From 971df19c5cabc2629c0ec964a6cbfdc50134dc71 Mon Sep 17 00:00:00 2001
From: Andras Fekete <andras@wolfssl.com>
Date: Tue, 12 Sep 2023 17:06:54 -0400
Subject: [PATCH 1/3] Missing fix

---
 async-check.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/async-check.sh b/async-check.sh
index 28599c471..ccfce052a 100755
--- a/async-check.sh
+++ b/async-check.sh
@@ -75,7 +75,7 @@ function Test() {
 function Remove() {
     UnlinkFiles
 
-    rm -rf ./async
+    rm -rf ${ASYNC_DIR}
 }
 
 if [ "$#" -gt 1 ]; then

From 2f63eb070e40cfee4fedb8ca39282b91add5e059 Mon Sep 17 00:00:00 2001
From: Andras Fekete <andras@wolfssl.com>
Date: Wed, 13 Sep 2023 14:05:57 -0400
Subject: [PATCH 2/3] Fix memory leak if the function is being called again
 because of a retry

---
 src/tls13.c | 27 +++++++++++++++------------
 1 file changed, 15 insertions(+), 12 deletions(-)

diff --git a/src/tls13.c b/src/tls13.c
index 9d668ecd3..6940ea139 100644
--- a/src/tls13.c
+++ b/src/tls13.c
@@ -8665,19 +8665,22 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
             }
             EncodeSigAlg(ssl->options.hashAlgo, args->sigAlgo, args->verify);
 
-            if (ssl->hsType == DYNAMIC_TYPE_RSA) {
-                int sigLen = MAX_SIG_DATA_SZ;
-                if (args->length > MAX_SIG_DATA_SZ)
-                    sigLen = args->length;
-                args->sigData = (byte*)XMALLOC(sigLen, ssl->heap,
-                                                        DYNAMIC_TYPE_SIGNATURE);
-            }
-            else {
-                args->sigData = (byte*)XMALLOC(MAX_SIG_DATA_SZ, ssl->heap,
-                                                        DYNAMIC_TYPE_SIGNATURE);
-            }
             if (args->sigData == NULL) {
-                ERROR_OUT(MEMORY_E, exit_scv);
+                if (ssl->hsType == DYNAMIC_TYPE_RSA) {
+                    int sigLen = MAX_SIG_DATA_SZ;
+                    if (args->length > MAX_SIG_DATA_SZ)
+                        sigLen = args->length;
+                    args->sigData = (byte*)XMALLOC(sigLen, ssl->heap,
+                                                            DYNAMIC_TYPE_SIGNATURE);
+                    args->sigDataSz = sigLen;
+                }
+                else {
+                    args->sigData = (byte*)XMALLOC(MAX_SIG_DATA_SZ, ssl->heap,
+                                                            DYNAMIC_TYPE_SIGNATURE);
+                }
+                if (args->sigData == NULL) {
+                    ERROR_OUT(MEMORY_E, exit_scv);
+                }
             }
 
             /* Create the data to be signed. */

From 3d332a4fadd924e609bccdbc30006d38b8bd4f86 Mon Sep 17 00:00:00 2001
From: Andras Fekete <andras@wolfssl.com>
Date: Wed, 13 Sep 2023 14:41:21 -0400
Subject: [PATCH 3/3] Remove accidental code change

---
 src/tls13.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/tls13.c b/src/tls13.c
index 6940ea139..ec16c6ae2 100644
--- a/src/tls13.c
+++ b/src/tls13.c
@@ -8672,7 +8672,6 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
                         sigLen = args->length;
                     args->sigData = (byte*)XMALLOC(sigLen, ssl->heap,
                                                             DYNAMIC_TYPE_SIGNATURE);
-                    args->sigDataSz = sigLen;
                 }
                 else {
                     args->sigData = (byte*)XMALLOC(MAX_SIG_DATA_SZ, ssl->heap,