From e7bfbc27bf0cbaf181b741dcf42a36758dd17840 Mon Sep 17 00:00:00 2001
From: David Horstmann <david.horstmann@arm.com>
Date: Wed, 17 Jan 2024 15:27:50 +0000
Subject: [PATCH] Add underflow check to UNPOISON counter decrement

Make sure that extra UNPOISON calls do not cause the poisoning counter
to underflow and wrap around.

Memory that is unpoisoned multiple times should remain unpoisoned.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
---
 tests/include/test/memory.h | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/tests/include/test/memory.h b/tests/include/test/memory.h
index 6d0f76478a..91be573b9b 100644
--- a/tests/include/test/memory.h
+++ b/tests/include/test/memory.h
@@ -93,7 +93,9 @@ void mbedtls_test_memory_unpoison(const unsigned char *ptr, size_t size);
 #define MBEDTLS_TEST_MEMORY_UNPOISON(ptr, size)    \
     do { \
         mbedtls_test_memory_unpoison(ptr, size); \
-        mbedtls_test_memory_poisoning_count--; \
+        if (mbedtls_test_memory_poisoning_count != 0) { \
+            mbedtls_test_memory_poisoning_count--; \
+        } \
     } while (0)
 
 #else /* MBEDTLS_TEST_MEMORY_CAN_POISON */