From 2fdc7b3599f3eeb14391e925b6b859f9e3ab857c Mon Sep 17 00:00:00 2001
From: Tom Cosgrove <tom.cosgrove@arm.com>
Date: Wed, 21 Sep 2022 12:33:17 +0100
Subject: [PATCH] Return an error from mbedtls_ssl_handshake_step() if neither
 client nor server

This prevents an infinite loop in mbedtls_ssl_handshake(). Fixes #6305.

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
---
 library/ssl_tls.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 12e1c1b03..5ea8afadf 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -3243,6 +3243,10 @@ int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl )
     if( ret != 0 )
         goto cleanup;
 
+    /* If ssl->conf->endpoint is not one of MBEDTLS_SSL_IS_CLIENT or
+     * MBEDTLS_SSL_IS_SERVER, this is the return code we give */
+    ret = MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+
 #if defined(MBEDTLS_SSL_CLI_C)
     if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
     {