diff mbox series

crypto/cnxk: fix out-of-bounds access

Message ID 20250515080528.1644-1-gmuthukrishn@marvell.com (mailing list archive)
State Accepted
Delegated to: akhil goyal
Headers
Series crypto/cnxk: fix out-of-bounds access |

Checks

Context Check Description
ci/checkpatch success coding style OK
ci/loongarch-compilation success Compilation OK
ci/loongarch-unit-testing success Unit Testing PASS
ci/github-robot: build success github build: passed
ci/Intel-compilation success Compilation OK
ci/intel-Testing success Testing PASS
ci/intel-Functional fail Functional issues
ci/iol-broadcom-Performance success Performance Testing PASS
ci/iol-marvell-Functional success Functional Testing PASS
ci/iol-intel-Performance success Performance Testing PASS
ci/iol-mellanox-Performance success Performance Testing PASS
ci/iol-unit-arm64-testing success Testing PASS
ci/iol-intel-Functional success Functional Testing PASS
ci/iol-compile-arm64-testing success Testing PASS
ci/iol-compile-amd64-testing warning Testing issues
ci/aws-unit-testing success Unit Testing PASS
ci/iol-abi-testing success Testing PASS
ci/iol-unit-amd64-testing success Testing PASS
ci/iol-sample-apps-testing success Testing PASS

Commit Message

Gowrishankar Muthukrishnan May 15, 2025, 8:05 a.m. UTC 
Fix coverity issue on out-of-bounds access.

Coverity-issue: 403166, 403171, 403172
Fixes: 5686b573e4b ("crypto/cnxk: support SM2")
Cc: stable@dpdk.org

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
 drivers/crypto/cnxk/cnxk_ae.h | 9 +++++++++
 1 file changed, 9 insertions(+)

Comments

Akhil Goyal May 21, 2025, 9:20 a.m. UTC | #1 
> 
> Fix coverity issue on out-of-bounds access.
> 
> Coverity-issue: 403166, 403171, 403172
> Fixes: 5686b573e4b ("crypto/cnxk: support SM2")
> Cc: stable@dpdk.org
> 
> Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>

Applied to dpdk-next-crypto
Thanks.
diff mbox series

Patch

diff --git a/drivers/crypto/cnxk/cnxk_ae.h b/drivers/crypto/cnxk/cnxk_ae.h
index cd66f66e70..75d6a536ae 100644
--- a/drivers/crypto/cnxk/cnxk_ae.h
+++ b/drivers/crypto/cnxk/cnxk_ae.h
@@ -1090,6 +1090,9 @@  cnxk_ae_sm2_sign_prep(struct rte_crypto_sm2_op_param *sm2,
 	if (order_len > ROC_AE_EC_DATA_MAX)
 		order_len = ROC_AE_EC_DATA_MAX;
 
+	if (pkey_len > ROC_AE_EC_DATA_MAX)
+		pkey_len = ROC_AE_EC_DATA_MAX;
+
 	/* Truncate input length to curve prime length */
 	if (message_len > prime_len)
 		message_len = prime_len;
@@ -1181,6 +1184,12 @@  cnxk_ae_sm2_verify_prep(struct rte_crypto_sm2_op_param *sm2,
 	if (order_len > ROC_AE_EC_DATA_MAX)
 		order_len = ROC_AE_EC_DATA_MAX;
 
+	if (qx_len > ROC_AE_EC_DATA_MAX)
+		qx_len = ROC_AE_EC_DATA_MAX;
+
+	if (qy_len > ROC_AE_EC_DATA_MAX)
+		qy_len = ROC_AE_EC_DATA_MAX;
+
 	/* Truncate input length to curve prime length */
 	if (message_len > prime_len)
 		message_len = prime_len;