Uniformize bounds checks using new macro This commit uses the previously defined macro to uniformize bounds checks in several places. It also adds bounds checks to the ClientHello writing function that were previously missing. Also, the functions adding extensions to the ClientHello message can now fail if the buffer is too small or a different error condition occurs, and moreover they take an additional buffer end parameter to free them from the assumption that one is writing to the default output buffer. Signed-off-by: Ronald Cron <ronald.cron@arm.com>

commit: 0e8dc48cffd1532164b089142a4bcb9e081649b0 [log] [tgz]
author: Hanno Becker <hanno.becker@arm.com> Wed Apr 12 14:54:42 2017 +0100
committer: Ronald Cron <ronald.cron@arm.com> Thu Jun 11 14:51:25 2020 +0200
tree: bbeaa6e4d04074a532d16e8d0da1699700425401
parent: dc7b5b97a134385a006addc76d3db7fa46e2e3d6 [diff] [blame]
diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c
index 23ee122..682beef 100644
--- a/library/ssl_ticket.c
+++ b/library/ssl_ticket.c

@@ -35,6 +35,7 @@
 #define mbedtls_free      free
 #endif
 
+#include "mbedtls/ssl_internal.h"
 #include "mbedtls/ssl_ticket.h"
 
 #include <string.h>
@@ -320,8 +321,7 @@
 
     /* We need at least 4 bytes for key_name, 12 for IV, 2 for len 16 for tag,
      * in addition to session itself, that will be checked when writing it. */
-    if( end - start < TICKET_MIN_LEN )
-        return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
+    MBEDTLS_SSL_CHK_BUF_PTR( start, end, TICKET_MIN_LEN );
 
 #if defined(MBEDTLS_THREADING_C)
     if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
commit	0e8dc48cffd1532164b089142a4bcb9e081649b0	[log] [tgz]
author	Hanno Becker <hanno.becker@arm.com>	Wed Apr 12 14:54:42 2017 +0100
committer	Ronald Cron <ronald.cron@arm.com>	Thu Jun 11 14:51:25 2020 +0200
tree	bbeaa6e4d04074a532d16e8d0da1699700425401
parent	dc7b5b97a134385a006addc76d3db7fa46e2e3d6 [diff] [blame]