From 3bfff3bfc5e739c6e306b9a2d5583597216a22dd Mon Sep 17 00:00:00 2001
From: Daniel Pouzzner <douzzer@wolfssl.com>
Date: Fri, 11 Nov 2022 08:51:17 -0600
Subject: [PATCH] wolfcrypt/src/dh.c: fix benign uses of uninited var in
 wc_DhAgree_Sync(), introduced in #5782 -- see oss-fuzz #53177.

---
 wolfcrypt/src/dh.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/wolfcrypt/src/dh.c b/wolfcrypt/src/dh.c
index 18b24bc85..a12a86d04 100644
--- a/wolfcrypt/src/dh.c
+++ b/wolfcrypt/src/dh.c
@@ -2038,7 +2038,9 @@ static int wc_DhAgree_Sync(DhKey* key, byte* agree, word32* agreeSz,
         RESTORE_VECTOR_REGISTERS();
 
         /* make sure agree is > 1 (SP800-56A, 5.7.1.1) */
-        if ((*agreeSz == 0) || ((*agreeSz == 1) && (agree[0] == 1))) {
+        if ((ret == 0) &&
+            ((*agreeSz == 0) || ((*agreeSz == 1) && (agree[0] == 1))))
+        {
             ret = MP_VAL;
         }
 
@@ -2070,7 +2072,9 @@ static int wc_DhAgree_Sync(DhKey* key, byte* agree, word32* agreeSz,
         RESTORE_VECTOR_REGISTERS();
 
         /* make sure agree is > 1 (SP800-56A, 5.7.1.1) */
-        if ((*agreeSz == 0) || ((*agreeSz == 1) && (agree[0] == 1))) {
+        if ((ret == 0) &&
+            ((*agreeSz == 0) || ((*agreeSz == 1) && (agree[0] == 1))))
+        {
             ret = MP_VAL;
         }
 
@@ -2102,7 +2106,9 @@ static int wc_DhAgree_Sync(DhKey* key, byte* agree, word32* agreeSz,
         RESTORE_VECTOR_REGISTERS();
 
         /* make sure agree is > 1 (SP800-56A, 5.7.1.1) */
-        if ((*agreeSz == 0) || ((*agreeSz == 1) && (agree[0] == 1))) {
+        if ((ret == 0) &&
+            ((*agreeSz == 0) || ((*agreeSz == 1) && (agree[0] == 1))))
+        {
             ret = MP_VAL;
         }