yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Make sure unused parts of tag buffer are cleared

Browse source 
We already did this on failure, but make sure the buffer does not leak
what was in it previously on success

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
This commit is contained in:
Paul Elliott 2021-07-16 18:56:12 +01:00
parent e0fcb3b99e
commit 32925b9e5b
1 changed files with 7 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
library/psa_crypto.c
View file

@ -3804,9 +3804,14 @@ psa_status_t psa_aead_finish( psa_aead_operation_t *operation,
exit:
/* In case the operation fails and the user fails to check for failure or
* the zero tag size, make sure the tag is set to something impossible. */
* the zero tag size, make sure the tag is set to something impossible.
* Even if the operation succeeds, make sure we set the rest of the
* buffer to something impossible to prevent potential leakage of
* anything previously placed in the same buffer.*/
if( status != PSA_SUCCESS )
memset(tag, '!', tag_size);
memset( tag, '!', tag_size );
else if( *tag_length < tag_size )
memset( tag + *tag_length, '!', ( tag_size - *tag_length ) );
psa_aead_abort( operation );