From 5dcd421580cb840c787070017a7575c3b62c31f6 Mon Sep 17 00:00:00 2001
From: Jacob Barthelmeh <jacob@wolfssl.com>
Date: Wed, 3 Jul 2019 17:08:02 -0600
Subject: [PATCH 1/3] scan-build fixes

---
 src/internal.c        | 5 +++++
 wolfcrypt/src/pkcs7.c | 8 +++++---
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/src/internal.c b/src/internal.c
index 5acf7bf8c..c597f9154 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -8555,6 +8555,10 @@ int CopyDecodedToX509(WOLFSSL_X509* x509, DecodedCert* dCert)
     x509->pkCurveOID = dCert->pkCurveOID;
 #endif /* HAVE_ECC */
 
+    if (ret != 0) {
+        wolfSSL_X509_free(x509);
+    }
+
     return ret;
 }
 
@@ -9366,6 +9370,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
             if (args->dCert == NULL) {
                 ERROR_OUT(MEMORY_E, exit_ppc);
             }
+            XMEMSET(args->dCert, 0, sizeof(DecodedCert));
         #endif
 
             /* Advance state and proceed */
diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c
index ce6092914..9b907711a 100644
--- a/wolfcrypt/src/pkcs7.c
+++ b/wolfcrypt/src/pkcs7.c
@@ -11120,12 +11120,14 @@ int wc_PKCS7_DecodeEncryptedData(PKCS7* pkcs7, byte* in, word32 inSz,
             }
 
             /* decrypt encryptedContent */
-            ret = wc_PKCS7_DecryptContent(encOID, pkcs7->encryptionKey,
+            if (ret == 0) {
+                ret = wc_PKCS7_DecryptContent(encOID, pkcs7->encryptionKey,
                                   pkcs7->encryptionKeySz, tmpIv, expBlockSz,
                                   NULL, 0, NULL, 0, encryptedContent,
                                   encryptedContentSz, encryptedContent);
-            if (ret != 0) {
-                XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
+                if (ret != 0) {
+                    XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
+                }
             }
 
             if (ret == 0) {

From b5a5100068cce00e77ad50be9ec95b1c0908581e Mon Sep 17 00:00:00 2001
From: Jacob Barthelmeh <jacob@wolfssl.com>
Date: Fri, 5 Jul 2019 14:33:35 -0600
Subject: [PATCH 2/3] move location of X509 free

---
 src/internal.c | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/src/internal.c b/src/internal.c
index c597f9154..875dddf63 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -8555,10 +8555,6 @@ int CopyDecodedToX509(WOLFSSL_X509* x509, DecodedCert* dCert)
     x509->pkCurveOID = dCert->pkCurveOID;
 #endif /* HAVE_ECC */
 
-    if (ret != 0) {
-        wolfSSL_X509_free(x509);
-    }
-
     return ret;
 }
 
@@ -8862,6 +8858,9 @@ static int DoVerifyCallback(WOLFSSL* ssl, int ret, ProcPeerCertArgs* args)
             if (CopyDecodedToX509(x509, args->dCert) == 0) {
                 store->current_cert = x509;
             }
+            else {
+                FreeX509(x509);
+            }
         }
     #endif
     #ifdef SESSION_CERTS

From efe276414b99464c52e71f233ede913f93f0f548 Mon Sep 17 00:00:00 2001
From: Jacob Barthelmeh <jacob@wolfssl.com>
Date: Mon, 8 Jul 2019 15:11:03 -0600
Subject: [PATCH 3/3] set internal x509 elements to NULL after free

---
 src/internal.c | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/src/internal.c b/src/internal.c
index 875dddf63..c325340ae 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -2954,8 +2954,10 @@ void InitX509Name(WOLFSSL_X509_NAME* name, int dynamicFlag)
 void FreeX509Name(WOLFSSL_X509_NAME* name, void* heap)
 {
     if (name != NULL) {
-        if (name->dynamicName)
+        if (name->dynamicName) {
             XFREE(name->name, heap, DYNAMIC_TYPE_SUBJECT_CN);
+            name->name = NULL;
+        }
 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
         {
             int i;
@@ -3002,22 +3004,31 @@ void FreeX509(WOLFSSL_X509* x509)
 
     FreeX509Name(&x509->issuer, x509->heap);
     FreeX509Name(&x509->subject, x509->heap);
-    if (x509->pubKey.buffer)
+    if (x509->pubKey.buffer) {
         XFREE(x509->pubKey.buffer, x509->heap, DYNAMIC_TYPE_PUBLIC_KEY);
+        x509->pubKey.buffer = NULL;
+    }
     FreeDer(&x509->derCert);
     XFREE(x509->sig.buffer, x509->heap, DYNAMIC_TYPE_SIGNATURE);
+    x509->sig.buffer = NULL;
     #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
         XFREE(x509->authKeyId, x509->heap, DYNAMIC_TYPE_X509_EXT);
+        x509->authKeyId = NULL;
         XFREE(x509->subjKeyId, x509->heap, DYNAMIC_TYPE_X509_EXT);
+        x509->subjKeyId = NULL;
         if (x509->authInfo != NULL) {
             XFREE(x509->authInfo, x509->heap, DYNAMIC_TYPE_X509_EXT);
+            x509->authInfo = NULL;
         }
         if (x509->extKeyUsageSrc != NULL) {
             XFREE(x509->extKeyUsageSrc, x509->heap, DYNAMIC_TYPE_X509_EXT);
+            x509->extKeyUsageSrc= NULL;
         }
     #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
-    if (x509->altNames)
+    if (x509->altNames) {
         FreeAltNames(x509->altNames, x509->heap);
+        x509->altNames = NULL;
+    }
 }