit-testing success Unit Testing PASS
ci/github-robot: build success github build: passed
ci/iol-mellanox-Performance success Performance Testing PASS
ci/iol-intel-Performance success Performance Testing PASS
ci/iol-broadcom-Performance success Performance Testing PASS
ci/iol-broadcom-Functional success Functional Testing PASS
ci/iol-intel-Functional fail Functional Testing issues
ci/iol-abi-testing success Testing PASS
ci/iol-sample-apps-testing warning Testing issues
ci/iol-unit-amd64-testing success Testing PASS
ci/iol-compile-amd64-testing success Testing PASS
ci/iol-unit-arm64-testing success Testing PASS
ci/iol-compile-arm64-testing success Testing PASS

Commit Message

Gowrishankar Muthukrishnan June 15, 2024, 11:31 a.m. UTC
  Fix NULL dereference, out-of-bound, bad bit shift issues
reported by coverity scan.

Coverity issue: 384440, 384435, 384433, 384429
Fixes: 36128a67c27 ("examples/fips_validation: add asymmetric validation")
Cc: stable@dpdk.org

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
 examples/fips_validation/fips_validation_rsa.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)
  

Comments

Patrick Robb June 17, 2024, 5:49 p.m. UTC | #1
For CI Testing: re-applying to main and retesting because main was in
a bad state (now fixed by Maxime), causing a virtio_smoke fail on this
series.

https://git.dpdk.org/dpdk/commit/?id=6bdc14606724bc7fb3834d5ec59b1cccf98adf28
  
Brian Dooley June 20, 2024, 4:33 p.m. UTC | #2
Hey Gowrishankar,

> -----Original Message-----
> From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> Sent: Saturday, June 15, 2024 12:31 PM
> To: dev@dpdk.org; Dooley, Brian <brian.dooley@intel.com>; Gowrishankar
> Muthukrishnan <gmuthukrishn@marvell.com>
> Cc: Anoob Joseph <anoobj@marvell.com>; stable@dpdk.org
> Subject: [PATCH] examples/fips_validation: fix coverity issues
> 
> Fix NULL dereference, out-of-bound, bad bit shift issues reported by coverity
> scan.
> 
> Coverity issue: 384440, 384435, 384433, 384429
> Fixes: 36128a67c27 ("examples/fips_validation: add asymmetric validation")
> Cc: stable@dpdk.org
> 
> Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> ---
>  examples/fips_validation/fips_validation_rsa.c | 7 +++++--
>  1 file changed, 5 insertions(+), 2 deletions(-)
> 
> diff --git a/examples/fips_validation/fips_validation_rsa.c
> b/examples/fips_validation/fips_validation_rsa.c
> index f675b51051..55f81860a0 100644
> --- a/examples/fips_validation/fips_validation_rsa.c
> +++ b/examples/fips_validation/fips_validation_rsa.c
> @@ -328,6 +328,9 @@ parse_test_rsa_json_interim_writeback(struct
> fips_val *val)
>  		if (prepare_vec_rsa() < 0)
>  			return -1;
> 
> +		if (!vec.rsa.e.val)
> +			return -1;
> +
>  		writeback_hex_str("", info.one_line_text, &vec.rsa.n);
>  		obj = json_string(info.one_line_text);
>  		json_object_set_new(json_info.json_write_group, "n", obj);
> @@ -474,7 +477,7 @@ fips_test_randomize_message(struct fips_val *msg,
> struct fips_val *rand)
>  	uint16_t rv_len;
> 
>  	if (!msg->val || !rand->val || rand->len > RV_BUF_LEN
> -		|| msg->len > FIPS_TEST_JSON_BUF_LEN)
> +		|| msg->len > (FIPS_TEST_JSON_BUF_LEN - 1))
>  		return -EINVAL;
> 
>  	memset(rv, 0, sizeof(rv));
> @@ -503,7 +506,7 @@ fips_test_randomize_message(struct fips_val *msg,
> struct fips_val *rand)
>  		m[i + j] ^= rv[j];
> 
>  	m[i + j] = ((uint8_t *)&rv_bitlen)[0];
> -	m[i + j + 1] = (((uint8_t *)&rv_bitlen)[1] >> 8) & 0xFF;
> +	m[i + j + 1] = ((uint8_t *)&rv_bitlen)[1];
> 
>  	rte_free(msg->val);
>  	msg->len = (rv_bitlen + m_bitlen + 16) / 8;
> --
> 2.25.1

Acked-by: Brian Dooley <brian.dooley@intel.com>
  
Akhil Goyal July 2, 2024, 3:44 p.m. UTC | #3
> Hey Gowrishankar,
> 
> > -----Original Message-----
> > From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> > Sent: Saturday, June 15, 2024 12:31 PM
> > To: dev@dpdk.org; Dooley, Brian <brian.dooley@intel.com>; Gowrishankar
> > Muthukrishnan <gmuthukrishn@marvell.com>
> > Cc: Anoob Joseph <anoobj@marvell.com>; stable@dpdk.org
> > Subject: [PATCH] examples/fips_validation: fix coverity issues
> >
> > Fix NULL dereference, out-of-bound, bad bit shift issues reported by coverity
> > scan.
> >
> > Coverity issue: 384440, 384435, 384433, 384429
> > Fixes: 36128a67c27 ("examples/fips_validation: add asymmetric validation")
> > Cc: stable@dpdk.org
> >
> > Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
> 
> Acked-by: Brian Dooley <brian.dooley@intel.com>
Applied to dpdk-next-crypto
Title updated as "examples/fips_validation: fix null dereference and out-of-bound"

Thanks.
  

Patch

diff --git a/examples/fips_validation/fips_validation_rsa.c b/examples/fips_validation/fips_validation_rsa.c
index f675b51051..55f81860a0 100644
--- a/examples/fips_validation/fips_validation_rsa.c
+++ b/examples/fips_validation/fips_validation_rsa.c
@@ -328,6 +328,9 @@  parse_test_rsa_json_interim_writeback(struct fips_val *val)
 		if (prepare_vec_rsa() < 0)
 			return -1;
 
+		if (!vec.rsa.e.val)
+			return -1;
+
 		writeback_hex_str("", info.one_line_text, &vec.rsa.n);
 		obj = json_string(info.one_line_text);
 		json_object_set_new(json_info.json_write_group, "n", obj);
@@ -474,7 +477,7 @@  fips_test_randomize_message(struct fips_val *msg, struct fips_val *rand)
 	uint16_t rv_len;
 
 	if (!msg->val || !rand->val || rand->len > RV_BUF_LEN
-		|| msg->len > FIPS_TEST_JSON_BUF_LEN)
+		|| msg->len > (FIPS_TEST_JSON_BUF_LEN - 1))
 		return -EINVAL;
 
 	memset(rv, 0, sizeof(rv));
@@ -503,7 +506,7 @@  fips_test_randomize_message(struct fips_val *msg, struct fips_val *rand)
 		m[i + j] ^= rv[j];
 
 	m[i + j] = ((uint8_t *)&rv_bitlen)[0];
-	m[i + j + 1] = (((uint8_t *)&rv_bitlen)[1] >> 8) & 0xFF;
+	m[i + j + 1] = ((uint8_t *)&rv_bitlen)[1];
 
 	rte_free(msg->val);
 	msg->len = (rv_bitlen + m_bitlen + 16) / 8;