Merge remote-tracking branch 'upstream-restricted/pr/399' into development-restricted
diff --git a/ChangeLog b/ChangeLog
index 7ac65ee..4d27320 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -21,6 +21,8 @@
* Tighten should-be-constant-time memcmp against compiler optimizations.
* Ensure that buffers are cleared after use if they contain sensitive data.
Changes were introduced in multiple places in the library.
+ * Set PEM buffer to zero before freeing it, to avoid decoded private keys
+ being leaked to memory after release.
Features
* Allow comments in test data files.
diff --git a/library/pem.c b/library/pem.c
index ea36df8..9c3e603 100644
--- a/library/pem.c
+++ b/library/pem.c
@@ -391,6 +391,8 @@
void mbedtls_pem_free( mbedtls_pem_context *ctx )
{
+ if( ctx->buf != NULL )
+ mbedtls_zeroize( ctx->buf, ctx->buflen );
mbedtls_free( ctx->buf );
mbedtls_free( ctx->info );