From 4bbaeb4ffafb57ca8e7901995ae274b05be4572b Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Thu, 22 Feb 2018 04:29:04 -0800
Subject: [PATCH] Add guard to out_left to avoid negative values

return error when f_send return a value greater than out_left
---
 ChangeLog         | 2 ++
 library/ssl_tls.c | 6 ++++++
 2 files changed, 8 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index 708ecad7e8..d82600c074 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -23,6 +23,8 @@ Changes
      Contributed by Mathieu Briand.
    * Fix typo in a comment ctr_drbg.c. Contributed by Paul Sokolovsky.
    * Remove support for the library reference configuration for picocoin.
+   * Add guard to validate that out_left can not be negative. Raised by 
+     samoconnor in #1245.
 
 = mbed TLS 2.7.0 branch released 2018-02-03
 
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 617dedb1b0..1de5eaab69 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -2469,6 +2469,12 @@ int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl )
         if( ret <= 0 )
             return( ret );
 
+        if( (size_t)ret > ssl->out_left )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "f_send returned value greater than out left size" ) );
+            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+        }
+
         ssl->out_left -= ret;
     }