Add a safety check for in_hsfraglen Signed-off-by: Deomid rojer Ryabkov <rojer@rojer.me>

commit: b70e76a1e6ffd1596915bc337d8975b904bdd8f6 [log] [tgz]
author: Deomid rojer Ryabkov <rojer@rojer.me> Mon Jan 27 22:37:37 2025 +0400
committer: Deomid rojer Ryabkov <rojer@rojer.me> Mon Jan 27 22:37:53 2025 +0400
tree: 0fa963dcebff66937451c1886778766362f20928
parent: aaa152ed91d445e233e71c8d7c3f2aa5b3b72a1a [diff]
diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index 36a8611..3eb49e2 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c

@@ -3297,6 +3297,9 @@
     } else
 #endif /* MBEDTLS_SSL_PROTO_DTLS */
     {
+        if (ssl->in_hsfraglen > ssl->in_hslen) {
+            return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+        }
         int ret;
         const size_t hs_remain = ssl->in_hslen - ssl->in_hsfraglen;
         MBEDTLS_SSL_DEBUG_MSG(3,
commit	b70e76a1e6ffd1596915bc337d8975b904bdd8f6	[log] [tgz]
author	Deomid rojer Ryabkov <rojer@rojer.me>	Mon Jan 27 22:37:37 2025 +0400
committer	Deomid rojer Ryabkov <rojer@rojer.me>	Mon Jan 27 22:37:53 2025 +0400
tree	0fa963dcebff66937451c1886778766362f20928
parent	aaa152ed91d445e233e71c8d7c3f2aa5b3b72a1a [diff]