From 200e6b6495625f80cf8df93d7b1916589177d55b Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Fri, 19 Dec 2025 10:11:15 -0600 Subject: [PATCH] wolfcrypt/src/sha512.c: in wc_Sha512Transform(), fix sequence of check added by 3b768bcb5e, fix WOLFSSL_SMALL_STACK double-declaration of buffer, and fix gate on XFREE(buffer, ...). --- wolfcrypt/src/sha512.c | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/wolfcrypt/src/sha512.c b/wolfcrypt/src/sha512.c index 5966f2c9c..d74ea9672 100644 --- a/wolfcrypt/src/sha512.c +++ b/wolfcrypt/src/sha512.c @@ -1169,22 +1169,23 @@ int wc_Sha512Transform(wc_Sha512* sha, const unsigned char* data) int ret; /* back up buffer */ WC_DECLARE_VAR(buffer, word64, WC_SHA512_BLOCK_SIZE / sizeof(word64), 0); -#if defined(WOLFSSL_SMALL_STACK_CACHE) - if (sha->W == NULL) - return BAD_FUNC_ARG; - buffer = sha->W + 16; -#elif defined(WOLFSSL_SMALL_STACK) - word64 *buffer = (word64*)XMALLOC(WC_SHA512_BLOCK_SIZE, sha->heap, - DYNAMIC_TYPE_TMP_BUFFER); - if (buffer == NULL) - return MEMORY_E; -#endif /* sanity check */ if (sha == NULL || data == NULL) { return BAD_FUNC_ARG; } +#if defined(WOLFSSL_SMALL_STACK_CACHE) + if (sha->W == NULL) + return BAD_FUNC_ARG; + buffer = sha->W + 16; +#elif defined(WOLFSSL_SMALL_STACK) + buffer = (word64*)XMALLOC(WC_SHA512_BLOCK_SIZE, sha->heap, + DYNAMIC_TYPE_TMP_BUFFER); + if (buffer == NULL) + return MEMORY_E; +#endif + #if defined(USE_INTEL_SPEEDUP) && \ (defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2)) Sha512_SetTransform(); @@ -1207,7 +1208,7 @@ int wc_Sha512Transform(wc_Sha512* sha, const unsigned char* data) ret = Transform_Sha512(sha); XMEMCPY(sha->buffer, buffer, WC_SHA512_BLOCK_SIZE); -#ifdef WOLFSSL_SMALL_STACK +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_SMALL_STACK_CACHE) XFREE(buffer, sha->heap, DYNAMIC_TYPE_TMP_BUFFER); #endif return ret;