From 8a92e1eae6e060588f827564038ee8cc8e511e77 Mon Sep 17 00:00:00 2001
From: Sean Parkinson <sean@wolfssl.com>
Date: Mon, 28 Oct 2019 16:28:52 +1000
Subject: [PATCH] Fix check for plaintext length when using Encrypt-Then-MAC

---
 src/internal.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/src/internal.c b/src/internal.c
index 113af79d8..5d5115c74 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -14309,6 +14309,20 @@ int ProcessReply(WOLFSSL* ssl)
         /* the record layer is here */
         case runProcessingOneMessage:
 
+       #if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY)
+            if (IsEncryptionOn(ssl, 0) && ssl->options.encThenMac) {
+                if (ssl->buffers.inputBuffer.length - ssl->keys.padSz -
+                                              ssl->buffers.inputBuffer.idx -
+                                              MacSize(ssl) > MAX_PLAINTEXT_SZ) {
+                    WOLFSSL_MSG("Plaintext too long - Encrypt-Then-MAC");
+            #if defined(WOLFSSL_EXTRA_ALERTS)
+                    SendAlert(ssl, alert_fatal, record_overflow);
+            #endif
+                    return BUFFER_ERROR;
+                }
+            }
+            else
+       #endif
             if (ssl->buffers.inputBuffer.length - ssl->keys.padSz -
                               ssl->buffers.inputBuffer.idx > MAX_PLAINTEXT_SZ) {
                 WOLFSSL_MSG("Plaintext too long");