From 76a498f7eab5ffaf1ddff4f378dd6aa30c902550 Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Fri, 27 Mar 2026 17:07:53 -0500 Subject: [PATCH] wolfcrypt/src/asn.c: fix invalid-pointer-pair "wild pointer" in CheckCertSignature_ex(). --- wolfcrypt/src/asn.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index f9d20cb86c..dab2193100 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -21339,11 +21339,9 @@ static int CheckCertSignature_ex(const byte* cert, word32 certSz, void* heap, ret = BAD_FUNC_ARG; } - ALLOC_ASNGETDATA(dataASN, x509CertASN_Length, ret, heap); + CALLOC_ASNGETDATA(dataASN, x509CertASN_Length, ret, heap); if ((ret == 0) && (!req)) { - /* Clear dynamic data for certificate items. */ - XMEMSET(dataASN, 0, sizeof(ASNGetData) * x509CertASN_Length); /* Set OID types expected for signature and public key. */ GetASN_OID(&dataASN[X509CERTASN_IDX_TBS_ALGOID_OID], oidSigType); GetASN_OID(&dataASN[X509CERTASN_IDX_TBS_SPUBKEYINFO_ALGO_OID], @@ -21406,8 +21404,6 @@ static int CheckCertSignature_ex(const byte* cert, word32 certSz, void* heap, #ifndef WOLFSSL_CERT_REQ ret = NOT_COMPILED_IN; #else - /* Clear dynamic data for certificate request items. */ - XMEMSET(dataASN, 0, sizeof(ASNGetData) * certReqASN_Length); /* Set OID types expected for signature and public key. */ GetASN_OID(&dataASN[CERTREQASN_IDX_INFO_SPUBKEYINFO_ALGOID_OID], oidKeyType);