Merge pull request #8066 from paul-elliott-arm/aes_memcpy_iv_fix

Fix potential corruption of IV for AES CBC with zero length
2023-08-14 09:32:45 +01:00 · 2023-08-14 09:32:45 +01:00 · 2f4e6e748c
commit 2f4e6e748c
parent 963513dba5 83c2e321d9
2 changed files with 8 additions and 0 deletions
--- a/ChangeLog.d/fix-aes-cbc-iv-corruption
+++ b/ChangeLog.d/fix-aes-cbc-iv-corruption
@ -0,0 +1,3 @@
+Bugfix
+   * Fix a potential corruption of the passed-in IV when mbedtls_aes_crypt_cbc()
+     is called with zero length and padlock is not enabled.
--- a/library/aes.c
+++ b/library/aes.c
@ -1094,6 +1094,11 @@ int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx,
        return MBEDTLS_ERR_AES_BAD_INPUT_DATA;
    }

+    /* Nothing to do if length is zero. */
+    if (length == 0) {
+        return 0;
+    }
+
    if (length % 16) {
        return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
    }