diff --git a/ChangeLog.d/zeroising_of_plaintext_buffer.txt b/ChangeLog.d/zeroising_of_plaintext_buffer.txt new file mode 100644 index 000000000..f618beb91 --- /dev/null +++ b/ChangeLog.d/zeroising_of_plaintext_buffer.txt @@ -0,0 +1,4 @@ +Security + * Zeroising of plaintext buffers in mbedtls_ssl_read() to erase unused + application data from memory. Reported in #689 by + Johan Uppman Bruce of Sectra. diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 81139b409..37187246e 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -8656,6 +8656,10 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) memcpy( buf, ssl->in_offt, n ); ssl->in_msglen -= n; + /* Zeroising the plaintext buffer to erase unused application data + from the memory. */ + mbedtls_platform_zeroize( ssl->in_offt, n ); + if( ssl->in_msglen == 0 ) { /* all bytes consumed */