From a130ce2eed31b77e7e36bb42b23eb7f562d6afe2 Mon Sep 17 00:00:00 2001
From: Jacob Barthelmeh <jacob@wolfssl.com>
Date: Mon, 6 May 2019 15:51:42 -0600
Subject: [PATCH 1/2] free any existing ke before updating

---
 src/tls.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/tls.c b/src/tls.c
index 905ba0320..1821d49c6 100644
--- a/src/tls.c
+++ b/src/tls.c
@@ -7349,6 +7349,7 @@ int TLSX_KeyShare_Use(WOLFSSL* ssl, word16 group, word16 len, byte* data,
     }
 
     if (data != NULL) {
+        XFREE(keyShareEntry->ke, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
         keyShareEntry->ke = data;
         keyShareEntry->keLen = len;
     }

From 9205ee70f4a2b6dcf76b25154f2c650566cd1b16 Mon Sep 17 00:00:00 2001
From: Jacob Barthelmeh <jacob@wolfssl.com>
Date: Wed, 8 May 2019 16:04:20 -0600
Subject: [PATCH 2/2] add null check on pointer before passing to XFREE

---
 src/tls.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/tls.c b/src/tls.c
index 1821d49c6..209d8e5ff 100644
--- a/src/tls.c
+++ b/src/tls.c
@@ -7349,7 +7349,9 @@ int TLSX_KeyShare_Use(WOLFSSL* ssl, word16 group, word16 len, byte* data,
     }
 
     if (data != NULL) {
-        XFREE(keyShareEntry->ke, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
+        if (keyShareEntry->ke != NULL) {
+            XFREE(keyShareEntry->ke, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
+        }
         keyShareEntry->ke = data;
         keyShareEntry->keLen = len;
     }