From 2e49d079d606893314c7a2269f0289f6e72c0ac9 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Thu, 22 Oct 2020 11:16:25 +0200 Subject: [PATCH] Describe the behaviour of buffer resizing on an out-of-memory error Signed-off-by: Andrzej Kurek --- include/mbedtls/config.h | 6 +++++- library/ssl_tls.c | 4 ++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 5534ec4f8..cf7f4033a 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1912,7 +1912,11 @@ /** * \def MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH * - * Enable modifying the maximum I/O buffer size. + * Enable modifying the maximum I/O buffer size in runtime. + * + * If the library runs out of memory during the resizing of an I/O buffer, + * there is no error returned. The operation continues as usual on an + * unchanged buffer without any negative impact on the flow. */ //#define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH diff --git a/library/ssl_tls.c b/library/ssl_tls.c index eaa0f6e56..eb212d2ca 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -685,6 +685,8 @@ static void handle_buffer_resizing( mbedtls_ssl_context *ssl, int downsizing, { if( resize_buffer( &ssl->in_buf, in_buf_new_len, &ssl->in_buf_len ) != 0 ) { + /* No need to return an error here; The buffer will remain as + * is with no negative impact on the flow. */ MBEDTLS_SSL_DEBUG_MSG( 1, ( "input buffer resizing failed - out of memory" ) ); } else @@ -705,6 +707,8 @@ static void handle_buffer_resizing( mbedtls_ssl_context *ssl, int downsizing, { if( resize_buffer( &ssl->out_buf, out_buf_new_len, &ssl->out_buf_len ) != 0 ) { + /* No need to return an error here; The buffer will remain as + * is with no negative impact on the flow. */ MBEDTLS_SSL_DEBUG_MSG( 1, ( "output buffer resizing failed - out of memory" ) ); } else