From 7c600e3ebcb0eda0447850972c858f0d6e76aeba Mon Sep 17 00:00:00 2001
From: Guido Vranken <guidovranken@gmail.com>
Date: Sun, 20 Jun 2021 22:29:20 +0200
Subject: [PATCH 1/2] In wc_ecc_verify_hash_ex, return if ALLOC_CURVE_SPECS()
 fails

This prevents a NULL pointer dereference later in the function.
---
 wolfcrypt/src/ecc.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c
index 7f34a6d95..9a768fc48 100644
--- a/wolfcrypt/src/ecc.c
+++ b/wolfcrypt/src/ecc.c
@@ -7108,6 +7108,9 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
 
 #if !defined(WOLFSSL_SP_MATH) || defined(FREESCALE_LTC_ECC)
    ALLOC_CURVE_SPECS(ECC_CURVE_FIELD_COUNT, err);
+   if (err != 0) {
+      return err;
+   }
 
 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_CAVIUM_V)
    err = wc_ecc_alloc_mpint(key, &key->e);

From 7491a44bb49dd03923f520a157425640b6e2d799 Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Mon, 21 Jun 2021 09:19:47 -0700
Subject: [PATCH 2/2] Fix for possible memory leak case on mp_init failure in
 `wc_ecc_verify_hash_ex` with `WOLFSSL_SMALL_STACK`.

---
 wolfcrypt/src/ecc.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c
index 9a768fc48..fb4774b39 100644
--- a/wolfcrypt/src/ecc.c
+++ b/wolfcrypt/src/ecc.c
@@ -7131,8 +7131,10 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
 #endif /* WOLFSSL_ASYNC_CRYPT && HAVE_CAVIUM_V */
 
    err = mp_init(e);
-   if (err != MP_OKAY)
+   if (err != MP_OKAY) {
+      FREE_CURVE_SPECS();
       return MEMORY_E;
+   }
 
    /* read in the specs for this curve */
    err = wc_ecc_curve_load(key->dp, &curve, ECC_CURVE_FIELD_ALL);