diff --git a/wolfcrypt/src/dh.c b/wolfcrypt/src/dh.c index ed2c1548b..1387f3b1d 100644 --- a/wolfcrypt/src/dh.c +++ b/wolfcrypt/src/dh.c @@ -2099,7 +2099,8 @@ int wc_DhGenerateParams(WC_RNG *rng, int modSz, DhKey *dh) int groupSz = 0, bufSz = 0, primeCheckCount = 0, primeCheck = MP_NO, - ret = 0; + ret = 0, + tmp_valid = 0; unsigned char *buf = NULL; if (rng == NULL || dh == NULL) @@ -2149,10 +2150,11 @@ int wc_DhGenerateParams(WC_RNG *rng, int modSz, DhKey *dh) != MP_OKAY) { ret = MP_INIT_E; } - } - else { - (void)XMEMSET(&tmp, 0, sizeof(mp_int)); - (void)XMEMSET(&tmp2, 0, sizeof(mp_int)); + else + { + /* tmp and tmp2 are initialized */ + tmp_valid = 1; + } } if (ret == 0) { @@ -2239,8 +2241,11 @@ int wc_DhGenerateParams(WC_RNG *rng, int modSz, DhKey *dh) XFREE(buf, dh->heap, DYNAMIC_TYPE_TMP_BUFFER); } } - mp_clear(&tmp); - mp_clear(&tmp2); + + if (tmp_valid) { + mp_clear(&tmp); + mp_clear(&tmp2); + } return ret; } diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index 0e4954667..27bfdd713 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -7020,6 +7020,7 @@ int wc_ecc_sig_to_rs(const byte* sig, word32 sigLen, byte* r, word32* rLen, byte* s, word32* sLen) { int err; + int tmp_valid = 0; word32 x = 0; #ifdef WOLFSSL_SMALL_STACK mp_int* rtmp = NULL; @@ -7043,11 +7044,13 @@ int wc_ecc_sig_to_rs(const byte* sig, word32 sigLen, byte* r, word32* rLen, } #endif - (void)XMEMSET(&rtmp, 0, sizeof(mp_int)); - (void)XMEMSET(&stmp, 0, sizeof(mp_int)); - err = DecodeECC_DSA_Sig(sig, sigLen, rtmp, stmp); + /* rtmp and stmp are initialized */ + if (err == MP_OKAY) { + tmp_valid = 1; + } + /* extract r */ if (err == MP_OKAY) { x = mp_unsigned_bin_size(rtmp); @@ -7072,8 +7075,10 @@ int wc_ecc_sig_to_rs(const byte* sig, word32 sigLen, byte* r, word32* rLen, } } - mp_clear(rtmp); - mp_clear(stmp); + if (tmp_valid) { + mp_clear(rtmp); + mp_clear(stmp); + } #ifdef WOLFSSL_SMALL_STACK XFREE(stmp, NULL, DYNAMIC_TYPE_ECC); XFREE(rtmp, NULL, DYNAMIC_TYPE_ECC);