Zeroize EC DER buffer in PEM write error path

F-2141

The error path in wolfSSL_PEM_write_mem_ECPrivateKey freed the EC
private key DER staging buffer without ForceZero. Zeroize before free.
This commit is contained in:
Juliusz Sosinowicz
2026-04-17 16:45:29 +02:00
parent a05dd200a9
commit dfd37f4299
+1
View File
@@ -4095,6 +4095,7 @@ int wolfSSL_PEM_write_mem_ECPrivateKey(WOLFSSL_EC_KEY* ec,
derSz = wc_EccKeyToDer((ecc_key*)ec->internal, derBuf, der_max_len);
if (derSz < 0) {
WOLFSSL_MSG("wc_EccKeyToDer failed");
ForceZero(derBuf, der_max_len);
XFREE(derBuf, NULL, DYNAMIC_TYPE_DER);
ret = 0;
}