From b11af86daff1e68dff8118b8f33f1b5a2a01841f Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Mon, 19 Mar 2018 07:18:13 -0700
Subject: [PATCH] Avoid wraparound on in_left

Avoid wraparound on in_left
---
 library/ssl_tls.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 027fdd259..b91577601 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -2434,6 +2434,14 @@ int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want )
             if( ret < 0 )
                 return( ret );
 
+            // At this point ret value is positive, verify that adding ret 
+            // value to ssl->in_left doesn't cause a wraparound
+            if (ssl->in_left + (size_t)ret < ssl->in_left)
+            {
+                MBEDTLS_SSL_DEBUG_MSG( 1, ( "wraparound happened over in_left value" ) );
+                return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+            }
+
             ssl->in_left += ret;
         }
     }