wolfSSL · ejohnstown · Mar 9, 2026 · Mar 9, 2026 · Mar 9, 2026 · Mar 9, 2026
diff --git a/apps/wolfsshd/auth.c b/apps/wolfsshd/auth.c
@@ -338,7 +338,8 @@ static int CheckPasswordHashUnix(const char* input, char* stored)
             if (storedSz == 0 || stored[0] == '*' ||
                     hashedInputSz == 0 || hashedInput[0] == '*' ||
                     hashedInputSz != storedSz ||
-                    WMEMCMP(hashedInput, stored, storedSz) != 0) {
+                    ConstantCompare((const byte*)hashedInput,
+                        (const byte*)stored, storedSz) != 0) {
                 ret = WSSHD_AUTH_FAILURE;
             }
         }
@@ -656,7 +657,7 @@ static int CheckPublicKeyUnix(const char* name,
             if (rc == WS_SUCCESS) {
                 rc = wc_Hash(WC_HASH_TYPE_SHA256, caKey, caKeySz, fingerprint,
                              WC_SHA256_DIGEST_SIZE);
-                if (rc == 0 && WMEMCMP(fingerprint, pubKeyCtx->caKey,
+                if (rc == 0 && ConstantCompare(fingerprint, pubKeyCtx->caKey,
                                        WC_SHA256_DIGEST_SIZE) == 0) {
                     foundKey = 1;
                     break;

diff --git a/src/internal.c b/src/internal.c
@@ -3575,12 +3575,12 @@ int GetSkip(const byte* buf, word32 len, word32* idx)
     int result;
     word32 sz;
 
-    result = GetUint32(&sz, buf, len, idx);
+    result = GetSize(&sz, buf, len, idx);
 
     if (result == WS_SUCCESS) {
         result = WS_BUFFER_E;
 
-        if (*idx < len && sz <= len - *idx) {
+        if (*idx <= len && sz <= len - *idx) {
             *idx += sz;
             result = WS_SUCCESS;
         }
@@ -6320,18 +6320,8 @@ static int DoKexDhGexGroup(WOLFSSH* ssh,
 
 static int DoIgnore(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
 {
-    word32 dataSz;
-    word32 begin = *idx;
-
     WOLFSSH_UNUSED(ssh);
-    WOLFSSH_UNUSED(len);
-
-    ato32(buf + begin, &dataSz);
-    begin += LENGTH_SZ + dataSz;
-
-    *idx = begin;
-
-    return WS_SUCCESS;
+    return GetSkip(buf, len, idx);
 }
 
 static int DoRequestSuccess(WOLFSSH *ssh, byte *buf, word32 len, word32 *idx)
@@ -6533,56 +6523,36 @@ static int DoDisconnect(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
 static int DoServiceRequest(WOLFSSH* ssh,
                             byte* buf, word32 len, word32* idx)
 {
-    word32 begin = *idx;
-    word32 nameSz;
-    char     serviceName[WOLFSSH_MAX_NAMESZ];
-
-    WOLFSSH_UNUSED(len);
+    char name[WOLFSSH_MAX_NAMESZ+1];
+    word32 nameSz = sizeof(name);
+    int ret;
 
-    ato32(buf + begin, &nameSz);
-    begin += LENGTH_SZ;
+    ret = GetString(name, &nameSz, buf, len, idx);
 
-    if (begin + nameSz > len || nameSz >= WOLFSSH_MAX_NAMESZ) {
-        return WS_BUFFER_E;
+    if (ret == WS_SUCCESS) {
+        WLOG(WS_LOG_DEBUG, "Requesting service: %s", name);
+        ssh->clientState = CLIENT_USERAUTH_REQUEST_DONE;
     }
 
-    WMEMCPY(serviceName, buf + begin, nameSz);
-    begin += nameSz;
-    serviceName[nameSz] = 0;
-
-    *idx = begin;
-
-    WLOG(WS_LOG_DEBUG, "Requesting service: %s", serviceName);
-    ssh->clientState = CLIENT_USERAUTH_REQUEST_DONE;
-
-    return WS_SUCCESS;
+    return ret;
 }
 
 
 static int DoServiceAccept(WOLFSSH* ssh,
                            byte* buf, word32 len, word32* idx)
 {
-    word32 begin = *idx;
-    word32 nameSz;
-    char     serviceName[WOLFSSH_MAX_NAMESZ];
+    char name[WOLFSSH_MAX_NAMESZ+1];
+    word32 nameSz = sizeof(name);
+    int ret;
 
-    ato32(buf + begin, &nameSz);
-    begin += LENGTH_SZ;
+    ret = GetString(name, &nameSz, buf, len, idx);
 
