From ddc1899d4806c7ac63766b77f487f3e157f9f57c Mon Sep 17 00:00:00 2001
From: Chris Conlon <chris@wolfssl.com>
Date: Fri, 18 Mar 2022 09:07:57 -0600
Subject: [PATCH] smallstack reduction for
 wolfSSL_EC_POINT_get_affine_coordinates_GFp

---
 src/ssl.c | 50 ++++++++++++++++++++++++++++++++++++++++----------
 1 file changed, 40 insertions(+), 10 deletions(-)

diff --git a/src/ssl.c b/src/ssl.c
index 76deac7df..bb8182769 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -40281,7 +40281,11 @@ int wolfSSL_EC_POINT_get_affine_coordinates_GFp(const WOLFSSL_EC_GROUP *group,
                                                 WOLFSSL_BN_CTX *ctx)
 {
     mp_digit mp;
-    mp_int modulus;
+#ifdef WOLFSSL_SMALL_STACK
+    mp_int* modulus = NULL;
+#else
+    mp_int modulus[1];
+#endif
     (void)ctx;
 
     WOLFSSL_ENTER("wolfSSL_EC_POINT_get_affine_coordinates_GFp");
@@ -40296,39 +40300,65 @@ int wolfSSL_EC_POINT_get_affine_coordinates_GFp(const WOLFSSL_EC_GROUP *group,
         return WOLFSSL_FAILURE;
     }
 
+#ifdef WOLFSSL_SMALL_STACK
+    modulus = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_BIGINT);
+    if (modulus == NULL) {
+        return WOLFSSL_FAILURE;
+    }
+#endif
+
     if (!wolfSSL_BN_is_one(point->Z)) {
-        if (mp_init(&modulus) != MP_OKAY) {
+        if (mp_init(modulus) != MP_OKAY) {
             WOLFSSL_MSG("mp_init failed");
+        #ifdef WOLFSSL_SMALL_STACK
+            XFREE(modulus, NULL, DYNAMIC_TYPE_BIGINT);
+        #endif
             return WOLFSSL_FAILURE;
         }
         /* Map the Jacobian point back to affine space */
-        if (mp_read_radix(&modulus, ecc_sets[group->curve_idx].prime, MP_RADIX_HEX) != MP_OKAY) {
+        if (mp_read_radix(modulus, ecc_sets[group->curve_idx].prime, MP_RADIX_HEX) != MP_OKAY) {
             WOLFSSL_MSG("mp_read_radix failed");
-            mp_clear(&modulus);
+            mp_clear(modulus);
+        #ifdef WOLFSSL_SMALL_STACK
+            XFREE(modulus, NULL, DYNAMIC_TYPE_BIGINT);
+        #endif
             return WOLFSSL_FAILURE;
         }
-        if (mp_montgomery_setup(&modulus, &mp) != MP_OKAY) {
+        if (mp_montgomery_setup(modulus, &mp) != MP_OKAY) {
             WOLFSSL_MSG("mp_montgomery_setup failed");
-            mp_clear(&modulus);
+            mp_clear(modulus);
+        #ifdef WOLFSSL_SMALL_STACK
+            XFREE(modulus, NULL, DYNAMIC_TYPE_BIGINT);
+        #endif
             return WOLFSSL_FAILURE;
         }
-        if (ecc_map((ecc_point*)point->internal, &modulus, mp) != MP_OKAY) {
+        if (ecc_map((ecc_point*)point->internal, modulus, mp) != MP_OKAY) {
             WOLFSSL_MSG("ecc_map failed");
-            mp_clear(&modulus);
+            mp_clear(modulus);
+        #ifdef WOLFSSL_SMALL_STACK
+            XFREE(modulus, NULL, DYNAMIC_TYPE_BIGINT);
+        #endif
             return WOLFSSL_FAILURE;
         }
         if (SetECPointExternal((WOLFSSL_EC_POINT *)point) != WOLFSSL_SUCCESS) {
             WOLFSSL_MSG("SetECPointExternal failed");
-            mp_clear(&modulus);
+            mp_clear(modulus);
+        #ifdef WOLFSSL_SMALL_STACK
+            XFREE(modulus, NULL, DYNAMIC_TYPE_BIGINT);
+        #endif
             return WOLFSSL_FAILURE;
         }
 
-        mp_clear(&modulus);
+        mp_clear(modulus);
     }
 
     BN_copy(x, point->X);
     BN_copy(y, point->Y);
 
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(modulus, NULL, DYNAMIC_TYPE_BIGINT);
+#endif
+
     return WOLFSSL_SUCCESS;
 }
 #endif