From 2f63eb070e40cfee4fedb8ca39282b91add5e059 Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Wed, 13 Sep 2023 14:05:57 -0400 Subject: [PATCH] Fix memory leak if the function is being called again because of a retry --- src/tls13.c | 27 +++++++++++++++------------ 1 file changed, 15 insertions(+), 12 deletions(-) diff --git a/src/tls13.c b/src/tls13.c index 9d668ecd3..6940ea139 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -8665,19 +8665,22 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl) } EncodeSigAlg(ssl->options.hashAlgo, args->sigAlgo, args->verify); - if (ssl->hsType == DYNAMIC_TYPE_RSA) { - int sigLen = MAX_SIG_DATA_SZ; - if (args->length > MAX_SIG_DATA_SZ) - sigLen = args->length; - args->sigData = (byte*)XMALLOC(sigLen, ssl->heap, - DYNAMIC_TYPE_SIGNATURE); - } - else { - args->sigData = (byte*)XMALLOC(MAX_SIG_DATA_SZ, ssl->heap, - DYNAMIC_TYPE_SIGNATURE); - } if (args->sigData == NULL) { - ERROR_OUT(MEMORY_E, exit_scv); + if (ssl->hsType == DYNAMIC_TYPE_RSA) { + int sigLen = MAX_SIG_DATA_SZ; + if (args->length > MAX_SIG_DATA_SZ) + sigLen = args->length; + args->sigData = (byte*)XMALLOC(sigLen, ssl->heap, + DYNAMIC_TYPE_SIGNATURE); + args->sigDataSz = sigLen; + } + else { + args->sigData = (byte*)XMALLOC(MAX_SIG_DATA_SZ, ssl->heap, + DYNAMIC_TYPE_SIGNATURE); + } + if (args->sigData == NULL) { + ERROR_OUT(MEMORY_E, exit_scv); + } } /* Create the data to be signed. */