From 9ac6b28e279321d8ad1b816288e70cf3a745aed0 Mon Sep 17 00:00:00 2001 From: kXuan Date: Thu, 11 Aug 2022 09:52:18 +0800 Subject: [PATCH] ctr_drbg: remove mbedtls_aes_init call from mbedtls_ctr_drbg_seed Since 11e9310 add mbedtls_aes_init call in mbedtls_ctr_drbg_init, it should not init aes_ctx again in mbedtls_ctr_drbg_seed. Signed-off-by: kXuan --- ChangeLog.d/fix-ctr-drbg-may-free-invalid-aes-context.txt | 4 ++++ library/ctr_drbg.c | 2 -- 2 files changed, 4 insertions(+), 2 deletions(-) create mode 100644 ChangeLog.d/fix-ctr-drbg-may-free-invalid-aes-context.txt diff --git a/ChangeLog.d/fix-ctr-drbg-may-free-invalid-aes-context.txt b/ChangeLog.d/fix-ctr-drbg-may-free-invalid-aes-context.txt new file mode 100644 index 0000000000..fe62c28edc --- /dev/null +++ b/ChangeLog.d/fix-ctr-drbg-may-free-invalid-aes-context.txt @@ -0,0 +1,4 @@ +Bugfix + * Fix mbedtls_ctr_drbg_free() on an initialized but unseeded context. When + MBEDTLS_AES_ALT is enabled, it could call mbedtls_aes_free() on an + uninitialized context. diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index 75103a3992..8919c78a10 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -449,8 +449,6 @@ int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx, mbedtls_mutex_init( &ctx->mutex ); #endif - mbedtls_aes_init( &ctx->aes_ctx ); - ctx->f_entropy = f_entropy; ctx->p_entropy = p_entropy;