From a321413807927d6e295cec8677733bbde6aeec34 Mon Sep 17 00:00:00 2001
From: gabor-mezei-arm <gabor.mezei@arm.com>
Date: Wed, 15 Jul 2020 10:55:00 +0200
Subject: [PATCH] Zeroising of plaintext buffers to erase unused application
 data from memory

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
---
 ChangeLog.d/zeroising_of_plaintext_buffer.txt | 4 ++++
 library/ssl_msg.c                             | 4 ++++
 2 files changed, 8 insertions(+)
 create mode 100644 ChangeLog.d/zeroising_of_plaintext_buffer.txt

diff --git a/ChangeLog.d/zeroising_of_plaintext_buffer.txt b/ChangeLog.d/zeroising_of_plaintext_buffer.txt
new file mode 100644
index 000000000..d7dee29a4
--- /dev/null
+++ b/ChangeLog.d/zeroising_of_plaintext_buffer.txt
@@ -0,0 +1,4 @@
+Security
+   * Zeroising of plaintext buffers in mbedtls_ssl_read() to erase unused
+     application data from memory. Reported in #689 by
+     Johan Uppman Bruce of Sectra.
\ No newline at end of file
diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index d32afac56..be1733680 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@@ -5581,6 +5581,10 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len )
     memcpy( buf, ssl->in_offt, n );
     ssl->in_msglen -= n;
 
+    /* Zeroising the plaintext buffer to erase unused application data
+       from the memory. */
+    mbedtls_platform_zeroize( ssl->in_offt, n );
+
     if( ssl->in_msglen == 0 )
     {
         /* all bytes consumed */