Fixes for additional use of unititlized variable with async for AES and DH.

2025-08-03 12:44:45 +02:00 · 2018-11-08 15:56:51 -08:00
parent b3d5999be9
commit 9f6167872f
2 changed files with 20 additions and 7 deletions
--- a/wolfcrypt/src/ecc.c
+++ b/wolfcrypt/src/ecc.c
@@ -8876,14 +8876,21 @@ int wc_ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
           case ecAES_128_CBC:
               {
                   Aes aes;
-                   ret = wc_AesSetKey(&aes, encKey, KEY_SIZE_128, encIv,
+                   ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
+                   if (ret == 0) {
+                       ret = wc_AesSetKey(&aes, encKey, KEY_SIZE_128, encIv,
                                                                AES_ENCRYPTION);
+                       if (ret == 0) {
+                           ret = wc_AesCbcEncrypt(&aes, out, msg, msgSz);
+                       #if defined(WOLFSSL_ASYNC_CRYPT)
+                           ret = wc_AsyncWait(ret, &aes.asyncDev,
+                                              WC_ASYNC_FLAG_NONE);
+                       #endif
+                       }
+                       wc_AesFree(&aes);
+                   }
                   if (ret != 0)
-                       break;
-                   ret = wc_AesCbcEncrypt(&aes, out, msg, msgSz);
-                #if defined(WOLFSSL_ASYNC_CRYPT)
-                   ret = wc_AsyncWait(ret, &aes.asyncDev, WC_ASYNC_FLAG_NONE);
-                #endif
+                      break;
               }
               break;

--- a/wolfcrypt/test/test.c
+++ b/wolfcrypt/test/test.c
@@ -11871,6 +11871,7 @@ int dh_test(void)
    DhKey  key;
    DhKey  key2;
    WC_RNG rng;
+    int keyInit = 0;

 #ifdef USE_CERT_BUFFERS_1024
    XMEMCPY(tmp, dh_key_der_1024, (size_t)sizeof_dh_key_der_1024);
@@ -11907,6 +11908,7 @@ int dh_test(void)
    if (ret != 0) {
        ERROR_OUT(-7103, done);
    }
+    keyInit = 1;
    ret = wc_InitDhKey_ex(&key2, HEAP_HINT, devId);
    if (ret != 0) {
        ERROR_OUT(-7104, done);
@@ -11985,6 +11987,9 @@ int dh_test(void)
        ret = dh_fips_generate_test(&rng);


+    wc_FreeDhKey(&key);
+    keyInit = 0;
+
 #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \
    !defined(WOLFSSL_OLD_PRIME_CHECK)
    if (ret == 0) {
@@ -11996,7 +12001,8 @@ int dh_test(void)

 done:

-    wc_FreeDhKey(&key);
+    if (keyInit)
+        wc_FreeDhKey(&key);
    wc_FreeDhKey(&key2);
    wc_FreeRng(&rng);