Fix generic bugs, memory leaks, and migrate to wc_ForceZero#274
Fix generic bugs, memory leaks, and migrate to wc_ForceZero#274stenslae wants to merge 1 commit into
Conversation
wolfSSL-Fenrir-bot
left a comment
There was a problem hiding this comment.
Fenrir Automated Review — PR #274
Scan targets checked: wolfclu-bugs, wolfclu-src
Findings: 2
1 finding(s) posted as inline comments (see file-level comments below)
Medium (1)
Fallback definition of DILITHIUM_MAX_BOTH_KEY_PEM_SIZE removed but usages remain
File: src/sign-verify/clu_sign.c:767
Function: wolfCLU_sign_data_dilithium
Category: Logic errors
The PR deletes the #ifndef DILITHIUM_MAX_BOTH_KEY_PEM_SIZE fallback #define that guarded older wolfSSL builds, but DILITHIUM_MAX_BOTH_KEY_PEM_SIZE is still used at clu_sign.c:767 and at the newly-added check clu_verify.c:727. On older wolfSSL builds with HAVE_DILITHIUM but without this constant, both translation units fail to compile.
Recommendation: Re-add the #ifndef DILITHIUM_MAX_BOTH_KEY_PEM_SIZE fallback guard (e.g., in wolfclu/sign-verify/clu_sign.h), or replace both usages with WOLFCLU_MAX_KEY_PEM_DER_SZ.
Referenced code: src/sign-verify/clu_sign.c:767-768 (2 lines)
This review was generated automatically by Fenrir. Findings are non-blocking.
2cb0b26 to
4d562f5
Compare
wolfSSL-Fenrir-bot
left a comment
There was a problem hiding this comment.
Fenrir Automated Review — PR #274
Scan targets checked: wolfclu-bugs, wolfclu-src
No new issues found in the changed files. ✅
Cleans up general codebase hygiene. Resolves scattered memory leaks, fixes minor bugs in clu_genkey.c and clu_x509_verify.c, and standardizes on wolfCLU_ForceZero to internally use wc_ForceZero.