From 5b89c0927366631597ab9a48f430ffd6c603846a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Tue, 18 Dec 2018 10:03:30 +0100
Subject: [PATCH] Add check for iv_off in AES-CFB128 and AES-OFB

The check is mandatory as skipping it results in buffer overread of arbitrary
size.
---
 library/aes.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/library/aes.c b/library/aes.c
index f6dc9963e..1c743f95d 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -1298,6 +1298,9 @@ int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
 
     n = *iv_off;
 
+    if( n > 16 )
+        return( MBEDTLS_ERR_AES_BAD_INPUT_DATA );
+
     if( mode == MBEDTLS_AES_DECRYPT )
     {
         while( length-- )
@@ -1391,6 +1394,9 @@ int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
 
     n = *iv_off;
 
+    if( n > 16 )
+        return( MBEDTLS_ERR_AES_BAD_INPUT_DATA );
+
     while( length-- )
     {
         if( n == 0 )