> -----Original Message----- > From: David Marchand <[email protected]> > Sent: Friday, January 6, 2023 6:27 PM > To: Kai Ji <[email protected]>; Ruifeng Wang <[email protected]> > Cc: Fan Zhang <[email protected]>; Akhil Goyal <[email protected]>; > [email protected]; nd > <[email protected]>; [email protected]; Feifei Wang <[email protected]> > Subject: Re: [PATCH] crypto/openssl: fix warning on copy length > > On Fri, Jan 6, 2023 at 11:16 AM Ruifeng Wang <[email protected]> wrote: > > > > When building with gcc 11.2.0, the compiler warns as follows: > > In function 'memcpy', > > inlined from 'openssl_set_session_auth_parameters' > at ../drivers/crypto/openssl/rte_openssl_pmd.c:699:3, > > inlined from 'openssl_set_session_parameters' > at ../drivers/crypto/openssl/rte_openssl_pmd.c:826:9: > > /usr/include/aarch64-linux-gnu/bits/string_fortified.h:29:10: warning: > '__builtin_memcpy' forming offset [4, 8] is out of the bounds [0, 4] > [-Warray-bounds] > > > > Fixed the warning by copying up to string size. > > > > Fixes: 75adf1eae44f ("crypto/openssl: update HMAC routine with 3.0 EVP API") > > Cc: [email protected] > > Cc: [email protected] > > > > Signed-off-by: Ruifeng Wang <[email protected]> > > Reviewed-by: Feifei Wang <[email protected]> > > --- > > drivers/crypto/openssl/rte_openssl_pmd.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c > b/drivers/crypto/openssl/rte_openssl_pmd.c > > index 05449b6e98..8458ad487a 100644 > > --- a/drivers/crypto/openssl/rte_openssl_pmd.c > > +++ b/drivers/crypto/openssl/rte_openssl_pmd.c > > @@ -696,7 +696,7 @@ openssl_set_session_auth_parameters(struct > > openssl_session *sess, > > algo = digest_name_get(xform->auth.algo); > > if (!algo) > > return -EINVAL; > > - rte_memcpy(algo_name, algo, (sizeof(algo)+1)); > > + rte_memcpy(algo_name, algo, strlen(algo) + 1); > > Why is there a need for copying such a string to a local storage?
From OpenSSL document, I can see OSSL_PARAM_construct_utf8_string() takes a buffer as input. But I'm not sure if a const is acceptable. I would keep the fix simple for backport. Removing copy is an improvement that can be done by someone who has more knowledge of OpenSSL library. > > If it is really needed, we are dealing with strings, so I suggest: > strlcpy(algo_name, algo, sizeof(algo_name)); Thanks for the suggestion. Will update in v2. Regards, Ruifeng > > > -- > David Marchand
