cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-11-03 20:22:59 -05:00
Code Issues Packages Projects Releases Wiki Activity

Check invalid nc_off

Browse Source 
Uninitialized nc_off value >0xf passed by the caller can cause array out-of-bound.
This commit is contained in:
Mohammad Azim Khan 2017-11-23 17:49:05 +00:00 committed by Azim Khan
parent 4ca9a45756
commit 3f7f8170d6
2 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
include/mbedtls/aes.h
View File

@ -49,6 +49,7 @@
/* Error codes in range 0x0020-0x0022 */
#define MBEDTLS_ERR_AES_INVALID_KEY_LENGTH -0x0020 /**< Invalid key length. */
#define MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH -0x0022 /**< Invalid data input length. */
#define MBEDTLS_ERR_AES_BAD_INPUT_DATA -0x0024 /**< Invalid input data. */
/* Error codes in range 0x0023-0x0025 */
#define MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE -0x0023 /**< Feature not available. For example, an unsupported AES key size. */

3
library/aes.c
View File

@ -1082,6 +1082,9 @@ int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
int c, i;
size_t n = *nc_off;
if ( n > 0x0F )
return( MBEDTLS_ERR_AES_BAD_INPUT_DATA );
while( length-- )
{
if( n == 0 ) {