[dpdk-dev] crypto/aesni_mb: add missing digest length
Checks
Commit Message
AESNI MB now supports authentication only operations,
but the array containing all the possible digest lengths
was not updated to reflect the new algorithm NULL_HASH,
causing an "Out-of-bounds access".
Coverity issue: 140977
Fixes: 8772c3f713e2 ("crypto/aesni_mb: add single operation functionality")
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h | 2 ++
1 file changed, 2 insertions(+)
Comments
> -----Original Message-----
> From: De Lara Guarch, Pablo
> Sent: Friday, January 27, 2017 1:16 PM
> To: adrien.mazarguil@6wind.com; Wu, Jingjing
> Cc: dev@dpdk.org; De Lara Guarch, Pablo
> Subject: [PATCH] crypto/aesni_mb: add missing digest length
>
> AESNI MB now supports authentication only operations,
> but the array containing all the possible digest lengths
> was not updated to reflect the new algorithm NULL_HASH,
> causing an "Out-of-bounds access".
>
> Coverity issue: 140977
> Fixes: 8772c3f713e2 ("crypto/aesni_mb: add single operation
> functionality")
>
> Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
> ---
> drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
> b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
> index 5f125b2..eb4b2ad 100644
> --- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
> +++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
> @@ -88,6 +88,7 @@ static const unsigned
> auth_truncated_digest_byte_lengths[] = {
> [SHA_384] = 24,
> [SHA_512] = 32,
> [AES_XCBC] = 12,
> + [NULL_HASH] = 0
> };
>
> /**
> @@ -111,6 +112,7 @@ static const unsigned auth_digest_byte_lengths[] =
> {
> [SHA_384] = 48,
> [SHA_512] = 64,
> [AES_XCBC] = 16,
> + [NULL_HASH] = 0
> };
>
> /**
> --
> 2.7.4
Wrong maintainer, Sending to right one now. Sorry about that.
On 27/01/17 13:16, Pablo de Lara wrote:
> AESNI MB now supports authentication only operations,
> but the array containing all the possible digest lengths
> was not updated to reflect the new algorithm NULL_HASH,
> causing an "Out-of-bounds access".
>
> Coverity issue: 140977
> Fixes: 8772c3f713e2 ("crypto/aesni_mb: add single operation functionality")
>
> Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
> ---
....
>
Acked-by: Declan Doherty <declan.doherty@intel.com>
> -----Original Message-----
> From: Doherty, Declan
> Sent: Tuesday, January 31, 2017 4:44 PM
> To: dev@dpdk.org
> Cc: De Lara Guarch, Pablo
> Subject: Re: [dpdk-dev] [PATCH] crypto/aesni_mb: add missing digest
> length
>
> On 27/01/17 13:16, Pablo de Lara wrote:
> > AESNI MB now supports authentication only operations,
> > but the array containing all the possible digest lengths
> > was not updated to reflect the new algorithm NULL_HASH,
> > causing an "Out-of-bounds access".
> >
> > Coverity issue: 140977
> > Fixes: 8772c3f713e2 ("crypto/aesni_mb: add single operation
> functionality")
> >
> > Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
> > ---
> ....
> >
> Acked-by: Declan Doherty <declan.doherty@intel.com>
Applied to dpdk-next-crypto.
Pablo
@@ -88,6 +88,7 @@ static const unsigned auth_truncated_digest_byte_lengths[] = {
[SHA_384] = 24,
[SHA_512] = 32,
[AES_XCBC] = 12,
+ [NULL_HASH] = 0
};
/**
@@ -111,6 +112,7 @@ static const unsigned auth_digest_byte_lengths[] = {
[SHA_384] = 48,
[SHA_512] = 64,
[AES_XCBC] = 16,
+ [NULL_HASH] = 0
};
/**