[v2] examples/fips_validation: fix checking return value
Checks
Commit Message
The return value was not being checked when calling the
get_writeback_data function in the AES test case. On failure, this led
to a NULL dereference when using memcpy later. The return value is now
checked to avoid this NULL dereference.
Coverity issue: 363463
Fixes: 952e10cdad5e ("examples/fips_validation: support scatter gather list")
Cc: roy.fan.zhang@intel.com
Signed-off-by: Ciara Power <ciara.power@intel.com>
---
v2:
- Fixed incorrect "Fixes" tag.
- Added same fix to another test case.
---
examples/fips_validation/main.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
Comments
On Fri, Oct 30, 2020 at 4:37 PM Ciara Power <ciara.power@intel.com> wrote:
>
> The return value was not being checked when calling the
> get_writeback_data function in the AES test case. On failure, this led
> to a NULL dereference when using memcpy later. The return value is now
> checked to avoid this NULL dereference.
>
> Coverity issue: 363463
> Fixes: 952e10cdad5e ("examples/fips_validation: support scatter gather list")
>
> Signed-off-by: Ciara Power <ciara.power@intel.com>
Reviewed-by: David Marchand <david.marchand@redhat.com>
Applied, thanks.
@@ -1520,7 +1520,9 @@ fips_mct_aes_test(void)
return ret;
}
- get_writeback_data(&val);
+ ret = get_writeback_data(&val);
+ if (ret < 0)
+ return ret;
if (info.op == FIPS_TEST_DEC_AUTH_VERIF)
memcpy(prev_in, vec.ct.val, AES_BLOCK_SIZE);
@@ -1649,7 +1651,9 @@ fips_mct_sha_test(void)
return ret;
}
- get_writeback_data(&val);
+ ret = get_writeback_data(&val);
+ if (ret < 0)
+ return ret;
memcpy(md[0].val, md[1].val, md[1].len);
md[0].len = md[1].len;