From 804e27ff4833df3c46aedbcb67333500498571d3 Mon Sep 17 00:00:00 2001
From: Jeremiah Mackey <jeremiahmackey91@gmail.com>
Date: Mon, 16 Mar 2026 18:50:10 +0000
Subject: [PATCH 1/2] Fix UKM memory leak in DH/ECDH free

---
 src/wp_dh_exch.c   | 1 +
 src/wp_ecdh_exch.c | 1 +
 2 files changed, 2 insertions(+)

diff --git a/src/wp_dh_exch.c b/src/wp_dh_exch.c
index bf6392af..5ecd869c 100644
--- a/src/wp_dh_exch.c
+++ b/src/wp_dh_exch.c
@@ -101,6 +101,7 @@ static void wp_dh_freectx(wp_DhCtx* ctx)
     if (ctx != NULL) {
         wp_dh_free(ctx->peer);
         wp_dh_free(ctx->key);
+        OPENSSL_free(ctx->ukm);
         OPENSSL_free(ctx);
     }
 }
diff --git a/src/wp_ecdh_exch.c b/src/wp_ecdh_exch.c
index 871349e0..9fdf7029 100644
--- a/src/wp_ecdh_exch.c
+++ b/src/wp_ecdh_exch.c
@@ -103,6 +103,7 @@ static void wp_ecdh_free(wp_EcdhCtx* ctx)
     if (ctx != NULL) {
         wp_ecc_free(ctx->peer);
         wp_ecc_free(ctx->key);
+        OPENSSL_free(ctx->ukm);
         OPENSSL_free(ctx);
     }
 }

From 22c5373a2a581dcef85139c4d92a3094aa54ea19 Mon Sep 17 00:00:00 2001
From: Jeremiah Mackey <jeremiahmackey91@gmail.com>
Date: Mon, 16 Mar 2026 18:50:12 +0000
Subject: [PATCH 2/2] Fix PSS defaults pointer dereference

---
 src/wp_rsa_kmgmt.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/wp_rsa_kmgmt.c b/src/wp_rsa_kmgmt.c
index 38de43d7..372d99a0 100644
--- a/src/wp_rsa_kmgmt.c
+++ b/src/wp_rsa_kmgmt.c
@@ -767,7 +767,7 @@ static int wp_rsa_pss_params_set_params(wp_RsaPssParams* pss,
 
     WOLFPROV_ENTER(WP_LOG_COMP_RSA, "wp_rsa_pss_params_set_params");
 
-    if (!defaultsSet) {
+    if (!*defaultsSet) {
         if (!wp_rsa_pss_params_set_pss_defaults(pss)) {
             ok = 0;
         }