[dpdk-dev] [EXT] [dpdk-dev v2] app: fix buffer overrun
    Akhil Goyal 
    gakhil at marvell.com
       
    Tue Oct  5 16:45:45 CEST 2021
    
    
  
> This patch fixes a possible buffer overrun problem in crypto perf test.
> Previously when user configured aad size is over 12 bytes the copy of
> template aad will cause a buffer overrun.
> The problem is fixed by only copy up to 12 bytes of aad template.
> 
> Fixes: 8a5b494a7f99 ("app/test-crypto-perf: add AEAD parameters")
> Cc: pablo.de.lara.guarch at intel.com
> 
> Signed-off-by: Przemyslaw Zegan <przemyslawx.zegan at intel.com>
> ---
> v2:
> - changed to correct fixed line.
> 
>  app/test-crypto-perf/cperf_test_vectors.c | 6 +++++-
>  1 file changed, 5 insertions(+), 1 deletion(-)
> 
> diff --git a/app/test-crypto-perf/cperf_test_vectors.c b/app/test-crypto-
> perf/cperf_test_vectors.c
> index 0af01ff911..2c7e314ec8 100644
> --- a/app/test-crypto-perf/cperf_test_vectors.c
> +++ b/app/test-crypto-perf/cperf_test_vectors.c
> @@ -548,12 +548,16 @@ cperf_test_vector_get_dummy(struct
> cperf_options *options)
>  		t_vec->aead_key.data = aead_key;
> 
>  		if (options->aead_aad_sz) {
> -			t_vec->aad.data = rte_malloc(NULL,
> +			t_vec->aad.data = rte_zmalloc(NULL,
>  					options->aead_aad_sz, 16);
>  			if (t_vec->aad.data == NULL) {
>  				rte_free(t_vec);
>  				return NULL;
>  			}
> +
> +			if(options->aead_aad_sz > 12)
> +				options->aead_aad_sz = 12;
Instead of hardcoding, shouldn't this be sizeof(aad)
> +
>  			memcpy(t_vec->aad.data, aad, options-
> >aead_aad_sz);
>  			t_vec->aad.phys_addr = rte_malloc_virt2iova(t_vec-
> >aad.data);
>  			t_vec->aad.length = options->aead_aad_sz;
> --
> 2.17.1
> 
> --------------------------------------------------------------
> Intel Research and Development Ireland Limited
> Registered in Ireland
> Registered Office: Collinstown Industrial Park, Leixlip, County Kildare
> Registered Number: 308263
> 
> 
> This e-mail and any attachments may contain confidential material for the
> sole
> use of the intended recipient(s). Any review or distribution by others is
> strictly prohibited. If you are not the intended recipient, please contact the
> sender and delete all copies.
    
    
More information about the dev
mailing list