From e51399ca0f47392edfca452c0a64dcbccd11dd43 Mon Sep 17 00:00:00 2001
From: kaleb-himes <kaleb@wolfssl.com>
Date: Thu, 5 Oct 2023 17:05:36 -0600
Subject: [PATCH] Do the success checkout out front

---
 src/ssl_certman.c | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/src/ssl_certman.c b/src/ssl_certman.c
index 9f227be15..46011595f 100644
--- a/src/ssl_certman.c
+++ b/src/ssl_certman.c
@@ -782,7 +782,7 @@ int wolfSSL_CertManagerVerify(WOLFSSL_CERT_MANAGER* cm, const char* fname,
 #ifndef WOLFSSL_SMALL_STACK
     byte   staticBuffer[FILE_BUFFER_SIZE];
 #endif
-    byte*  buff;
+    byte*  buff = NULL;
     long   sz = 0;
     XFILE  file = XBADFILE;
 
@@ -814,16 +814,15 @@ int wolfSSL_CertManagerVerify(WOLFSSL_CERT_MANAGER* cm, const char* fname,
      * small. */
 #ifndef WOLFSSL_SMALL_STACK
     if ((ret == WOLFSSL_SUCCESS) && (sz > (long)sizeof(staticBuffer)))
+#else
+
+    if (ret == WOLFSSL_SUCCESS)
 #endif
     {
         WOLFSSL_MSG("Getting dynamic buffer");
         buff = (byte*)XMALLOC((size_t)sz, cm->heap, DYNAMIC_TYPE_FILE);
         if (buff == NULL) {
-            /* If some other error has already occurred preserve that code
-             * return WOLFSSL_BAD_FILE if that is the only error condition */
-            if (ret == WOLFSSL_SUCCESS) {
-                ret = WOLFSSL_BAD_FILE;
-            }
+            ret = WOLFSSL_BAD_FILE;
         }
     }
     /* Read all the file into buffer. */