From: "Daniel P. Berrange" <berrange@redhat.com>
To: P J P <ppandit@redhat.com>
Cc: Qemu Developers <qemu-devel@nongnu.org>,
Paolo Bonzini <pbonzini@redhat.com>,
Prasad J Pandit <pjp@fedoraproject.org>
Subject: Re: [Qemu-devel] [PATCH] crypto: assert cipher algorithm is always valid
Date: Mon, 20 Feb 2017 11:40:29 +0000 [thread overview]
Message-ID: <20170220114029.GI15874@redhat.com> (raw)
In-Reply-To: <20170220112307.31695-1-ppandit@redhat.com>
On Mon, Feb 20, 2017 at 04:53:07PM +0530, P J P wrote:
> From: Prasad J Pandit <pjp@fedoraproject.org>
>
> Crypto routines 'qcrypto_cipher_get_block_len' and
> 'qcrypto_cipher_get_key_len' return non-zero cipher block and key
> lengths from static arrays 'alg_block_len[]' and 'alg_key_len[]'
> respectively. Returning 'zero(0)' value from either of them would
> likely lead to an error condition.
Well callers are supposed to check for 0 condition and report an
error really. In practice none of them do, and the alg parameters
they pass in all come from constants. So we're not validating user
input here - we're catching programming bugs and thus assert makes
sense.
>
> Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
> ---
> crypto/cipher.c | 8 ++------
> 1 file changed, 2 insertions(+), 6 deletions(-)
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
>
> diff --git a/crypto/cipher.c b/crypto/cipher.c
> index 9ecaff7..5a96489 100644
> --- a/crypto/cipher.c
> +++ b/crypto/cipher.c
> @@ -63,18 +63,14 @@ static bool mode_need_iv[QCRYPTO_CIPHER_MODE__MAX] = {
>
> size_t qcrypto_cipher_get_block_len(QCryptoCipherAlgorithm alg)
> {
> - if (alg >= G_N_ELEMENTS(alg_key_len)) {
> - return 0;
> - }
> + assert(alg < G_N_ELEMENTS(alg_key_len));
> return alg_block_len[alg];
> }
>
>
> size_t qcrypto_cipher_get_key_len(QCryptoCipherAlgorithm alg)
> {
> - if (alg >= G_N_ELEMENTS(alg_key_len)) {
> - return 0;
> - }
> + assert(alg < G_N_ELEMENTS(alg_key_len));
> return alg_key_len[alg];
> }
Adding to the crypto/ queue
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://entangle-photo.org -o- http://search.cpan.org/~danberr/ :|
prev parent reply other threads:[~2017-02-20 11:40 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-20 11:23 [Qemu-devel] [PATCH] crypto: assert cipher algorithm is always valid P J P
2017-02-20 11:40 ` Daniel P. Berrange [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170220114029.GI15874@redhat.com \
--to=berrange@redhat.com \
--cc=pbonzini@redhat.com \
--cc=pjp@fedoraproject.org \
--cc=ppandit@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.