From 0b9db441c8847b514030d65847ff3c008a6fbeac Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Tue, 7 Jan 2020 10:14:54 +0100
Subject: [PATCH] Make optional parameter validation more precise

---
 library/sha512.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/library/sha512.c b/library/sha512.c
index fc21331e9e..fbb034facd 100644
--- a/library/sha512.c
+++ b/library/sha512.c
@@ -132,7 +132,11 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst,
 int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 )
 {
     SHA512_VALIDATE_RET( ctx != NULL );
+#if !defined(MBEDTLS_SHA512_NO_SHA384)
     SHA512_VALIDATE_RET( is384 == 0 || is384 == 1 );
+#else
+    SHA512_VALIDATE_RET( is384 == 0 );
+#endif
 
     ctx->total[0] = 0;
     ctx->total[1] = 0;
@@ -475,7 +479,11 @@ int mbedtls_sha512_ret( const unsigned char *input,
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     mbedtls_sha512_context ctx;
 
+#if !defined(MBEDTLS_SHA512_NO_SHA384)
     SHA512_VALIDATE_RET( is384 == 0 || is384 == 1 );
+#else
+    SHA512_VALIDATE_RET( is384 == 0 );
+#endif
     SHA512_VALIDATE_RET( ilen == 0 || input != NULL );
     SHA512_VALIDATE_RET( (unsigned char *)output != NULL );