diff --git a/src/wp_ecdh_exch.c b/src/wp_ecdh_exch.c index ee9aaf0c..8e525aee 100644 --- a/src/wp_ecdh_exch.c +++ b/src/wp_ecdh_exch.c @@ -156,8 +156,8 @@ static wp_EcdhCtx* wp_ecdh_dup(wp_EcdhCtx* src) } if (!ok) { /* Free allocated memory and up referenced objects. */ - wp_ecc_free(src->peer); - wp_ecc_free(src->key); + wp_ecc_free(dst->peer); + wp_ecc_free(dst->key); OPENSSL_free(dst); dst = NULL; } diff --git a/src/wp_ecx_exch.c b/src/wp_ecx_exch.c index cd17ded0..697db656 100644 --- a/src/wp_ecx_exch.c +++ b/src/wp_ecx_exch.c @@ -115,7 +115,8 @@ static wp_EcxCtx* wp_ecx_dupctx(wp_EcxCtx* src) dst->peer = src->peer; } if (!ok) { - wp_ecx_free(src->key); + wp_ecx_free(dst->key); + wp_ecx_free(dst->peer); OPENSSL_free(dst); dst = NULL; } diff --git a/src/wp_internal.c b/src/wp_internal.c index 9be14df7..1c09c6e1 100644 --- a/src/wp_internal.c +++ b/src/wp_internal.c @@ -332,12 +332,13 @@ int wp_unlock(wolfSSL_Mutex* mutex) */ int wp_name_to_nid(OSSL_LIB_CTX* libCtx, const char* name, const char* propQ) { - int nid; + int nid = NID_undef; EVP_MD* md = EVP_MD_fetch(libCtx, name, propQ); - nid = EVP_MD_type(md); - EVP_MD_free(md); - + if (md) { + nid = EVP_MD_type(md); + EVP_MD_free(md); + } return nid; } @@ -441,11 +442,13 @@ enum wc_HashType wp_nid_to_wc_hash_type(int nid) int wp_name_to_wc_mgf(OSSL_LIB_CTX* libCtx, const char* name, const char* propQ) { - int ret; + int ret = WC_MGF1NONE; EVP_MD* md = EVP_MD_fetch(libCtx, name, propQ); - ret = wp_mgf1_from_hash(EVP_MD_type(md)); - EVP_MD_free(md); + if (md) { + ret = wp_mgf1_from_hash(EVP_MD_type(md)); + EVP_MD_free(md); + } return ret; } diff --git a/src/wp_kbkdf.c b/src/wp_kbkdf.c index 39500d41..0abee09b 100644 --- a/src/wp_kbkdf.c +++ b/src/wp_kbkdf.c @@ -394,6 +394,10 @@ static int wp_kbkdf_init_hmac(wp_KbkdfCtx* ctx, unsigned char* key, localKeyLen = (word32)keyLen; } + if (localKeyLen > sizeof(localKey)) { + ok = 0; + } + if (ok) { XMEMCPY(localKey, key, keyLen); rc = wc_HmacSetKey(&ctx->hmacCtx, ctx->hashType, localKey,