From f621defefe32a27912ac508d7f23c1cbf9495f66 Mon Sep 17 00:00:00 2001
From: Masashi Honma <masashi.honma@gmail.com>
Date: Tue, 16 Nov 2021 08:50:23 +0900
Subject: [PATCH] Fix the segfault occurs when mp_clear() is executed for
 uninitialized mp_int on i386

test_wc_DsaSignVerify() passes the tests but causes an error.

free(): invalid pointer

If NULL is passed as the digest argument of wc_DsaVerify(), mp_clear() will be
called before mp_init() is called. On qemu-i386, the dp field of the mp_int
structure is non-null by default, which causes a segmentation fault when calling
mp_clear(). However, if WOLFSSL_SMALL_STACK is enabled, this problem does not
occur.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
---
 wolfcrypt/src/dsa.c | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/wolfcrypt/src/dsa.c b/wolfcrypt/src/dsa.c
index 39ff55040..ee937d51b 100644
--- a/wolfcrypt/src/dsa.c
+++ b/wolfcrypt/src/dsa.c
@@ -997,12 +997,10 @@ int wc_DsaVerify(const byte* digest, const byte* sig, DsaKey* key, int* answer)
     int    ret = 0;
     int    qSz;
 
-    do {
-        if (digest == NULL || sig == NULL || key == NULL || answer == NULL) {
-            ret = BAD_FUNC_ARG;
-            break;
-        }
+    if (digest == NULL || sig == NULL || key == NULL || answer == NULL)
+        return BAD_FUNC_ARG;
 
+    do {
 #ifdef WOLFSSL_SMALL_STACK
         w = (mp_int *)XMALLOC(sizeof *w, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
         u1 = (mp_int *)XMALLOC(sizeof *u1, key->heap, DYNAMIC_TYPE_TMP_BUFFER);