mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 19:00:49 +02:00
Zeroize EC DER buffer in PEM write error path
F-2141 The error path in wolfSSL_PEM_write_mem_ECPrivateKey freed the EC private key DER staging buffer without ForceZero. Zeroize before free.
This commit is contained in:
@@ -4095,6 +4095,7 @@ int wolfSSL_PEM_write_mem_ECPrivateKey(WOLFSSL_EC_KEY* ec,
|
||||
derSz = wc_EccKeyToDer((ecc_key*)ec->internal, derBuf, der_max_len);
|
||||
if (derSz < 0) {
|
||||
WOLFSSL_MSG("wc_EccKeyToDer failed");
|
||||
ForceZero(derBuf, der_max_len);
|
||||
XFREE(derBuf, NULL, DYNAMIC_TYPE_DER);
|
||||
ret = 0;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user