mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-23 13:15:30 +00:00
Add missing zeroization of buffered handshake messages
This commit ensures that buffers holding fragmented or future handshake messages get zeroized before they are freed when the respective handshake message is no longer needed. Previously, the handshake message content would leak on the heap.
This commit is contained in:
parent
0592ea772a
commit
805f2e11bd
|
@ -8741,6 +8741,7 @@ static void ssl_buffering_free_slot( mbedtls_ssl_context *ssl,
|
|||
if( hs_buf->is_valid == 1 )
|
||||
{
|
||||
hs->buffering.total_bytes_buffered -= hs_buf->data_len;
|
||||
mbedtls_platform_zeroize( hs_buf->data, hs_buf->data_len );
|
||||
mbedtls_free( hs_buf->data );
|
||||
memset( hs_buf, 0, sizeof( mbedtls_ssl_hs_buffer ) );
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue