From a09e3bb3e742964ce548d336f3de8849ded75640 Mon Sep 17 00:00:00 2001
From: Colton Willey <colton@wolfssl.com>
Date: Fri, 16 Aug 2024 10:43:11 -0700
Subject: [PATCH 1/3] Use signed variable for length calculation in
 SendTls13Certificate

---
 src/tls13.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/tls13.c b/src/tls13.c
index 55c9fabe53..f20f432557 100644
--- a/src/tls13.c
+++ b/src/tls13.c
@@ -8459,12 +8459,13 @@ static int SendTls13Certificate(WOLFSSL* ssl)
     int    ret = 0;
     word32 certSz, certChainSz, headerSz, listSz, payloadSz;
     word16 extSz = 0;
-    word32 length, maxFragment;
+    word32 maxFragment;
     word32 len = 0;
     word32 idx = 0;
     word32 offset = OPAQUE16_LEN;
     byte*  p = NULL;
     byte   certReqCtxLen = 0;
+    sword32 length;
 #ifdef WOLFSSL_POST_HANDSHAKE_AUTH
     byte*  certReqCtx = NULL;
 #endif
@@ -8510,7 +8511,7 @@ static int SendTls13Certificate(WOLFSSL* ssl)
         listSz = 0;
     }
     else {
-        if (!ssl->buffers.certificate) {
+        if (!ssl->buffers.certificate || !ssl->buffers.certificate) {
             WOLFSSL_MSG("Send Cert missing certificate buffer");
             return NO_CERT_ERROR;
         }

From d5268d8bb5beec4adf6b9c7989f6a0b736f932ff Mon Sep 17 00:00:00 2001
From: Colton Willey <colton@wolfssl.com>
Date: Fri, 16 Aug 2024 10:46:31 -0700
Subject: [PATCH 2/3] Update NULL check to be consistent with other checks

---
 src/tls13.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/tls13.c b/src/tls13.c
index f20f432557..64c8650b99 100644
--- a/src/tls13.c
+++ b/src/tls13.c
@@ -8511,7 +8511,7 @@ static int SendTls13Certificate(WOLFSSL* ssl)
         listSz = 0;
     }
     else {
-        if (!ssl->buffers.certificate || !ssl->buffers.certificate) {
+        if (!ssl->buffers.certificate || !ssl->buffers.certificate->buffer) {
             WOLFSSL_MSG("Send Cert missing certificate buffer");
             return NO_CERT_ERROR;
         }

From a57d234f6b3b4c2bd4fe7a0f264a7fa3f8ec498e Mon Sep 17 00:00:00 2001
From: Colton Willey <colton@wolfssl.com>
Date: Tue, 27 Aug 2024 10:07:11 -0700
Subject: [PATCH 3/3] Clean up sign comparison warnings

---
 src/tls13.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/tls13.c b/src/tls13.c
index 64c8650b99..06941f283d 100644
--- a/src/tls13.c
+++ b/src/tls13.c
@@ -8602,7 +8602,7 @@ static int SendTls13Certificate(WOLFSSL* ssl)
 #endif /* WOLFSSL_DTLS13 */
         }
         else {
-            fragSz = min(length, maxFragment);
+            fragSz = min((word32)length, maxFragment);
             sendSz += fragSz;
         }