From 45ef68d5c7ede672bd3c7349e3913b80b693a5cc Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Thu, 24 Jun 2021 16:03:12 -0700
Subject: [PATCH] Fix for async with fragmented packets where inline crypto
 could be overwritten on reprocessing fragment. FIxes unit tests with
 `--enable-all --enable-asynccrypt`. Minor cleanup for line length and free
 verify RSA buffer sooner.

Reproducible with:

```
./examples/server/server -v 3 -l ECDHE-ECDSA-AES256-GCM-SHA384 -c ./certs/server-ecc.pem -k ./certs/ecc-key.pem -2
./examples/client/client -v 3 -l ECDHE-ECDSA-AES256-GCM-SHA384 -A ./certs/ca-ecc-cert.pem -F 6 -2
```
---
 src/internal.c | 32 +++++++++++++++++++++-----------
 1 file changed, 21 insertions(+), 11 deletions(-)

diff --git a/src/internal.c b/src/internal.c
index a0a2e1500..ca714d9bf 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -13698,8 +13698,15 @@ static int DoHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
         if (inputLength > pendSz)
             inputLength = pendSz;
 
-        XMEMCPY(ssl->arrays->pendingMsg + ssl->arrays->pendingMsgOffset,
-                input + *inOutIdx, inputLength);
+    #ifdef WOLFSSL_ASYNC_CRYPT
+        if (ssl->error != WC_PENDING_E)
+    #endif
+        {
+            /* for async this copy was already done, do not replace, since
+             * conents may have been changed for inline operations */
+            XMEMCPY(ssl->arrays->pendingMsg + ssl->arrays->pendingMsgOffset,
+                    input + *inOutIdx, inputLength);
+        }
         ssl->arrays->pendingMsgOffset += inputLength;
         *inOutIdx += inputLength;
 
@@ -25767,6 +25774,12 @@ int SendCertificateVerify(WOLFSSL* ssl)
                         args->sigAlgo, ssl->suites->hashAlgo, key,
                         ssl->buffers.key
                     );
+
+                    /* free temporary buffer now */
+                    if (ret != WC_PENDING_E) {
+                        XFREE(args->verifySig, ssl->heap, DYNAMIC_TYPE_SIGNATURE);
+                        args->verifySig = NULL;
+                    }
                     break;
                 }
             #endif /* !NO_RSA */
@@ -25799,8 +25812,9 @@ int SendCertificateVerify(WOLFSSL* ssl)
 
         case TLS_ASYNC_END:
         {
-            ret = SendHandshakeMsg(ssl, args->output, (word32)args->length + args->extraSz +
-                    VERIFY_HEADER, certificate_verify, "CertificateVerify");
+            ret = SendHandshakeMsg(ssl, args->output,
+                (word32)args->length + args->extraSz + VERIFY_HEADER,
+                certificate_verify, "CertificateVerify");
             if (ret != 0)
                 goto exit_scv;
 
@@ -29352,14 +29366,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
                         else
                     #endif
                         {
-                        #ifdef WOLFSSL_SMALL_STACK
-                            byte* encodedSig;
-                        #else
+                        #ifndef WOLFSSL_SMALL_STACK
                             byte  encodedSig[MAX_ENCODED_SIG_SZ];
-                        #endif
-
-                        #ifdef WOLFSSL_SMALL_STACK
-                            encodedSig = (byte*)XMALLOC(MAX_ENCODED_SIG_SZ,
+                        #else
+                            byte* encodedSig = (byte*)XMALLOC(MAX_ENCODED_SIG_SZ,
                                              ssl->heap, DYNAMIC_TYPE_SIGNATURE);
                             if (encodedSig == NULL) {
                                 ERROR_OUT(MEMORY_E, exit_dcv);