Add guard to out_left to avoid negative values

return error when f_send return a value greater than out_left
This commit is contained in:
mohammad1603 2018-02-22 04:29:04 -08:00
parent d76d8bc9a5
commit 4bbaeb4ffa
2 changed files with 8 additions and 0 deletions

View File

@ -23,6 +23,8 @@ Changes
Contributed by Mathieu Briand. Contributed by Mathieu Briand.
* Fix typo in a comment ctr_drbg.c. Contributed by Paul Sokolovsky. * Fix typo in a comment ctr_drbg.c. Contributed by Paul Sokolovsky.
* Remove support for the library reference configuration for picocoin. * Remove support for the library reference configuration for picocoin.
* Add guard to validate that out_left can not be negative. Raised by
samoconnor in #1245.
= mbed TLS 2.7.0 branch released 2018-02-03 = mbed TLS 2.7.0 branch released 2018-02-03

View File

@ -2469,6 +2469,12 @@ int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl )
if( ret <= 0 ) if( ret <= 0 )
return( ret ); return( ret );
if( (size_t)ret > ssl->out_left )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "f_send returned value greater than out left size" ) );
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
ssl->out_left -= ret; ssl->out_left -= ret;
} }