Merge pull request #9082 from andre-rosa/check-overflow-when-reading-padding-len-on-aes-128-cbc-decryption

Add invalid `padding_len` check in `get_pkcs_padding`
2025-07-29 11:41:15 +03:00 · 2024-07-03 14:41:06 +00:00
parent 5e3c529614 043aa9e2a2
commit 94f07689d6
2 changed files with 11 additions and 0 deletions
--- a/library/cipher.c
+++ b/library/cipher.c
@ -849,6 +849,9 @@ static int get_pkcs_padding(unsigned char *input, size_t input_len,
    }

    padding_len = input[input_len - 1];
+    if (padding_len == 0 || padding_len > input_len) {
+        return MBEDTLS_ERR_CIPHER_INVALID_PADDING;
+    }
    *data_len = input_len - padding_len;

    mbedtls_ct_condition_t bad = mbedtls_ct_uint_gt(padding_len, input_len);