From 39eb9bf1acfe48897e97fea57ef0b6e5cb927695 Mon Sep 17 00:00:00 2001
From: Dionna Glaze <dionnaglaze@google.com>
Date: Wed, 16 Aug 2017 15:40:43 -0700
Subject: [PATCH] Check for crash in do_ocall to prevent any data leakage.

---
 sdk/trts/trts_ocall.cpp | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/sdk/trts/trts_ocall.cpp b/sdk/trts/trts_ocall.cpp
index c1eebe08f..2467822e8 100644
--- a/sdk/trts/trts_ocall.cpp
+++ b/sdk/trts/trts_ocall.cpp
@@ -53,6 +53,10 @@ extern "C" sgx_status_t __morestack(const unsigned int index, void *ms);
 //
 sgx_status_t sgx_ocall(const unsigned int index, void *ms)
 {
+    // check for crash to prevent any data leakage
+    if(get_enclave_state() == ENCLAVE_CRASHED) {
+        return SGX_ERROR_ENCLAVE_CRASHED;
+    }
     // sgx_ocall is not allowed during exception handling
     thread_data_t *thread_data = get_thread_data();
     
@@ -138,4 +142,3 @@ sgx_status_t do_oret(void *ms)
     // Should not come here
     return SGX_ERROR_UNEXPECTED;
 }
-