Fix for handling hash copies to make sure copied buffer is not free’d. Resolves issues when testing TLS connection with wolfssl_tcp_client and openurl https://www.google.com/.

mcapi/crypto.h

@@ -48,7 +48,7 @@ enum {
 
 /* SHA */
 typedef struct CRYPT_SHA_CTX {
-    int holder[28];   /* big enough to hold internal, but check on init */
+    int holder[29];   /* big enough to hold internal, but check on init */
 } CRYPT_SHA_CTX;
 
 int CRYPT_SHA_Initialize(CRYPT_SHA_CTX*);

wolfcrypt/src/md5.c

@@ -490,6 +490,9 @@ int wc_Md5Copy(Md5* src, Md5* dst)
 #ifdef WOLFSSL_ASYNC_CRYPT
     ret = wolfAsync_DevCopy(&src->asyncDev, &dst->asyncDev);
 #endif
+#ifdef WOLFSSL_PIC32MZ_HASH
+    ret = wc_Pic32HashCopy(&src->cache, &dst->cache);
+#endif
 
     return ret;
 }

wolfcrypt/src/port/pic32/pic32mz-crypt.c

@@ -279,6 +279,15 @@ int wc_Pic32Hash(const byte* in, int inLen, word32* out, int outLen, int algo)
         NULL, 0, NULL, 0);
 }
 
+int wc_Pic32HashCopy(hashUpdCache* src, hashUpdCache* dst)
+{
+    /* mark destination as copy, so cache->buf is not free'd */
+    if (dst) {
+        dst->isCopy = 1;
+    }
+    return 0;
+}
+
 static int wc_Pic32HashUpdate(hashUpdCache* cache, byte* stdBuf, word32 stdBufLen,
  const byte* data, word32 len, void* heap)
 {
@@ -306,12 +315,15 @@ static int wc_Pic32HashUpdate(hashUpdCache* cache, byte* stdBuf, word32 stdBufLe
         /* alloc buffer */
         newBuf = (byte*)XMALLOC(newLenPad, heap, DYNAMIC_TYPE_HASH_TMP);
         if (newBuf == NULL) {
-            if (cache->buf != stdBuf) {
+            if (cache->buf != stdBuf && !cache->isCopy) {
                 XFREE(cache->buf, heap, DYNAMIC_TYPE_HASH_TMP);
+                cache->buf = NULL;
+                cache->updLen = cache->bufLen = 0;
             }
             return MEMORY_E;
         }
         isNewBuf = 1;
+        cache->isCopy = 0; /* no longer using copy buffer */
     }
     else {
         /* use existing buffer */
@@ -347,12 +359,11 @@ static int wc_Pic32HashFinal(hashUpdCache* cache, byte* stdBuf, byte* hash,
     if (ret == 0) {
         XMEMCPY(hash, digest, digestSz);
     }
-    if (cache->buf != stdBuf) {
+    if (cache->buf != stdBuf && !cache->isCopy) {
         XFREE(cache->buf, heap, DYNAMIC_TYPE_HASH_TMP);
     }
     cache->buf = NULL;
-    cache->bufLen = 0;
-    cache->updLen = 0;
+    cache->bufLen = cache->updLen = 0;
 
     return ret;
 }

wolfcrypt/src/sha.c

@@ -597,6 +597,9 @@ int wc_ShaCopy(Sha* src, Sha* dst)
 #ifdef WOLFSSL_ASYNC_CRYPT
     ret = wolfAsync_DevCopy(&src->asyncDev, &dst->asyncDev);
 #endif
+#ifdef WOLFSSL_PIC32MZ_HASH
+    ret = wc_Pic32HashCopy(&src->cache, &dst->cache);
+#endif
 
     return ret;
 }

wolfcrypt/src/sha256.c

@@ -1975,6 +1975,9 @@ int wc_Sha256Copy(Sha256* src, Sha256* dst)
 #ifdef WOLFSSL_ASYNC_CRYPT
     ret = wolfAsync_DevCopy(&src->asyncDev, &dst->asyncDev);
 #endif
+#ifdef WOLFSSL_PIC32MZ_HASH
+    ret = wc_Pic32HashCopy(&src->cache, &dst->cache);
+#endif
 
     return ret;
 }

wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h

@@ -111,6 +111,7 @@ typedef struct hashUpdCache {
     unsigned char*  buf;
     unsigned int    bufLen;
     unsigned int    updLen;
+    int             isCopy;
 } hashUpdCache;
 
 
@@ -187,6 +188,7 @@ int wc_Pic32DesCrypt(word32 *key, int keyLen, word32 *iv, int ivLen,
 
 #ifdef WOLFSSL_PIC32MZ_HASH
 int wc_Pic32Hash(const byte* in, int inLen, word32* out, int outLen, int algo);
+int wc_Pic32HashCopy(hashUpdCache* src, hashUpdCache* dst);
 #endif
 
 #endif /* WOLFSSL_MICROCHIP_PIC32MZ */