Zeroize tmp buf in ctr_drbg_write_seed_file()

commit: 4e2c07c6e10737cd780df8bb84c9795cecae3ab4 [log] [tgz]
author: Andres Amaya Garcia <Andres.AmayaGarcia@arm.com> Tue Jun 27 16:57:26 2017 +0100
committer: Andres Amaya Garcia <Andres.AmayaGarcia@arm.com> Tue Jun 27 16:57:26 2017 +0100
tree: 61b2031f2086abc22064b6f06ed18bd8fa024a29
parent: 03d70504ca3bf06a5c2bd6ad948effb25c59ed7f [diff]
diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c
index 7828c4e..a31f7b8 100644
--- a/library/ctr_drbg.c
+++ b/library/ctr_drbg.c

@@ -434,9 +434,9 @@
     else
         ret = 0;
 
+exit:
     mbedtls_zeroize( buf, sizeof( buf ) );
 
-exit:
     fclose( f );
     return( ret );
 }
@@ -456,8 +456,12 @@
     fseek( f, 0, SEEK_SET );
 
     if( n > MBEDTLS_CTR_DRBG_MAX_INPUT )
-        ret = MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG;
-    else if( fread( buf, 1, n, f ) != n )
+    {
+        fclose( f );
+        return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
+    }
+
+    if( fread( buf, 1, n, f ) != n )
         ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR;
     else
         mbedtls_ctr_drbg_update( ctx, buf, n );
commit	4e2c07c6e10737cd780df8bb84c9795cecae3ab4	[log] [tgz]
author	Andres Amaya Garcia <Andres.AmayaGarcia@arm.com>	Tue Jun 27 16:57:26 2017 +0100
committer	Andres Amaya Garcia <Andres.AmayaGarcia@arm.com>	Tue Jun 27 16:57:26 2017 +0100
tree	61b2031f2086abc22064b6f06ed18bd8fa024a29
parent	03d70504ca3bf06a5c2bd6ad948effb25c59ed7f [diff]