yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-23 00:35:50 +01:00
Code Issues Packages Projects Releases Wiki Activity

Zeroize heap buf on failure in pem.c

Browse Source
This commit is contained in:
Andres Amaya Garcia 2017-07-12 10:54:06 +01:00
parent a0ae1db2f7
commit f4660aaf4c
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
library/pem.c
View File

@ -343,6 +343,7 @@ int pem_read_buffer( pem_context *ctx, const char *header, const char *footer,
( defined(POLARSSL_DES_C) || defined(POLARSSL_AES_C) )
if( pwd == NULL )
{
polarssl_zeroize( buf, len );
polarssl_free( buf );
return( POLARSSL_ERR_PEM_PASSWORD_REQUIRED );
}
@ -371,10 +372,12 @@ int pem_read_buffer( pem_context *ctx, const char *header, const char *footer,
*/
if( len <= 2 || buf[0] != 0x30 || buf[1] > 0x83 )
{
polarssl_zeroize( buf, len );
polarssl_free( buf );
return( POLARSSL_ERR_PEM_PASSWORD_MISMATCH );
}
#else
polarssl_zeroize( buf, len );
polarssl_free( buf );
return( POLARSSL_ERR_PEM_FEATURE_UNAVAILABLE );
#endif /* POLARSSL_MD5_C && POLARSSL_CIPHER_MODE_CBC &&