diff --git a/src/keys.c b/src/keys.c index 207640775..176a46a6c 100644 --- a/src/keys.c +++ b/src/keys.c @@ -2278,7 +2278,7 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs, enc->des3 = (Des3*)XMALLOC(sizeof(Des3), heap, DYNAMIC_TYPE_CIPHER); if (enc->des3 == NULL) return MEMORY_E; - XMEMSET(enc->des3, 0, sizeof(Aes)); + XMEMSET(enc->des3, 0, sizeof(Des3)); } if (dec) { if (dec->des3 == NULL) diff --git a/src/ocsp.c b/src/ocsp.c index d481ab676..484b238b2 100644 --- a/src/ocsp.c +++ b/src/ocsp.c @@ -742,11 +742,15 @@ WOLFSSL_OCSP_BASICRESP* wolfSSL_OCSP_response_get1_basic(OcspResponse* response) DYNAMIC_TYPE_TMP_BUFFER); bs->source = (byte*)XMALLOC(bs->maxIdx, NULL, DYNAMIC_TYPE_TMP_BUFFER); if (bs->status == NULL || bs->source == NULL) { + if (bs->status) XFREE(bs->status, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (bs->source) XFREE(bs->source, NULL, DYNAMIC_TYPE_TMP_BUFFER); wolfSSL_OCSP_RESPONSE_free(bs); bs = NULL; } - XMEMCPY(bs->status, response->status, sizeof(CertStatus)); - XMEMCPY(bs->source, response->source, response->maxIdx); + else { + XMEMCPY(bs->status, response->status, sizeof(CertStatus)); + XMEMCPY(bs->source, response->source, response->maxIdx); + } return bs; } @@ -765,7 +769,7 @@ OcspRequest* wolfSSL_OCSP_REQUEST_new(void) void wolfSSL_OCSP_REQUEST_free(OcspRequest* request) { FreeOcspRequest(request); - XFREE(request, 0, DYNAMIC_TYPE_OPENSSL); + XFREE(request, NULL, DYNAMIC_TYPE_OPENSSL); } int wolfSSL_i2d_OCSP_REQUEST(OcspRequest* request, unsigned char** data) diff --git a/src/ssl.c b/src/ssl.c index fee006231..015bcca16 100755 --- a/src/ssl.c +++ b/src/ssl.c @@ -23996,7 +23996,7 @@ int wolfSSL_X509_STORE_CTX_get1_issuer(WOLFSSL_X509 **issuer, cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL, DYNAMIC_TYPE_TMP_BUFFER); if (cert == NULL) - return NULL; + return SSL_FAILURE; #endif /* Use existing CA retrieval APIs that use DecodedCert. */