[PATCH] crypto/cnxk: fix out-of-bounds access

Gowrishankar Muthukrishnan gmuthukrishn at marvell.com
Thu May 15 10:05:25 CEST 2025

Previous message (by thread): [PATCH] crypto/virtio: check for invalid IOVA address
Next message (by thread): [PATCH] crypto/cnxk: fix out-of-bounds access
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Fix coverity issue on out-of-bounds access.

Coverity-issue: 403166, 403171, 403172
Fixes: 5686b573e4b ("crypto/cnxk: support SM2")
Cc: stable at dpdk.org

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn at marvell.com>
---
 drivers/crypto/cnxk/cnxk_ae.h | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/drivers/crypto/cnxk/cnxk_ae.h b/drivers/crypto/cnxk/cnxk_ae.h
index cd66f66e70..75d6a536ae 100644
--- a/drivers/crypto/cnxk/cnxk_ae.h
+++ b/drivers/crypto/cnxk/cnxk_ae.h
@@ -1090,6 +1090,9 @@ cnxk_ae_sm2_sign_prep(struct rte_crypto_sm2_op_param *sm2,
 	if (order_len > ROC_AE_EC_DATA_MAX)
 		order_len = ROC_AE_EC_DATA_MAX;
 
+	if (pkey_len > ROC_AE_EC_DATA_MAX)
+		pkey_len = ROC_AE_EC_DATA_MAX;
+
 	/* Truncate input length to curve prime length */
 	if (message_len > prime_len)
 		message_len = prime_len;
@@ -1181,6 +1184,12 @@ cnxk_ae_sm2_verify_prep(struct rte_crypto_sm2_op_param *sm2,
 	if (order_len > ROC_AE_EC_DATA_MAX)
 		order_len = ROC_AE_EC_DATA_MAX;
 
+	if (qx_len > ROC_AE_EC_DATA_MAX)
+		qx_len = ROC_AE_EC_DATA_MAX;
+
+	if (qy_len > ROC_AE_EC_DATA_MAX)
+		qy_len = ROC_AE_EC_DATA_MAX;
+
 	/* Truncate input length to curve prime length */
 	if (message_len > prime_len)
 		message_len = prime_len;
-- 
2.25.1

Previous message (by thread): [PATCH] crypto/virtio: check for invalid IOVA address
Next message (by thread): [PATCH] crypto/cnxk: fix out-of-bounds access
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list