From 0ab5401edf809b8f93edadba757e5aa5ce43a743 Mon Sep 17 00:00:00 2001 From: Zackery Backman Date: Wed, 8 Apr 2026 13:15:31 -0600 Subject: [PATCH] Fix cast-away-const in ws_ctx_ssl_set_tmp_dh: allocate DerBuffer with actual size and copy data instead of pointing at caller's const buffer, which caused FreeDer to free non-owned memory. --- src/ssl_load.c | 8 +++----- tests/api.c | 4 ++-- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/src/ssl_load.c b/src/ssl_load.c index 855f177922..1dc7ccc250 100644 --- a/src/ssl_load.c +++ b/src/ssl_load.c @@ -5930,12 +5930,10 @@ static int ws_ctx_ssl_set_tmp_dh(WOLFSSL_CTX* ctx, WOLFSSL* ssl, /* PemToDer allocates its own DER buffer. */ if ((res == 1) && (format != WOLFSSL_FILETYPE_PEM)) { - /* Create an empty DER buffer. */ - ret = AllocDer(&der, 0, DH_PARAM_TYPE, heap); + /* Create a DER buffer and copy in the encoded DH parameters. */ + ret = AllocDer(&der, (word32)sz, DH_PARAM_TYPE, heap); if (ret == 0) { - /* Assign encoded DH parameters to DER buffer. */ - der->buffer = (byte*)buf; - der->length = (word32)sz; + XMEMCPY(der->buffer, buf, (word32)sz); } else { res = ret; diff --git a/tests/api.c b/tests/api.c index 435ced37e4..cdc7b02971 100644 --- a/tests/api.c +++ b/tests/api.c @@ -1718,7 +1718,7 @@ static int test_wolfSSL_use_AltPrivateKey_Id(void) ExpectIntEQ(wolfSSL_use_AltPrivateKey_Id(ssl, NULL, sizeof(id), INVALID_DEVID), 0); - /* Positive test — valid ID should succeed. */ + /* Positive test - valid ID should succeed. */ ExpectIntEQ(wolfSSL_use_AltPrivateKey_Id(ssl, id, sizeof(id), INVALID_DEVID), 1); @@ -1748,7 +1748,7 @@ static int test_wolfSSL_use_AltPrivateKey_Label(void) 0); ExpectIntEQ(wolfSSL_use_AltPrivateKey_Label(ssl, NULL, INVALID_DEVID), 0); - /* Positive test — valid label should succeed. */ + /* Positive test - valid label should succeed. */ ExpectIntEQ(wolfSSL_use_AltPrivateKey_Label(ssl, "test_label", INVALID_DEVID), 1);