From 1bf86b7e32b12c961c8078ed2b3c63c7b5e1927a Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Thu, 8 Jun 2017 15:58:02 +0100
Subject: [PATCH] Add hard assertion to ssl_read_record

This commit adds a hard assertion to mbedtls_ssl_read_record
triggering if both ssl->in_hslen and ssl->in_offt are not 0. This
should never happen, and if it does, there's no sensible way of
telling whether the previous message was a handshake or an application
data message.
---
 library/ssl_tls.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 8d49be4f6..f81a5e2d0 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -2180,6 +2180,12 @@ int ssl_read_record( ssl_context *ssl )
 
     if( ssl->in_hslen != 0 )
     {
+        if( ssl->in_offt != NULL )
+        {
+            SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+            return( POLARSSL_ERR_SSL_INTERNAL_ERROR );
+        }
+
         /*
          * Get next Handshake message in the current record
          */