From a0446a03448d2d1cbeba7b3d2f5eaa6e919155a0 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Wed, 13 Jul 2022 11:22:55 +0800
Subject: [PATCH] Add check_return flag

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/ssl_msg.c          | 3 +++
 library/ssl_tls13_client.c | 4 ++++
 2 files changed, 7 insertions(+)

diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index 9c207948d..dbef29b3f 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@@ -5291,6 +5291,7 @@ static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl )
 #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
 
 #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
+MBEDTLS_CHECK_RETURN_CRITICAL
 static int ssl_tls13_check_new_session_ticket( mbedtls_ssl_context *ssl )
 {
 
@@ -5310,6 +5311,7 @@ static int ssl_tls13_check_new_session_ticket( mbedtls_ssl_context *ssl )
 }
 #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
 
+MBEDTLS_CHECK_RETURN_CRITICAL
 static int ssl_tls13_handle_hs_message_post_handshake( mbedtls_ssl_context *ssl )
 {
 
@@ -5339,6 +5341,7 @@ static int ssl_tls13_handle_hs_message_post_handshake( mbedtls_ssl_context *ssl
  * and having a helper function allows to distinguish between TLS <= 1.2 and
  * TLS 1.3 in the future without bloating the logic of mbedtls_ssl_read().
  */
+MBEDTLS_CHECK_RETURN_CRITICAL
 static int ssl_tls12_handle_hs_message_post_handshake( mbedtls_ssl_context *ssl )
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index 0b243f491..985c9af33 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -1878,6 +1878,7 @@ static int ssl_tls13_handshake_wrapup( mbedtls_ssl_context *ssl )
 
 #if defined(MBEDTLS_SSL_SESSION_TICKETS)
 
+MBEDTLS_CHECK_RETURN_CRITICAL
 static int ssl_tls13_parse_new_session_ticket_exts( mbedtls_ssl_context *ssl,
                                                     const unsigned char *buf,
                                                     const unsigned char *end )
@@ -1923,6 +1924,7 @@ static int ssl_tls13_parse_new_session_ticket_exts( mbedtls_ssl_context *ssl,
  * } NewSessionTicket;
  *
  */
+MBEDTLS_CHECK_RETURN_CRITICAL
 static int ssl_tls13_parse_new_session_ticket( mbedtls_ssl_context *ssl,
                                                unsigned char *buf,
                                                unsigned char *end,
@@ -2007,6 +2009,7 @@ static int ssl_tls13_parse_new_session_ticket( mbedtls_ssl_context *ssl,
     return( 0 );
 }
 
+MBEDTLS_CHECK_RETURN_CRITICAL
 static int ssl_tls13_postprocess_new_session_ticket( mbedtls_ssl_context *ssl,
                                                      unsigned char *ticket_nonce,
                                                      size_t ticket_nonce_len )
@@ -2073,6 +2076,7 @@ static int ssl_tls13_postprocess_new_session_ticket( mbedtls_ssl_context *ssl,
 /*
  * Handler for MBEDTLS_SSL_NEW_SESSION_TICKET
  */
+MBEDTLS_CHECK_RETURN_CRITICAL
 static int ssl_tls13_process_new_session_ticket( mbedtls_ssl_context *ssl )
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;