From d3efb92922e4e897563b028974ee40818fdeee99 Mon Sep 17 00:00:00 2001
From: David Horstmann <david.horstmann@arm.com>
Date: Wed, 17 Jan 2024 15:27:50 +0000
Subject: [PATCH] Add underflow check to UNPOISON counter decrement

Make sure that extra UNPOISON calls do not cause the poisoning counter
to underflow and wrap around.

Memory that is unpoisoned multiple times should remain unpoisoned.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
---
 tests/include/test/memory.h | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/tests/include/test/memory.h b/tests/include/test/memory.h
index 181280f265..20fd8d30a5 100644
--- a/tests/include/test/memory.h
+++ b/tests/include/test/memory.h
@@ -94,7 +94,9 @@ void mbedtls_test_memory_unpoison(const unsigned char *ptr, size_t size);
 #define MBEDTLS_TEST_MEMORY_UNPOISON(ptr, size)    \
     do { \
         mbedtls_test_memory_unpoison(ptr, size); \
-        mbedtls_test_memory_poisoning_count--; \
+        if (mbedtls_test_memory_poisoning_count != 0) { \
+            mbedtls_test_memory_poisoning_count--; \
+        } \
     } while (0)
 
 #else /* MBEDTLS_TEST_MEMORY_CAN_POISON */