Merge pull request #10065 from dgarske/async_nb_leak

Fix possible leak for ecc non-blocking crypto
This commit is contained in:
Daniel Pouzzner
2026-03-30 11:40:02 -05:00
committed by GitHub
+16 -3
View File
@@ -8579,8 +8579,15 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse)
/* Cleanup on error, otherwise data owned by key share entry */
XFREE(kse->pubKey, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
kse->pubKey = NULL;
if (eccKey != NULL)
if (eccKey != NULL) {
#if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \
defined(WC_ASYNC_ENABLE_ECC)
if (eccKey->nb_ctx != NULL) {
XFREE(eccKey->nb_ctx, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
}
#endif
wc_ecc_free(eccKey);
}
XFREE(kse->key, ssl->heap, DYNAMIC_TYPE_PRIVATE_KEY);
kse->key = NULL;
}
@@ -9817,8 +9824,14 @@ static int TLSX_KeyShare_ProcessEcc_ex(WOLFSSL* ssl,
ssl->peerEccKey = NULL;
ssl->peerEccKeyPresent = 0;
}
if (keyShareEntry->key) {
wc_ecc_free((ecc_key*)keyShareEntry->key);
if (eccKey != NULL) {
#if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \
defined(WC_ASYNC_ENABLE_ECC)
if (eccKey->nb_ctx != NULL) {
XFREE(eccKey->nb_ctx, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
}
#endif
wc_ecc_free(eccKey);
XFREE(keyShareEntry->key, ssl->heap, DYNAMIC_TYPE_ECC);
keyShareEntry->key = NULL;
}