-    if (begin + nameSz > len || nameSz >= WOLFSSH_MAX_NAMESZ) {
-        return WS_BUFFER_E;
+    if (ret == WS_SUCCESS) {
+        WLOG(WS_LOG_DEBUG, "Accepted service: %s", name);
+        ssh->serverState = SERVER_USERAUTH_REQUEST_DONE;
     }
 
-    WMEMCPY(serviceName, buf + begin, nameSz);
-    begin += nameSz;
-    serviceName[nameSz] = 0;
-
-    *idx = begin;
-
-    WLOG(WS_LOG_DEBUG, "Accepted service: %s", serviceName);
-    ssh->serverState = SERVER_USERAUTH_REQUEST_DONE;
-
-    return WS_SUCCESS;
+    return ret;
 }
 
 
@@ -6900,20 +6870,14 @@ static int DoUserAuthRequestPassword(WOLFSSH* ssh, WS_UserAuthData* authData,
     }
 
     if (ret == WS_SUCCESS)
-        ret = GetUint32(&pw->passwordSz, buf, len, &begin);
+        ret = GetStringRef(&pw->passwordSz, &pw->password, buf, len, &begin);
 
     if (ret == WS_SUCCESS) {
-        pw->password = buf + begin;
-        begin += pw->passwordSz;
-
         if (pw->hasNewPassword) {
             /* Skip the password change. Maybe error out since we aren't
              * supporting password changes at this time. */
-            ret = GetUint32(&pw->newPasswordSz, buf, len, &begin);
-            if (ret == WS_SUCCESS) {
-                pw->newPassword = buf + begin;
-                begin += pw->newPasswordSz;
-            }
+            ret = GetStringRef(&pw->newPasswordSz, &pw->newPassword,
+                    buf, len, &begin);
         }
         else {
             pw->newPassword = NULL;
@@ -14436,19 +14400,32 @@ static int PrepareUserAuthRequestEcc(WOLFSSH* ssh, word32* payloadSz,
         word32 idx = 0;
         #ifdef WOLFSSH_AGENT
         if (ssh->agentEnabled) {
-            word32 sz;
-            const byte* c = (const byte*)authData->sf.publicKey.publicKey;
-
-            ato32(c + idx, &sz);
-            idx += LENGTH_SZ + sz;
-            ato32(c + idx, &sz);
-            idx += LENGTH_SZ + sz;
-            ato32(c + idx, &sz);
-            idx += LENGTH_SZ;
-            c += idx;
-            idx = 0;
+            const byte* publicKey = NULL;
+            word32 publicKeySz;
 
-            ret = wc_ecc_import_x963(c, sz, &keySig->ks.ecc.key);
+            ret = GetSkip((const byte*)authData->sf.publicKey.publicKey,
+                    authData->sf.publicKey.publicKeySz, &idx);
+            if (ret == WS_SUCCESS) {
+                ret = GetSkip((const byte*)authData->sf.publicKey.publicKey,
+                        authData->sf.publicKey.publicKeySz, &idx);
+            }
+            if (ret == WS_SUCCESS) {
+                ret = GetStringRef(&publicKeySz, &publicKey,
+                        (const byte*)authData->sf.publicKey.publicKey,
+                        authData->sf.publicKey.publicKeySz, &idx);
+            }
+            if (ret == WS_SUCCESS) {
+                ret = wc_ecc_import_x963(publicKey, publicKeySz,
+                        &keySig->ks.ecc.key);
+            }
+            if (ret != 0) {
+                WLOG(WS_LOG_ERROR,
+                        "wc_ecc_import_x963 failed, ret = %d", ret);
+                ret = WS_ECC_E;
+            }
+            else {
+                ret = WS_SUCCESS;
+            }
         }
         else
         #endif

diff --git a/src/wolfterm.c b/src/wolfterm.c
@@ -115,14 +115,15 @@ static void wolfSSH_ClearScreen(WOLFSSH_HANDLE handle, word32 x1, word32 y1, wor
         start.Y = y1;
 
         /* get number of cells  */
-        if (y1 == y2) { /* on same line so is x2 - x1 */
-            fill = x2 - x1;
+        if (y2 == y1) { /* on same line so is x2 - x1 */
+            fill = (x2 >= x1) ? (x2 - x1) : 0;
         }
-        else { /* | y1 - y2 | * maxX - x1 + x2 */
-            fill = y1 - y2;
-            if (fill < 0)
-                fill += fill * 2;
-            fill = fill * maxX - x1 + x2;
+        /* (y2 - y1) * maxX - x1 + x2 */
+        else if (y2 > y1) {
+            fill = (y2 - y1) * maxX - x1 + x2;
+        }
+        else {
+            fill = 0;
         }
 
         FillConsoleOutputCharacterA(handle, ' ', fill, start, &w);