Fix possible leak for ecc non-blocking crypto

This commit is contained in:
David Garske
2026-03-24 14:44:28 -07:00
parent 636f0e50a1
commit 6cc94b07a4
+16 -3
View File
@@ -8579,8 +8579,15 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse)
/* Cleanup on error, otherwise data owned by key share entry */
XFREE(kse->pubKey, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
kse->pubKey = NULL;
if (eccKey != NULL)
if (eccKey != NULL) {
#if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \
defined(WC_ASYNC_ENABLE_ECC)
if (eccKey->nb_ctx != NULL) {
XFREE(eccKey->nb_ctx, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
}
#endif
wc_ecc_free(eccKey);
}
XFREE(kse->key, ssl->heap, DYNAMIC_TYPE_PRIVATE_KEY);
kse->key = NULL;
}
@@ -9817,8 +9824,14 @@ static int TLSX_KeyShare_ProcessEcc_ex(WOLFSSL* ssl,
ssl->peerEccKey = NULL;
ssl->peerEccKeyPresent = 0;
}
if (keyShareEntry->key) {
wc_ecc_free((ecc_key*)keyShareEntry->key);
if (eccKey != NULL) {
#if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \
defined(WC_ASYNC_ENABLE_ECC)
if (eccKey->nb_ctx != NULL) {
XFREE(eccKey->nb_ctx, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
}
#endif
wc_ecc_free(eccKey);
XFREE(keyShareEntry->key, ssl->heap, DYNAMIC_TYPE_ECC);
keyShareEntry->key = NULL;
}