From 807214dc559c86e9cacce564fb0dbc7586ffece2 Mon Sep 17 00:00:00 2001 From: Mattia Moffa Date: Fri, 17 Apr 2026 19:32:23 +0200 Subject: [PATCH] Avoid unneeded temporary stack buffer; remove redundant check --- src/ocsp.c | 2 +- wolfcrypt/src/evp.c | 10 ++++------ 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/src/ocsp.c b/src/ocsp.c index 9de23cb9ea..8c779c6247 100644 --- a/src/ocsp.c +++ b/src/ocsp.c @@ -759,7 +759,7 @@ int wolfSSL_OCSP_resp_find_status(WOLFSSL_OCSP_BASICRESP *bs, single = single->next; } - if (single == NULL || single->status == NULL) + if (single == NULL) return WOLFSSL_FAILURE; if (status != NULL) diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c index eeb9aec4da..6f73386ce8 100644 --- a/wolfcrypt/src/evp.c +++ b/wolfcrypt/src/evp.c @@ -4317,11 +4317,6 @@ int wolfSSL_EVP_SignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sigret, #ifndef NO_DSA case WC_EVP_PKEY_DSA: { int bytes; - unsigned char tmpSig[DSA_MAX_SIG_SIZE]; - ret = wolfSSL_DSA_do_sign(md, tmpSig, pkey->dsa); - /* wolfSSL_DSA_do_sign() can return WOLFSSL_FATAL_ERROR */ - if (ret != WOLFSSL_SUCCESS) - return ret; bytes = wolfSSL_BN_num_bytes(pkey->dsa->q); if (bytes == WC_NO_ERR_TRACE(WOLFSSL_FAILURE) || bytes > DSA_MAX_HALF_SIZE || @@ -4329,7 +4324,10 @@ int wolfSSL_EVP_SignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sigret, { return WOLFSSL_FAILURE; } - XMEMCPY(sigret, tmpSig, bytes * 2); + ret = wolfSSL_DSA_do_sign(md, sigret, pkey->dsa); + /* wolfSSL_DSA_do_sign() can return WOLFSSL_FATAL_ERROR */ + if (ret != WOLFSSL_SUCCESS) + return ret; *siglen = (unsigned int)(bytes * 2); return WOLFSSL_SUCCESS; }