From ef73875913c66767e7a954aa0b68f42f0756d9b2 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Wed, 15 Jul 2020 10:55:00 +0200 Subject: [PATCH 1/2] Zeroising of plaintext buffers to erase unused application data from memory Signed-off-by: gabor-mezei-arm --- ChangeLog.d/zeroising_of_plaintext_buffer.txt | 4 ++++ library/ssl_tls.c | 4 ++++ 2 files changed, 8 insertions(+) create mode 100644 ChangeLog.d/zeroising_of_plaintext_buffer.txt diff --git a/ChangeLog.d/zeroising_of_plaintext_buffer.txt b/ChangeLog.d/zeroising_of_plaintext_buffer.txt new file mode 100644 index 000000000..d7dee29a4 --- /dev/null +++ b/ChangeLog.d/zeroising_of_plaintext_buffer.txt @@ -0,0 +1,4 @@ +Security + * Zeroising of plaintext buffers in mbedtls_ssl_read() to erase unused + application data from memory. Reported in #689 by + Johan Uppman Bruce of Sectra. \ No newline at end of file diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 25a43bb38..30f0eba9e 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -7320,6 +7320,10 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len ) memcpy( buf, ssl->in_offt, n ); ssl->in_msglen -= n; + /* Zeroising the plaintext buffer to erase unused application data + from the memory. */ + mbedtls_zeroize( ssl->in_offt, n ); + if( ssl->in_msglen == 0 ) { /* all bytes consumed */ From 0e6f3b766188d71df4c79ae09183d6e0dc7c691c Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Thu, 16 Jul 2020 10:19:18 +0200 Subject: [PATCH 2/2] Add missing newline Signed-off-by: gabor-mezei-arm --- ChangeLog.d/zeroising_of_plaintext_buffer.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.d/zeroising_of_plaintext_buffer.txt b/ChangeLog.d/zeroising_of_plaintext_buffer.txt index d7dee29a4..f618beb91 100644 --- a/ChangeLog.d/zeroising_of_plaintext_buffer.txt +++ b/ChangeLog.d/zeroising_of_plaintext_buffer.txt @@ -1,4 +1,4 @@ Security * Zeroising of plaintext buffers in mbedtls_ssl_read() to erase unused application data from memory. Reported in #689 by - Johan Uppman Bruce of Sectra. \ No newline at end of file + Johan Uppman Bruce of Sectra.