avoid callback buffer overwrite with sha512_224 and remove min from wolfcaam_cmac

wolfcrypt/src/port/caam/wolfcaam_cmac.c

@@ -99,7 +99,8 @@ int wc_CAAM_Cmac(Cmac* cmac, const byte* key, word32 keySz, const byte* in,
                 WOLFSSL_MSG("Error with CMAC buffer size");
                 return -1;
             }
-            add = min(sz, (int)(AES_BLOCK_SIZE - cmac->bufferSz));
+            add = (sz < ((int)(AES_BLOCK_SIZE - cmac->bufferSz))) ? sz :
+                   (int)(AES_BLOCK_SIZE - cmac->bufferSz);
             XMEMCPY(&cmac->buffer[cmac->bufferSz], pt, add);
 
             cmac->bufferSz += add;

wolfcrypt/src/sha512.c

@@ -1110,9 +1110,12 @@ static int Sha512_Family_Final(wc_Sha512* sha512, byte* hash, int digestSz,
 
 #ifdef WOLF_CRYPTO_CB
     if (sha512->devId != INVALID_DEVID) {
-        ret = wc_CryptoCb_Sha512Hash(sha512, NULL, 0, hash);
+        byte localHash[WC_SHA512_DIGEST_SIZE];
-        if (ret != CRYPTOCB_UNAVAILABLE)
+        ret = wc_CryptoCb_Sha512Hash(sha512, NULL, 0, localHash);
+        if (ret != CRYPTOCB_UNAVAILABLE) {
+            XMEMCPY(hash, localHash, digestSz);
             return ret;
+        }
         /* fall-through when unavailable */
     }
 #endif