Skip to content

Fix fenrir858-859#896

Merged
dgarske merged 4 commits intowolfSSL:masterfrom
yosuke-wolfssl:fix_Fenrir858-859
Mar 19, 2026
Merged

Fix fenrir858-859#896
dgarske merged 4 commits intowolfSSL:masterfrom
yosuke-wolfssl:fix_Fenrir858-859

Conversation

@yosuke-wolfssl
Copy link
Contributor

@yosuke-wolfssl yosuke-wolfssl commented Mar 19, 2026

Description
This PR contains 2 commits:

  1. Add wc_HashFree() into BuildUserAuthRequestRsa (line 14128), BuildUserAuthRequestRsaCert (line 14362), BuildUserAuthRequestEcc (line 14572), and BuildUserAuthRequestEccCert (line 14812) in src/internal.c if wc_HashInit() is successfully returned.
  2. Add Ed25519 key clean up into FreePubKey() in src/internal.c. Also, add keyAllocated flag once the key is successfully imported in ParseEd25519PubKey().

@yosuke-wolfssl yosuke-wolfssl self-assigned this Mar 19, 2026
@yosuke-wolfssl yosuke-wolfssl requested a review from Copilot March 19, 2026 01:33
Copilot AI reviewed Mar 19, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR addresses resource cleanup issues related to hashing during user-auth request signing, and fixes Ed25519 public key lifecycle handling in src/internal.c.

Changes:

  • Ensure wc_HashFree() is called when wc_HashInit() succeeds in multiple user-auth request builders (RSA/RSA-cert/ECC/ECC-cert).
  • Track successful Ed25519 public key import via keyAllocated and add Ed25519 cleanup in FreePubKey().

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@yosuke-wolfssl
fix the missing pointer
631a219 
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Copilot AI review requested due to automatic review settings March 19, 2026 01:38
Copilot AI reviewed Mar 19, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR addresses resource cleanup issues in wolfSSH’s internal key parsing and user-auth request signing paths, aiming to fix reported fenrir findings.

Changes:

  • Ensure wc_HashFree() is called after successful wc_HashInit() in multiple BuildUserAuthRequest* signing helpers.
  • Track Ed25519 public-key import success via keyAllocated and add Ed25519 cleanup in FreePubKey().

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@dgarske dgarske merged commit 6325742 into wolfSSL:master Mar 19, 2026
131 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@dgarske dgarske dgarske approved these changes

Assignees

@wolfSSL-Bot wolfSSL-Bot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@yosuke-wolfssl @dgarske @wolfSSL-Bot