From daa1cd634ea38b29f1cc322d21424af349827ca6 Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Mon, 7 Mar 2016 15:01:07 -0800
Subject: [PATCH] Fixes scan-build warning with "--enable-opensslextra
 --disable-memory". Problem was different #if defines on the InitX509 and
 FreeX509, which caused the static analyzer to think the "x509->dynamicMemory"
 was always true.

---
 src/internal.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/internal.c b/src/internal.c
index 7cebc84d4..91caeeb3f 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -1923,7 +1923,7 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx)
     ssl->buffers.outputBuffer.buffer = ssl->buffers.outputBuffer.staticBuffer;
     ssl->buffers.outputBuffer.bufferSize  = STATIC_BUFFER_LEN;
 
-#ifdef KEEP_PEER_CERT
+#if defined(KEEP_PEER_CERT) || defined(GOAHEAD_WS)
     InitX509(&ssl->peerCert, 0);
 #endif
 
@@ -2204,7 +2204,7 @@ void SSL_ResourceFree(WOLFSSL* ssl)
         nx_packet_release(ssl->nxCtx.nxPacket);
 #endif
 #if defined(KEEP_PEER_CERT) || defined(GOAHEAD_WS)
-    FreeX509(&(ssl->peerCert));   /* clang thinks this frees ssl itslef */
+    FreeX509(&ssl->peerCert);
 #endif
 }