From 23cad339c431eca16ed47987b07bd0e5d654ed38 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Mon, 13 Oct 2014 17:06:41 +0200
Subject: [PATCH] Fail cleanly on unhandled case

---
 library/ssl_tls.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index e72aa3ea2..4edf19a95 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -2688,6 +2688,17 @@ static int ssl_reassemble_dtls_handshake( ssl_context *ssl )
 
     SSL_DEBUG_MSG( 2, ( "handshake message completed" ) );
 
+    if( frag_len + 12 < ssl->in_msglen )
+    {
+        /*
+         * We'got more handshake messages in the same record.
+         * This case is not handled now because no know implementation does
+         * that and it's hard to test, so we prefer to fail cleanly for now.
+         */
+        SSL_DEBUG_MSG( 1, ( "last fragment not alone in its record" ) );
+        return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );
+    }
+
     if( ssl->in_left > ssl->next_record_offset )
     {
         /*