[PATCH] crypto/cnxk: fix out-of-bounds access

Gowrishankar Muthukrishnan Thu, 15 May 2025 01:42:10 -0700

Fix coverity issue on out-of-bounds access.

Coverity-issue: 403166, 403171, 403172
Fixes: 5686b573e4b ("crypto/cnxk: support SM2")
Cc: sta...@dpdk.org


Signed-off-by: Gowrishankar Muthukrishnan <gmuthukri...@marvell.com>
---
 drivers/crypto/cnxk/cnxk_ae.h | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/drivers/crypto/cnxk/cnxk_ae.h b/drivers/crypto/cnxk/cnxk_ae.h
index cd66f66e70..75d6a536ae 100644
--- a/drivers/crypto/cnxk/cnxk_ae.h
+++ b/drivers/crypto/cnxk/cnxk_ae.h
@@ -1090,6 +1090,9 @@ cnxk_ae_sm2_sign_prep(struct rte_crypto_sm2_op_param *sm2,
        if (order_len > ROC_AE_EC_DATA_MAX)
                order_len = ROC_AE_EC_DATA_MAX;
 
+       if (pkey_len > ROC_AE_EC_DATA_MAX)
+               pkey_len = ROC_AE_EC_DATA_MAX;
+
        /* Truncate input length to curve prime length */
        if (message_len > prime_len)
                message_len = prime_len;
@@ -1181,6 +1184,12 @@ cnxk_ae_sm2_verify_prep(struct rte_crypto_sm2_op_param 
*sm2,
        if (order_len > ROC_AE_EC_DATA_MAX)
                order_len = ROC_AE_EC_DATA_MAX;
 
+       if (qx_len > ROC_AE_EC_DATA_MAX)
+               qx_len = ROC_AE_EC_DATA_MAX;
+
+       if (qy_len > ROC_AE_EC_DATA_MAX)
+               qy_len = ROC_AE_EC_DATA_MAX;
+
        /* Truncate input length to curve prime length */
        if (message_len > prime_len)
                message_len = prime_len;
-- 
2.25.1

[PATCH] crypto/cnxk: fix out-of-bounds access

Reply via email to