[v1] crypto/openssl: fix of ASAN heap-use-after-free
Checks
Commit Message
fix of ASAN report on heap-use-after-free error on tmp buffer.
Fixes: d7bd42f6db19 ("crypto/openssl: update RSA routine with 3.0 EVP API")
Cc: kai.ji@intel.com
Signed-off-by: Kai Ji <kai.ji@intel.com>
---
drivers/crypto/openssl/rte_openssl_pmd.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
Comments
Hey Kai,
> -----Original Message-----
> From: Kai Ji <kai.ji@intel.com>
> Sent: Wednesday 8 March 2023 14:48
> To: dev@dpdk.org
> Cc: gakhil@marvell.com; Ji, Kai <kai.ji@intel.com>
> Subject: [dpdk-dev v1] crypto/openssl: fix of ASAN heap-use-after-free
>
> fix of ASAN report on heap-use-after-free error on tmp buffer.
>
> Fixes: d7bd42f6db19 ("crypto/openssl: update RSA routine with 3.0 EVP
> API")
> Cc: kai.ji@intel.com
>
> Signed-off-by: Kai Ji <kai.ji@intel.com>
> ---
> drivers/crypto/openssl/rte_openssl_pmd.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
[CP]
Need to add cc for stable@dpdk.org
Acked-by: Ciara Power <ciara.power@intel.com>
> > Subject: [dpdk-dev v1] crypto/openssl: fix of ASAN heap-use-after-free
> >
> > fix of ASAN report on heap-use-after-free error on tmp buffer.
> >
> > Fixes: d7bd42f6db19 ("crypto/openssl: update RSA routine with 3.0 EVP
> > API")
> > Cc: kai.ji@intel.com
> >
> > Signed-off-by: Kai Ji <kai.ji@intel.com>
> > ---
> > drivers/crypto/openssl/rte_openssl_pmd.c | 4 ++--
> > 1 file changed, 2 insertions(+), 2 deletions(-)
> >
>
> [CP]
> Need to add cc for stable@dpdk.org
>
> Acked-by: Ciara Power <ciara.power@intel.com>
Applied to dpdk-next-crypto
Cc: stable@dpdk.org
Thanks.
@@ -2633,7 +2633,7 @@ process_openssl_rsa_op_evp(struct rte_crypto_op *cop,
if (EVP_PKEY_verify_recover(rsa_ctx, tmp, &outlen,
op->rsa.sign.data,
op->rsa.sign.length) <= 0) {
- rte_free(tmp);
+ OPENSSL_free(tmp);
goto err_rsa;
}
@@ -2645,7 +2645,7 @@ process_openssl_rsa_op_evp(struct rte_crypto_op *cop,
op->rsa.message.length)) {
OPENSSL_LOG(ERR, "RSA sign Verification failed");
}
- rte_free(tmp);
+ OPENSSL_free(tmp);
break;
default: