[Acc] [PATCH 4/7] uadk: fix some code bugs

From: Longfang Liu liulongfang@huawei.com

Upstream: Yes Bugfix or Feature: Bugfix DTS:DTS2024073110036

There are some previously undiscovered issues in these code files. These issues include: 1. Unchecked function return value 2. Unverified external input parameters 3. Illegal assignment operation

Therefore, it needs to be fixed.

Signed-off-by: Longfang Liu liulongfang@huawei.com --- drv/hisi_comp.c | 2 ++ wd_ecc.c | 6 +++--- wd_util.c | 11 +++++++++-- 3 files changed, 14 insertions(+), 5 deletions(-)

diff --git a/drv/hisi_comp.c b/drv/hisi_comp.c index c5569986..b4c216fa 100644 --- a/drv/hisi_comp.c +++ b/drv/hisi_comp.c @@ -510,6 +510,8 @@ static int fill_buf_lz77_zstd_sgl(handle_t h_qp, struct hisi_zip_sqe *sqe, fill_buf_type_sgl(sqe);

seq_start = get_seq_start_list(req); + if (unlikely(!seq_start)) + return -WD_EINVAL;

data->literals_start = req->list_dst; data->sequences_start = seq_start; diff --git a/wd_ecc.c b/wd_ecc.c index b1712c50..292338a6 100644 --- a/wd_ecc.c +++ b/wd_ecc.c @@ -1504,7 +1504,7 @@ static int fill_ecc_msg(struct wd_ecc_msg *msg, struct wd_ecc_req *req, void *key = NULL;

memcpy(&msg->req, req, sizeof(msg->req)); - msg->hash = sess->setup.hash; + memcpy(&msg->hash, &sess->setup.hash, sizeof(msg->hash)); msg->key_bytes = sess->key_size; msg->curve_id = sess->setup.cv.cfg.id; msg->result = WD_EINVAL; @@ -1655,10 +1655,10 @@ static int set_sign_in_param(struct wd_ecc_sign_in *sin,

static int generate_random(struct wd_ecc_sess *sess, struct wd_dtb *k) { - struct wd_rand_mt rand_t = sess->setup.rand; + struct wd_rand_mt *rand_t = &sess->setup.rand; int ret;

- ret = rand_t.cb(k->data, k->dsize, rand_t.usr); + ret = rand_t->cb(k->data, k->dsize, rand_t->usr); if (ret) WD_ERR("failed to do rand cb, ret = %d!\n", ret);

diff --git a/wd_util.c b/wd_util.c index d58e8b85..e908dcb4 100644 --- a/wd_util.c +++ b/wd_util.c @@ -421,8 +421,15 @@ void wd_uninit_async_request_pool(struct wd_async_msg_pool *pool) void *wd_find_msg_in_pool(struct wd_async_msg_pool *pool, int ctx_idx, __u32 tag) { - struct msg_pool *p = &pool->pools[ctx_idx]; - __u32 msg_num = p->msg_num; + struct msg_pool *p; + __u32 msg_num; + + if ((__u32)ctx_idx > pool->pool_num) { + WD_ERR("invalid: message ctx id index is %d!\n", ctx_idx); + return NULL; + } + p = &pool->pools[ctx_idx]; + msg_num = p->msg_num;

/* tag value start from 1 */ if (tag == 0 || tag > msg_num) {