Merge pull request #8066 from paul-elliott-arm/aes_memcpy_iv_fix

Fix potential corruption of IV for AES CBC with zero length
2025-08-01 10:06:53 +03:00 · 2023-08-14 09:32:45 +01:00
parent 963513dba5 83c2e321d9
commit 2f4e6e748c
2 changed files with 8 additions and 0 deletions
--- a/library/aes.c
+++ b/library/aes.c
@ -1094,6 +1094,11 @@ int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx,
        return MBEDTLS_ERR_AES_BAD_INPUT_DATA;
    }

+    /* Nothing to do if length is zero. */
+    if (length == 0) {
+        return 0;
+    }
+
    if (length % 16) {
        return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
    }