From 48ba365fd604ea1afc8f2c453c5809838e84b18f Mon Sep 17 00:00:00 2001
From: Daniel Pouzzner <douzzer@wolfssl.com>
Date: Tue, 8 Nov 2022 14:04:16 -0600
Subject: [PATCH] fixes for defects:

clang-analyzer-deadcode.DeadStores in examples/server/server.c;

-Werror=use-after-free and LeakSanitizer Direct leak in tests/api.c;

nullPointerRedundantCheck in src/pk.c which identified a semantically consequential flub.
---
 examples/server/server.c | 2 ++
 src/pk.c                 | 2 +-
 tests/api.c              | 5 ++++-
 3 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/examples/server/server.c b/examples/server/server.c
index 5ff87c922..06dfc4f72 100644
--- a/examples/server/server.c
+++ b/examples/server/server.c
@@ -578,7 +578,9 @@ static void ServerRead(WOLFSSL* ssl, char* input, int inputLen)
         else if (SSL_get_error(ssl, 0) == 0 &&
                             tcp_select(SSL_get_fd(ssl), 0) == TEST_RECV_READY) {
             /* do a peek and check for "pending" */
+            #ifdef WOLFSSL_ASYNC_CRYPT
             err = 0;
+            #endif
             do {
             #ifdef WOLFSSL_ASYNC_CRYPT
                 if (err == WC_PENDING_E) {
diff --git a/src/pk.c b/src/pk.c
index 916cd59ae..ca0192312 100644
--- a/src/pk.c
+++ b/src/pk.c
@@ -3112,7 +3112,7 @@ WC_RNG* WOLFSSL_RSA_GetRNG(WOLFSSL_RSA* rsa, WC_RNG** tmpRng, int* initTmpRng)
     if ((!err) && (rng == NULL) && (tmpRng != NULL)) {
         /* Make an RNG with tmpRng or get global. */
         rng = wolfssl_make_rng(*tmpRng, initTmpRng);
-        if ((rng != NULL) && initTmpRng) {
+        if ((rng != NULL) && *initTmpRng) {
             *tmpRng = rng;
         }
     }
diff --git a/tests/api.c b/tests/api.c
index 935fa4e7a..ca796a469 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -43525,6 +43525,9 @@ static int test_wolfSSL_PEM_read_DHparams(void)
     AssertIntEQ(derOutSz, derExpectedSz);
     AssertIntEQ(XMEMCMP(derOut, derExpected, derOutSz), 0);
 
+    DH_free(dh);
+    dh = NULL;
+
     /* Test parsing with X9.42 header */
     fp = XFOPEN("./certs/x942dh2048.pem", "rb");
     AssertNotNull(dh = PEM_read_DHparams(fp, &dh, NULL, NULL));
@@ -56139,11 +56142,11 @@ static int test_wolfSSL_PEM_write_DHparams(void)
     AssertNotNull(fp = XFOPEN("./test-write-dhparams.pem", "wb"));
     AssertIntEQ(PEM_write_DHparams(fp, dh), WOLFSSL_SUCCESS);
     AssertIntEQ(PEM_write_DHparams(fp, NULL), WOLFSSL_FAILURE);
-    XFCLOSE(fp);
     DH_free(dh);
 
     dh = wolfSSL_DH_new();
     AssertIntEQ(PEM_write_DHparams(fp, dh), WOLFSSL_FAILURE);
+    XFCLOSE(fp);
     wolfSSL_DH_free(dh);
 
     /* check results */