From 67c1d65ef77d8e82d358ab384e7acd670dd32379 Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Mon, 8 Jun 2026 18:07:38 -0500 Subject: [PATCH] fixes for F-2554 Missing wc_ecc_free Before free in km_ecdh_init When wc_ecc_set_rng Fails F-2555 Missing wc_FreeDhKey Before free in km_ffdhe_init When wc_DhSetNamedKey Fails --- linuxkm/lkcapi_dh_glue.c | 1 + linuxkm/lkcapi_ecdh_glue.c | 1 + 2 files changed, 2 insertions(+) diff --git a/linuxkm/lkcapi_dh_glue.c b/linuxkm/lkcapi_dh_glue.c index 5fb3dd2ffd..02dcf5d780 100644 --- a/linuxkm/lkcapi_dh_glue.c +++ b/linuxkm/lkcapi_dh_glue.c @@ -779,6 +779,7 @@ static int km_ffdhe_init(struct crypto_kpp *tfm, int name, word32 nbits) pr_err("%s: wc_DhSetNamedKey returned: %d\n", WOLFKM_DH_DRIVER, err); #endif /* WOLFKM_DEBUG_DH */ + wc_FreeDhKey(ctx->key); free(ctx->key); ctx->key = NULL; return -ENOMEM; diff --git a/linuxkm/lkcapi_ecdh_glue.c b/linuxkm/lkcapi_ecdh_glue.c index f562285306..57a0831547 100644 --- a/linuxkm/lkcapi_ecdh_glue.c +++ b/linuxkm/lkcapi_ecdh_glue.c @@ -415,6 +415,7 @@ static int km_ecdh_init(struct crypto_kpp *tfm, int curve_id) #ifdef ECC_TIMING_RESISTANT ret = wc_ecc_set_rng(ctx->key, &ctx->rng); if (ret < 0) { + wc_ecc_free(ctx->key); free(ctx->key); ctx->key = NULL; return -ENOMEM;