mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-06 00:40:49 +02:00
0dd6aa3704
ecc_key_tmp_final was guarded by `if (err == MP_OKAY)`, leaking key->t1/t2 (and x/y/z under ALT_ECC_SIZE) whenever an allocation or mulmod step after ecc_key_tmp_init failed. Simply removing the guard is unsafe here: unlike wc_ecc_mulmod_ex2 (whose arg checks `return` directly), this function XMALLOC'd `key` before the arg checks and used `goto exit`, so a bad-arg call would hand uninitialized memory to ecc_key_tmp_final and XFREE garbage pointers. Defer the XMALLOC until after the arg/range checks so `key` is NULL on the early-error paths, then call ecc_key_tmp_final unconditionally to plug the leak on the late-error paths.