Zeroize buf if mbedtls_base64_decode() fails

This commit is contained in:
Andres Amaya Garcia 2017-07-07 10:46:51 +01:00
parent d48ba2b336
commit 92d46f0246

View File

@ -331,6 +331,7 @@ int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const
if( ( ret = mbedtls_base64_decode( buf, len, &len, s1, s2 - s1 ) ) != 0 ) if( ( ret = mbedtls_base64_decode( buf, len, &len, s1, s2 - s1 ) ) != 0 )
{ {
mbedtls_zeroize( buf, len );
mbedtls_free( buf ); mbedtls_free( buf );
return( MBEDTLS_ERR_PEM_INVALID_DATA + ret ); return( MBEDTLS_ERR_PEM_INVALID_DATA + ret );
} }