[PATCH 22.11 21.11] test/crypto: fix vector global buffer overflow
Kevin Traynor
ktraynor at redhat.com
Tue May 7 16:25:47 CEST 2024
On 07/05/2024 14:40, Ciara Power wrote:
> When doing a memcpy of the test vector into a local union variable,
> the size of the union was used. This meant extra bytes were being copied
> from the test vector address in the case the vector was smaller in size
> than the union. This caused a global buffer overflow error detected by
> Address Sanitizer.
>
> To fix this, the size of the test vector is also stored alongside the
> address, so when copying takes place, the minimum of the union and test
> vector can be used as the size reference.
>
> Fixes: 488f5a23c219 ("test/crypto: check asymmetric crypto")
>
> Signed-off-by: Ciara Power <ciara.power at intel.com>
> ---
> This issue was fixed by a rework in 2023, so this fix is only applicable
> to 21.11 and 22.11 LTS releases that are currently maintained.
> It is not applicable to 23.11 LTS, or current upstream releases.
> ---
> app/test/test_cryptodev_asym.c | 25 ++++++++++++++++---------
> 1 file changed, 16 insertions(+), 9 deletions(-)
>
Thanks Ciara, will apply to the tree and it will be part of the next
release.
More information about the stable
mailing list