diff options
author | Benoît Ganne <bganne@cisco.com> | 2020-07-17 11:33:19 +0200 |
---|---|---|
committer | Damjan Marion <dmarion@me.com> | 2020-07-21 17:27:47 +0000 |
commit | 0c65f52bb9395526613493aa9c042ea4f6dbc1fc (patch) | |
tree | a35e2d859026a5db9a5ba0c07c900829918d6591 | |
parent | e29fb5bf1b9ab87f4213d990377ea2604990135b (diff) |
crypto: bails out early for unsupported key type
Do not access data structures based on uninitialized key->alg.
Type: fix
Fixes: f539578bac8b64886b57c460c9d74273e6613f8b
Change-Id: I6bfb7e7a51af2c131b8bdf3bca6a38fcf1094760
Signed-off-by: Benoît Ganne <bganne@cisco.com>
-rw-r--r-- | src/plugins/crypto_ipsecmb/ipsecmb.c | 8 | ||||
-rw-r--r-- | src/plugins/crypto_native/main.c | 8 |
2 files changed, 8 insertions, 8 deletions
diff --git a/src/plugins/crypto_ipsecmb/ipsecmb.c b/src/plugins/crypto_ipsecmb/ipsecmb.c index 3c5495a9091..0501dcccb08 100644 --- a/src/plugins/crypto_ipsecmb/ipsecmb.c +++ b/src/plugins/crypto_ipsecmb/ipsecmb.c @@ -436,6 +436,10 @@ crypto_ipsecmb_key_handler (vlib_main_t * vm, vnet_crypto_key_op_t kop, u32 i; void *kd; + /** TODO: add linked alg support **/ + if (key->type == VNET_CRYPTO_KEY_TYPE_LINK) + return; + if (kop == VNET_CRYPTO_KEY_OP_DEL) { if (idx >= vec_len (imbm->key_data)) @@ -459,10 +463,6 @@ crypto_ipsecmb_key_handler (vlib_main_t * vm, vnet_crypto_key_op_t kop, clib_mem_free_s (imbm->key_data[idx]); } - /** TODO: add linked alg support **/ - if (key->type == VNET_CRYPTO_KEY_TYPE_LINK) - return; - kd = imbm->key_data[idx] = clib_mem_alloc_aligned (ad->data_size, CLIB_CACHE_LINE_BYTES); diff --git a/src/plugins/crypto_native/main.c b/src/plugins/crypto_native/main.c index 5d6e647ed4c..32bbbb13652 100644 --- a/src/plugins/crypto_native/main.c +++ b/src/plugins/crypto_native/main.c @@ -29,6 +29,10 @@ crypto_native_key_handler (vlib_main_t * vm, vnet_crypto_key_op_t kop, vnet_crypto_key_t *key = vnet_crypto_get_key (idx); crypto_native_main_t *cm = &crypto_native_main; + /** TODO: add linked alg support **/ + if (key->type == VNET_CRYPTO_KEY_TYPE_LINK) + return; + if (cm->key_fn[key->alg] == 0) return; @@ -45,10 +49,6 @@ crypto_native_key_handler (vlib_main_t * vm, vnet_crypto_key_op_t kop, return; } - /** TODO: add linked alg support **/ - if (key->type == VNET_CRYPTO_KEY_TYPE_LINK) - return; - vec_validate_aligned (cm->key_data, idx, CLIB_CACHE_LINE_BYTES); if (kop == VNET_CRYPTO_KEY_OP_MODIFY && cm->key_data[idx]) |