From 6cc94b07a44dbb6eaba0baa7df94182ed1d7ff9d Mon Sep 17 00:00:00 2001 From: David Garske Date: Tue, 24 Mar 2026 14:44:28 -0700 Subject: [PATCH] Fix possible leak for ecc non-blocking crypto --- src/tls.c | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/src/tls.c b/src/tls.c index 535b43826b..16df26167f 100644 --- a/src/tls.c +++ b/src/tls.c @@ -8579,8 +8579,15 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse) /* Cleanup on error, otherwise data owned by key share entry */ XFREE(kse->pubKey, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); kse->pubKey = NULL; - if (eccKey != NULL) + if (eccKey != NULL) { + #if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \ + defined(WC_ASYNC_ENABLE_ECC) + if (eccKey->nb_ctx != NULL) { + XFREE(eccKey->nb_ctx, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER); + } + #endif wc_ecc_free(eccKey); + } XFREE(kse->key, ssl->heap, DYNAMIC_TYPE_PRIVATE_KEY); kse->key = NULL; } @@ -9817,8 +9824,14 @@ static int TLSX_KeyShare_ProcessEcc_ex(WOLFSSL* ssl, ssl->peerEccKey = NULL; ssl->peerEccKeyPresent = 0; } - if (keyShareEntry->key) { - wc_ecc_free((ecc_key*)keyShareEntry->key); + if (eccKey != NULL) { + #if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \ + defined(WC_ASYNC_ENABLE_ECC) + if (eccKey->nb_ctx != NULL) { + XFREE(eccKey->nb_ctx, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER); + } + #endif + wc_ecc_free(eccKey); XFREE(keyShareEntry->key, ssl->heap, DYNAMIC_TYPE_ECC); keyShareEntry->key = NULL; }