From b42ba1b0a5229101dbcd81d508beb05a9ce9f473 Mon Sep 17 00:00:00 2001
From: Ivan Grokhotkov <ivan@espressif.com>
Date: Thu, 19 Apr 2018 11:45:54 +0800
Subject: [PATCH] mbedtls: Prevent arithmetic overflow on bounds check

Part of the patch for CVE-2018-9988.
Cherry-pick of https://github.com/ARMmbed/mbedtls/commit/027f84c69f4ef30c0693832a6c396ef19e563ca1
Ref. https://github.com/espressif/esp-idf/issues/1860
---
 components/mbedtls/library/ssl_cli.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/components/mbedtls/library/ssl_cli.c b/components/mbedtls/library/ssl_cli.c
index a2b9f8cfe1..c0ade43ad9 100644
--- a/components/mbedtls/library/ssl_cli.c
+++ b/components/mbedtls/library/ssl_cli.c
@@ -2473,7 +2473,7 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl )
         sig_len = ( p[0] << 8 ) | p[1];
         p += 2;
 
-        if( end != p + sig_len )
+        if( p != end - sig_len )
         {
             MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
             mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,