From 01fd36b8409b8ecdd965ca98bd1fdf97e7362e84 Mon Sep 17 00:00:00 2001
From: Ruby Martin <ruby@wolfssl.com>
Date: Wed, 16 Jul 2025 11:11:14 -0600
Subject: [PATCH] set a->length to 0 if old data is not kept

---
 src/ssl_asn1.c | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/src/ssl_asn1.c b/src/ssl_asn1.c
index fe5e67c46..f60d45036 100644
--- a/src/ssl_asn1.c
+++ b/src/ssl_asn1.c
@@ -1043,7 +1043,6 @@ static int wolfssl_asn1_integer_require_len(WOLFSSL_ASN1_INTEGER* a, int len,
     int ret = 1;
     byte* data;
     byte* oldData = a->intData;
-    int oldLen = a->length;
 
     if (a->isDynamic && (len > (int)a->dataMax)) {
         oldData = a->data;
@@ -1051,7 +1050,6 @@ static int wolfssl_asn1_integer_require_len(WOLFSSL_ASN1_INTEGER* a, int len,
         a->data = a->intData;
         a->dataMax = (unsigned int)sizeof(a->intData);
     }
-    a->length = 0;
     if ((!a->isDynamic) && (len > (int)a->dataMax)) {
         /* Create a new buffer to hold large integer value. */
         data = (byte*)XMALLOC((size_t)len, NULL, DYNAMIC_TYPE_OPENSSL);
@@ -1068,10 +1066,10 @@ static int wolfssl_asn1_integer_require_len(WOLFSSL_ASN1_INTEGER* a, int len,
     if (keepOldData) {
          if (oldData != a->data) {
              /* Copy old data into new buffer. */
-             XMEMCPY(a->data, oldData, (size_t)oldLen);
+             XMEMCPY(a->data, oldData, (size_t)a->length);
          }
-         /* Restore old length. */
-         a->length = oldLen;
+    } else {
+        a->length = 0;
     }
     if (oldData != a->intData) {
          /* Dispose of the old dynamic data. */