commit 6085c721d2fa0a8b0e38fc5ce9d0735232fe1cae
author mohammad1603 <mohammad.abomokh@arm.com> Thu Feb 22 04:29:04 2018 -0800
committer mohammad1603 <mohammad.abomokh@arm.com> Sun Feb 25 01:18:46 2018 -0800
tree fbadeae718c32db8c518aa87634f5c63f52f4621
parent 3f9cff20d7769770983052c4a726db4c972215b2

Backport 2.7:Add guard to out_left to avoid negative values

Add guard to out_left to avoid negative values

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index ff52104..027fdd2 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -2481,6 +2481,12 @@
         if( ret <= 0 )
             return( ret );
 
+        if( (size_t)ret > ssl->out_left )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "f_send returned value greater than out left size" ) );
+            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+        }
+
         ssl->out_left -= ret;
     }