commit 7887a77c2507bfbddd2238a0a1a06f9b19d7f64e
author Hanno Becker <hanno.becker@arm.com> Tue Apr 20 05:27:57 2021 +0100
committer Hanno Becker <hanno.becker@arm.com> Mon Aug 02 04:54:03 2021 +0100
tree e89aaec93025d1c91f6ed905cb5454b7ac3d4d2c
parent 80e760e00642836a19e7c05efad3ac34a57230be

Match parameter check in TLS 1.3 populate transform to 1.2 version

Signed-off-by: Hanno Becker <hanno.becker@arm.com>

library/ssl_tls13_keys.c

diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c
index 2831313..0977cab 100644
--- a/library/ssl_tls13_keys.c
+++ b/library/ssl_tls13_keys.c
@@ -719,12 +719,19 @@
 #endif
 
     ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuite );
+    if( ciphersuite_info == NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "ciphersuite info for %d not found",
+                                    ciphersuite ) );
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+    }
 
     cipher_info = mbedtls_cipher_info_from_type( ciphersuite_info->cipher );
     if( cipher_info == NULL )
     {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "cipher info for %u not found",
+                                    ciphersuite_info->cipher ) );
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA )
     }
 
     /*