diff options
author | Janne Peltonen <janne.peltonen@nokia.com> | 2022-10-31 12:29:15 +0200 |
---|---|---|
committer | Petri Savolainen <petri.savolainen@nokia.com> | 2022-11-01 15:40:32 +0200 |
commit | 1115d321b26838299a0e937505cc661780772b5f (patch) | |
tree | 5a253a8501cfa88d39a73e813176306e26cfbfc3 /test | |
parent | 669f74f57efa2ea58c58dd3b49462651b584d37e (diff) |
test: performance: crypto: fix out-of-bounds hash result offset
Hash result offset is currently set to an offset immediately after the
payload to be encrypted or authenticated but the test packets do not
extend beyond the end of the payload. Thus hash result offset points
to memory that is not part of the packet data, which is incorrect and
can corrupt the packet pool.
Fix the problem by making the test packets large enough to be able to
contain maximum sized authentication hash after the payload.
Signed-off-by: Janne Peltonen <janne.peltonen@nokia.com>
Reviewed-by: Jere Leppänen <jere.leppanen@nokia.com>
Diffstat (limited to 'test')
-rw-r--r-- | test/performance/odp_crypto.c | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/test/performance/odp_crypto.c b/test/performance/odp_crypto.c index 74b5738aa..9e4a06626 100644 --- a/test/performance/odp_crypto.c +++ b/test/performance/odp_crypto.c @@ -26,6 +26,7 @@ #define POOL_NUM_PKT 64 #define AAD_LEN 8 /* typical AAD length used in IPsec when ESN is not in use */ +#define MAX_AUTH_DIGEST_LEN 32 /* maximum MAC length in bytes */ static uint8_t test_aad[AAD_LEN] = "01234567"; static uint8_t test_iv[16] = "0123456789abcdef"; @@ -688,6 +689,7 @@ run_measure_one(crypto_args_t *cargs, odp_queue_t out_queue; odp_packet_t pkt = ODP_PACKET_INVALID; int rc = 0; + uint32_t packet_len = payload_length + MAX_AUTH_DIGEST_LEN; pkt_pool = odp_pool_lookup("packet_pool"); if (pkt_pool == ODP_POOL_INVALID) { @@ -704,7 +706,7 @@ run_measure_one(crypto_args_t *cargs, } if (cargs->reuse_packet) { - pkt = make_packet(pkt_pool, payload_length); + pkt = make_packet(pkt_pool, packet_len); if (ODP_PACKET_INVALID == pkt) return -1; } @@ -740,7 +742,7 @@ run_measure_one(crypto_args_t *cargs, odp_packet_t out_pkt; if (!cargs->reuse_packet) { - pkt = make_packet(pkt_pool, payload_length); + pkt = make_packet(pkt_pool, packet_len); if (ODP_PACKET_INVALID == pkt) return -1; } @@ -996,6 +998,11 @@ static int check_auth_params(const odp_crypto_capability_t *crypto_capa, { int num, rc; + if (param->auth_digest_len > MAX_AUTH_DIGEST_LEN) { + ODPH_ERR("MAX_AUTH_DIGEST_LEN too low\n"); + return 1; + } + if (check_auth_alg(crypto_capa, param->auth_alg)) return 1; @@ -1164,7 +1171,7 @@ int main(int argc, char *argv[]) max_seg_len = pool_capa.pkt.max_seg_len; for (i = 0; i < sizeof(payloads) / sizeof(unsigned int); i++) { - if (payloads[i] > max_seg_len) + if (payloads[i] + MAX_AUTH_DIGEST_LEN > max_seg_len) break; } |