TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / c0dc5b5d3b2d91d868a3ff7822e46192acc90ed8^! / . / library / ctr_drbg.c
commitc0dc5b5d3b2d91d868a3ff7822e46192acc90ed8[log] [tgz]
authorAndres Amaya Garcia <andres.amayagarcia@arm.com>Wed Jul 12 10:56:39 2017 +0100
committerAndres Amaya Garcia <andres.amayagarcia@arm.com>Wed Jul 12 11:04:28 2017 +0100
tree2e92d5df3324e6ead903b3e45e6b3f3fa66b1333
parentf4660aaf4c24b5779bb6a5304ab1dfacb729f4ed [diff] [blame]
Zeroize tmp buf in ctr_drbg_write_seed_file()

diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c
index fe7fb27..f66064f 100644
--- a/library/ctr_drbg.c
+++ b/library/ctr_drbg.c

@@ -406,9 +406,9 @@
     else
         ret = 0;
 
+exit:
     polarssl_zeroize( buf, sizeof( buf ) );
 
-exit:
     fclose( f );
     return( ret );
 }
@@ -428,8 +428,12 @@
     fseek( f, 0, SEEK_SET );
 
     if( n > CTR_DRBG_MAX_INPUT )
-        ret = POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG;
-    else if( fread( buf, 1, n, f ) != n )
+    {
+        fclose( f );
+        return( POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG );
+    }
+
+    if( fread( buf, 1, n, f ) != n )
         ret = POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR;
     else
         ctr_drbg_update( ctx, buf, n );