From 8f9c8a12032add2119053300adc474314e77f87f Mon Sep 17 00:00:00 2001
From: Andras Fekete <andras@wolfssl.com>
Date: Wed, 8 May 2024 09:52:37 -0400
Subject: [PATCH 1/3] Fix infinite loop

'ret' could be set to non-zero inside the loop and the 'cmac->bufferSz' never gets reset causing 'add' to become 0 in the subsequent loop.
---
 wolfcrypt/src/cmac.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/wolfcrypt/src/cmac.c b/wolfcrypt/src/cmac.c
index 49ab1657c2..460d02a078 100644
--- a/wolfcrypt/src/cmac.c
+++ b/wolfcrypt/src/cmac.c
@@ -211,7 +211,7 @@ int wc_CmacUpdate(Cmac* cmac, const byte* in, word32 inSz)
     /* Clear CRYPTOCB_UNAVAILABLE return code */
     ret = 0;
 
-    while (inSz != 0) {
+    while ((ret == 0) && (inSz != 0)) {
         word32 add = min(inSz, AES_BLOCK_SIZE - cmac->bufferSz);
         XMEMCPY(&cmac->buffer[cmac->bufferSz], in, add);
 

From f73a9f0d4fbd02882fc6d525d1f6ba346590dae8 Mon Sep 17 00:00:00 2001
From: Andras Fekete <andras@wolfssl.com>
Date: Fri, 10 May 2024 15:01:41 -0400
Subject: [PATCH 2/3] Fix function logic

---
 src/pk.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/pk.c b/src/pk.c
index 8842a89a76..9c61b91284 100644
--- a/src/pk.c
+++ b/src/pk.c
@@ -15745,7 +15745,7 @@ int wolfSSL_PEM_read_bio(WOLFSSL_BIO* bio, char **name, char **header,
  * @param [in] header  Encryption header.
  * @param [in] data    DER data.
  * @param [in] len     Length of DER data.
- * @return  0 on success.
+ * @return  0 on failure.
  * @return  MEMORY_E when dynamic memory allocation fails.
  */
 int wolfSSL_PEM_write_bio(WOLFSSL_BIO* bio, const char *name,
@@ -15770,6 +15770,7 @@ int wolfSSL_PEM_write_bio(WOLFSSL_BIO* bio, const char *name,
     /* Write PEM into BIO. */
     if ((!err) && (wolfSSL_BIO_write(bio, pem, pemLen) != (int)pemLen)) {
         pemLen = 0;
+        err = 1;
     }
 
     XFREE(pem, NULL, DYNAMIC_TYPE_TMP_BUFFER);

From c5773f5f26bb519988d1f778dc8287f3877cb66c Mon Sep 17 00:00:00 2001
From: Andras Fekete <andras@wolfssl.com>
Date: Fri, 10 May 2024 15:56:56 -0400
Subject: [PATCH 3/3] Make the function flow better

Will return 0 on failure.
---
 src/pk.c | 14 +++++---------
 1 file changed, 5 insertions(+), 9 deletions(-)

diff --git a/src/pk.c b/src/pk.c
index 9c61b91284..14ef0dd9c4 100644
--- a/src/pk.c
+++ b/src/pk.c
@@ -15746,7 +15746,6 @@ int wolfSSL_PEM_read_bio(WOLFSSL_BIO* bio, char **name, char **header,
  * @param [in] data    DER data.
  * @param [in] len     Length of DER data.
  * @return  0 on failure.
- * @return  MEMORY_E when dynamic memory allocation fails.
  */
 int wolfSSL_PEM_write_bio(WOLFSSL_BIO* bio, const char *name,
     const char *header, const unsigned char *data, long len)
@@ -15757,24 +15756,21 @@ int wolfSSL_PEM_write_bio(WOLFSSL_BIO* bio, const char *name,
 
     /* Validate parameters. */
     if ((bio == NULL) || (name == NULL) || (header == NULL) || (data == NULL)) {
-        err = 1;
+        err = BAD_FUNC_ARG;
     }
 
     /* Encode into a buffer. */
-    if ((!err) && (pem_write_data(name, header, data, len, &pem, &pemLen) !=
-            0)) {
-        pemLen = 0;
-        err = 1;
+    if (!err) {
+        err = pem_write_data(name, header, data, len, &pem, &pemLen);
     }
 
     /* Write PEM into BIO. */
     if ((!err) && (wolfSSL_BIO_write(bio, pem, pemLen) != (int)pemLen)) {
-        pemLen = 0;
-        err = 1;
+        err = IO_FAILED_E;
     }
 
     XFREE(pem, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    return pemLen;
+    return (!err) ? pemLen : 0;
 }
 #endif /* !NO_BIO */