lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-05 19:35:48 +03:00
Code Activity

Merge pull request #8066 from paul-elliott-arm/aes_memcpy_iv_fix

Browse Source 
Fix potential corruption of IV for AES CBC with zero length
This commit is contained in:
Dave Rodgman
2023-08-14 09:32:45 +01:00
committed by GitHub
parent 963513dba5 83c2e321d9
commit 2f4e6e748c
2 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
ChangeLog.d/fix-aes-cbc-iv-corruption Normal file
View File

@@ -0,0 +1,3 @@
Bugfix
* Fix a potential corruption of the passed-in IV when mbedtls_aes_crypt_cbc()
is called with zero length and padlock is not enabled.

5
library/aes.c
View File

@@ -1094,6 +1094,11 @@ int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx,
return MBEDTLS_ERR_AES_BAD_INPUT_DATA; return MBEDTLS_ERR_AES_BAD_INPUT_DATA;
} }
/* Nothing to do if length is zero. */
if (length == 0) {
return 0;
}
if (length % 16) { if (length % 16) {
return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH; return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
} }