From 58c17277754fc899a68f7ccd5c262c241b925a5c Mon Sep 17 00:00:00 2001
From: gabor-mezei-arm <gabor.mezei@arm.com>
Date: Tue, 29 Jun 2021 16:41:25 +0200
Subject: [PATCH] Add buffer overflow check

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
---
 library/psa_crypto_cipher.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c
index 9bb21a0a15..3701f72da8 100644
--- a/library/psa_crypto_cipher.c
+++ b/library/psa_crypto_cipher.c
@@ -390,6 +390,9 @@ static psa_status_t cipher_update( mbedtls_psa_cipher_operation_t *operation,
         status = mbedtls_to_psa_error(
             mbedtls_cipher_update( &operation->ctx.cipher, input,
                                    input_length, output, output_length ) );
+
+        if( *output_length > output_size )
+            return PSA_ERROR_CORRUPTION_DETECTED;
     }
 
     return( status );