ChangeLog.d/uniformize_bounds_checks.txt - third_party/github/ARMmbed/mbedtls - Git at Google

 Bugfix
    * Add additional bounds checks in ssl_write_client_hello() preventing
      output buffer overflow if the configuration declared a buffer that was
      too small.
 Changes
    * Abort the ClientHello writing function as soon as some extension doesn't
      fit into the record buffer. Previously, such extensions were silently
      dropped. As a consequence, the TLS handshake now fails when the output
      buffer is not large enough to hold the ClientHello.
	Bugfix
	* Add additional bounds checks in ssl_write_client_hello() preventing
	output buffer overflow if the configuration declared a buffer that was
	too small.
	Changes
	* Abort the ClientHello writing function as soon as some extension doesn't
	fit into the record buffer. Previously, such extensions were silently
	dropped. As a consequence, the TLS handshake now fails when the output
	buffer is not large enough to hold the ClientHello.