net/i40e: fix bitmap free

[dpdk.git] / lib / librte_vhost / vhost_crypto.c

diff --git a/lib/librte_vhost/vhost_crypto.c b/lib/librte_vhost/vhost_crypto.c
index 2e52eca..0f9df40 100644 (file)
--- a/lib/librte_vhost/vhost_crypto.c
+++ b/lib/librte_vhost/vhost_crypto.c
@@ -238,6 +238,11 @@ transform_cipher_param(struct rte_crypto_sym_xform *xform,
        if (unlikely(ret < 0))
                return ret;
 
+       if (param->cipher_key_len > VHOST_USER_CRYPTO_MAX_CIPHER_KEY_LENGTH) {
+               VC_LOG_DBG("Invalid cipher key length\n");
+               return -VIRTIO_CRYPTO_BADMSG;
+       }
+
        xform->type = RTE_CRYPTO_SYM_XFORM_CIPHER;
        xform->cipher.key.length = param->cipher_key_len;
        if (xform->cipher.key.length > 0)
@@ -288,6 +293,12 @@ transform_chain_param(struct rte_crypto_sym_xform *xforms,
                        &xform_cipher->cipher.algo);
        if (unlikely(ret < 0))
                return ret;
+
+       if (param->cipher_key_len > VHOST_USER_CRYPTO_MAX_CIPHER_KEY_LENGTH) {
+               VC_LOG_DBG("Invalid cipher key length\n");
+               return -VIRTIO_CRYPTO_BADMSG;
+       }
+
        xform_cipher->type = RTE_CRYPTO_SYM_XFORM_CIPHER;
        xform_cipher->cipher.key.length = param->cipher_key_len;
        xform_cipher->cipher.key.data = param->cipher_key_buf;
@@ -302,6 +313,12 @@ transform_chain_param(struct rte_crypto_sym_xform *xforms,
        ret = auth_algo_transform(param->hash_algo, &xform_auth->auth.algo);
        if (unlikely(ret < 0))
                return ret;
+
+       if (param->auth_key_len > VHOST_USER_CRYPTO_MAX_HMAC_KEY_LENGTH) {
+               VC_LOG_DBG("Invalid auth key length\n");
+               return -VIRTIO_CRYPTO_BADMSG;
+       }
+
        xform_auth->auth.digest_length = param->digest_len;
        xform_auth->auth.key.length = param->auth_key_len;
        xform_auth->auth.key.data = param->auth_key_buf;