mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-22 16:55:42 +01:00
Add check for iv_off in AES-CFB128 and AES-OFB
The check is mandatory as skipping it results in buffer overread of arbitrary size.
This commit is contained in:
parent
998a358529
commit
5b89c09273
@ -1298,6 +1298,9 @@ int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
|
||||
|
||||
n = *iv_off;
|
||||
|
||||
if( n > 16 )
|
||||
return( MBEDTLS_ERR_AES_BAD_INPUT_DATA );
|
||||
|
||||
if( mode == MBEDTLS_AES_DECRYPT )
|
||||
{
|
||||
while( length-- )
|
||||
@ -1391,6 +1394,9 @@ int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
|
||||
|
||||
n = *iv_off;
|
||||
|
||||
if( n > 16 )
|
||||
return( MBEDTLS_ERR_AES_BAD_INPUT_DATA );
|
||||
|
||||
while( length-- )
|
||||
{
|
||||
if( n == 0 )
|
||||
|
Loading…
Reference in New Issue
Block a user