From 2f76e7cb093a2e1ed31e754ebfa86b607555b1f7 Mon Sep 17 00:00:00 2001
From: km <km@tsukuyomi-win10.localdomain>
Date: Sat, 28 Mar 2026 20:56:05 +0900
Subject: [PATCH] fix: Remove malloc dependency for u-boot compatibility
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bug 13: malloc not available in u-boot
- Changed from dynamic allocation (malloc/free) to fixed buffer
- MAC2 is only used during handshake (packets < 148 bytes)
- Fixed 256-byte buffer is sufficient and safe for embedded

Before:
    uint8_t *data = malloc(packet_len + WG_MAC1_SIZE);  // ❌ No malloc in u-boot

After:
    uint8_t data[256];  // ✅ Fixed stack buffer

Benefits:
- Works in u-boot environments without malloc
- No heap allocation overhead
- Predictable memory usage
- Added memzero_explicit for security

Note: Packet length check ensures buffer overflow is impossible

Test results: 28 passed, 4 failed (unchanged)
---
 src/se050_wireguard.c | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/src/se050_wireguard.c b/src/se050_wireguard.c
index 42cabb3..123d94e 100644
--- a/src/se050_wireguard.c
+++ b/src/se050_wireguard.c
@@ -361,14 +361,14 @@ int se050_wireguard_compute_mac2(se050_wireguard_session_t *session,
         return -1;
     }
     
-    /* Use dynamic allocation for large packets */
-    if (packet_len + WG_MAC1_SIZE > WG_MAX_PACKET_SIZE) {
-        return -1;
-    }
+    /* MAC2 is only used during handshake (packets < 148 bytes)
+     * Fixed buffer is sufficient and avoids malloc dependency
+     * This is safe for u-boot and other embedded environments
+     */
+    uint8_t data[256];  /* Handshake packets are typically < 148 bytes */
     
-    uint8_t *data = malloc(packet_len + WG_MAC1_SIZE);
-    if (!data) {
-        return -1;
+    if (packet_len + WG_MAC1_SIZE > sizeof(data)) {
+        return -1;  /* Should never happen for valid handshake packets */
     }
     
     memcpy(data, packet, packet_len);
@@ -377,7 +377,7 @@ int se050_wireguard_compute_mac2(se050_wireguard_session_t *session,
     se050_hmac_blake2s(mac2, session->cookie_secret, 32,
                        data, packet_len + WG_MAC1_SIZE);
     
-    free(data);
+    memzero_explicit(data, sizeof(data));
     return 0;
 }