| commit | 27ce0b5ff19f44d89efea491cf7d538ee7354abf | [log] [tgz] |
|---|---|---|
| author | Ron Eldor <Ron.Eldor@arm.com> | Tue Sep 05 15:34:35 2017 +0300 |
| committer | Ron Eldor <Ron.Eldor@arm.com> | Thu Sep 07 11:18:51 2017 +0300 |
| tree | 933c0ffe2761d34659e9a6a13e5ec1e972912b4a | |
| parent | a75a4591430919a6eb3d430aca396044fe3816d4 [diff] [blame] |
Backport 1.3:Set PEM buffer to zero before freeing it Set PEM buffer to zero before freeing it, to avoid private keys being leaked to memory after releasing it.
diff --git a/library/pem.c b/library/pem.c index b2c16c2..76905b3 100644 --- a/library/pem.c +++ b/library/pem.c
@@ -389,6 +389,8 @@ void pem_free( pem_context *ctx ) { + if ( ctx->buf != NULL ) + polarssl_zeroize( ctx->buf, ctx->buflen ); polarssl_free( ctx->buf ); polarssl_free( ctx->info );