yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Fix potential corruption of IV for AES CBC

Browse source 
If passed a zero length, AES CBC could potentially corrupt the passed
in IV by memcpying it over itself. Although this might be ok with
more recent compilers, its not for every compiler we support. Found
by coverity.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
This commit is contained in:
Paul Elliott 2023-08-11 11:07:06 +01:00
parent 5e678fd4d2
commit 2ad93674dc
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
library/aes.c
View file

@ -1094,6 +1094,11 @@ int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx,
return MBEDTLS_ERR_AES_BAD_INPUT_DATA;
}
/* Nothing to do if length is zero. */
if (length == 0) {
return 0;
}
if (length % 16) {
return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
}