Uniformize bounds checks using new macro
This commit uses the previously defined macro to uniformize
bounds checks in several places. It also adds bounds checks to
the ClientHello writing function that were previously missing.
Also, the functions adding extensions to the ClientHello message
can now fail if the buffer is too small or a different error
condition occurs, and moreover they take an additional buffer
end parameter to free them from the assumption that one is
writing to the default output buffer.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c
index 23ee122..682beef 100644
--- a/library/ssl_ticket.c
+++ b/library/ssl_ticket.c
@@ -35,6 +35,7 @@
#define mbedtls_free free
#endif
+#include "mbedtls/ssl_internal.h"
#include "mbedtls/ssl_ticket.h"
#include <string.h>
@@ -320,8 +321,7 @@
/* We need at least 4 bytes for key_name, 12 for IV, 2 for len 16 for tag,
* in addition to session itself, that will be checked when writing it. */
- if( end - start < TICKET_MIN_LEN )
- return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
+ MBEDTLS_SSL_CHK_BUF_PTR( start, end, TICKET_MIN_LEN );
#if defined(MBEDTLS_THREADING_C)
if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )