mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-05 18:40:01 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add early exit if zero length AEAD AD passed in.

Browse Source 
With multipart AEAD, if we attempt to add zero length additional data,
then with the buffer sharing fixes this can now lead to undefined
behaviour when using gcm. Fix this by returning early, as there is
nothing to do if the input length is zero.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
This commit is contained in:
Paul Elliott 2024-04-26 18:30:11 +01:00
parent f6275b745f
commit 304766ffa8
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
library/psa_crypto.c
View File

@ -5194,6 +5194,12 @@ psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation,
goto exit; goto exit;
} }
/* No input to add (zero length), nothing to do. */
if (input_length == 0) {
status = PSA_SUCCESS;
goto exit;
}
if (operation->lengths_set) { if (operation->lengths_set) {
if (operation->ad_remaining < input_length) { if (operation->ad_remaining < input_length) {
status = PSA_ERROR_INVALID_ARGUMENT; status = PSA_ERROR_INVALID_ARGUMENT;