From 4e2c07c6e10737cd780df8bb84c9795cecae3ab4 Mon Sep 17 00:00:00 2001
From: Andres Amaya Garcia <Andres.AmayaGarcia@arm.com>
Date: Tue, 27 Jun 2017 16:57:26 +0100
Subject: [PATCH] Zeroize tmp buf in ctr_drbg_write_seed_file()

---
 library/ctr_drbg.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c
index 7828c4e37..a31f7b816 100644
--- a/library/ctr_drbg.c
+++ b/library/ctr_drbg.c
@@ -434,9 +434,9 @@ int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char
     else
         ret = 0;
 
+exit:
     mbedtls_zeroize( buf, sizeof( buf ) );
 
-exit:
     fclose( f );
     return( ret );
 }
@@ -456,8 +456,12 @@ int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char
     fseek( f, 0, SEEK_SET );
 
     if( n > MBEDTLS_CTR_DRBG_MAX_INPUT )
-        ret = MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG;
-    else if( fread( buf, 1, n, f ) != n )
+    {
+        fclose( f );
+        return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
+    }
+
+    if( fread( buf, 1, n, f ) != n )
         ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR;
     else
         mbedtls_ctr_drbg_update( ctx, buf, n );