From 7298bef693abaf4cf9375f5aa1f779c89b784cd7 Mon Sep 17 00:00:00 2001
From: Paul Elliott <paul.elliott@arm.com>
Date: Thu, 2 Dec 2021 17:51:34 +0000
Subject: [PATCH] Add explanation for safety in function

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
---
 library/pkcs12.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/library/pkcs12.c b/library/pkcs12.c
index f44ac8258..80a3eab80 100644
--- a/library/pkcs12.c
+++ b/library/pkcs12.c
@@ -199,6 +199,14 @@ static void pkcs12_fill_buffer( unsigned char *data, size_t data_len,
             data_len -= use_len;
         }
     }
+    else
+    {
+        /* If either of the above are not true then clearly there is nothing
+         * that this function can do. The function should *not* be called
+         * under either of those circumstances, as you could end up with an
+         * incorrect output but for safety's sake, leaving the check in as
+         * otherwise we could end up with memory corruption.*/
+    }
 }
 
 int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen,