@@ -7344,36 +7344,37 @@ int InitHandshakeHashesAndCopy(WOLFSSL* ssl, HS_Hashes* source,
73447344 HS_Hashes** destination)
73457345{
73467346 int ret;
7347- HS_Hashes* tmpHashes;
73487347
73497348 if (source == NULL)
73507349 return BAD_FUNC_ARG;
73517350
7352- /* save the original so we can put it back afterward */
7353- tmpHashes = ssl->hsHashes;
7354- ssl->hsHashes = *destination;
7351+ /* Note we can't call InitHandshakeHashes() here, because the copy methods
7352+ * overwrite the entire dest low level hash struct. With some hashes and
7353+ * settings (e.g. SHA-2 hashes with WOLFSSL_SMALL_STACK_CACHE), internal
7354+ * scratch buffers are preallocated at init and will leak if overwritten.
7355+ */
73557356
7356- ret = InitHandshakeHashes(ssl);
7357- if (ret != 0) {
7358- WOLFSSL_MSG_EX("InitHandshakeHashes failed. err = %d", ret );
7359- ssl->hsHashes = tmpHashes; /* restore hsHashes pointer to original
7360- * before returning */
7361- return ret ;
7357+ /* allocate handshake hashes */
7358+ *destination = (HS_Hashes*)XMALLOC(sizeof(HS_Hashes), ssl->heap,
7359+ DYNAMIC_TYPE_HASHES );
7360+ if (*destination == NULL) {
7361+ WOLFSSL_MSG("HS_Hashes Memory error");
7362+ return MEMORY_E ;
73627363 }
7363-
7364- *destination = ssl->hsHashes;
7365- ssl->hsHashes = tmpHashes;
7364+ XMEMSET(*destination, 0, sizeof(HS_Hashes));
73667365
73677366 /* now copy the source contents to the destination */
7367+ ret = 0;
73687368#ifndef NO_OLD_TLS
73697369 #ifndef NO_SHA
7370- ret = wc_ShaCopy(&source->hashSha, &(*destination)->hashSha);
7370+ if (ret == 0)
7371+ ret = wc_ShaCopy(&source->hashSha, &(*destination)->hashSha);
73717372 #endif
73727373 #ifndef NO_MD5
73737374 if (ret == 0)
73747375 ret = wc_Md5Copy(&source->hashMd5, &(*destination)->hashMd5);
73757376 #endif
7376- #endif /* !NO_OLD_TLS */
7377+ #endif /* !NO_OLD_TLS */
73777378 #ifndef NO_SHA256
73787379 if (ret == 0)
73797380 ret = wc_Sha256Copy(&source->hashSha256,
0 commit comments