[dpdk-dev v1] crypto/openssl: fix of ASAN heap-use-after-free

Kai Ji kai.ji at intel.com
Wed Mar 8 15:47:48 CET 2023 

fix of ASAN report on heap-use-after-free error on tmp buffer.

Fixes: d7bd42f6db19 ("crypto/openssl: update RSA routine with 3.0 EVP API")
Cc: kai.ji at intel.com

Signed-off-by: Kai Ji <kai.ji at intel.com>
---
 drivers/crypto/openssl/rte_openssl_pmd.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index abcb641a44..384d262621 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -2633,7 +2633,7 @@ process_openssl_rsa_op_evp(struct rte_crypto_op *cop,
 		if (EVP_PKEY_verify_recover(rsa_ctx, tmp, &outlen,
 				op->rsa.sign.data,
 				op->rsa.sign.length) <= 0) {
-			rte_free(tmp);
+			OPENSSL_free(tmp);
 			goto err_rsa;
 		}
 
@@ -2645,7 +2645,7 @@ process_openssl_rsa_op_evp(struct rte_crypto_op *cop,
 				op->rsa.message.length)) {
 			OPENSSL_LOG(ERR, "RSA sign Verification failed");
 		}
-		rte_free(tmp);
+		OPENSSL_free(tmp);
 		break;
 
 	default:
-- 
2.17.1

More information about the dev mailing list