Double check that record expansion is as expected during decryption

commit: 29800d2fd177a59de02fc2c1eb1027556b31758f [log] [tgz]
author: Hanno Becker <hanno.becker@arm.com> Tue Aug 07 14:30:18 2018 +0100
committer: Hanno Becker <hanno.becker@arm.com> Thu Apr 25 12:58:21 2019 +0100
tree: 54cf391fcce10708fa6ceb73cc5c095429ca9cbe
parent: 1c0c37feed9ba4e292159c931dad1ae10e16fab0 [diff]
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 88b39b7..dc6647d 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -4641,6 +4641,11 @@
             return( ret );
         }
 
+        if( ssl->in_iv + rec.data_offset != ssl->in_msg )
+        {
+            /* Should never happen */
+            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+        }
 
         ssl->in_msglen = rec.data_len;
         ssl->in_len[0] = (unsigned char)( rec.data_len >> 8 );
commit	29800d2fd177a59de02fc2c1eb1027556b31758f	[log] [tgz]
author	Hanno Becker <hanno.becker@arm.com>	Tue Aug 07 14:30:18 2018 +0100
committer	Hanno Becker <hanno.becker@arm.com>	Thu Apr 25 12:58:21 2019 +0100
tree	54cf391fcce10708fa6ceb73cc5c095429ca9cbe
parent	1c0c37feed9ba4e292159c931dad1ae10e16fab0 [diff]