From 13f41e1c20a4a2ed81af332a4be32bd8265fc073 Mon Sep 17 00:00:00 2001
From: Andres Amaya Garcia <andres.amayagarcia@arm.com>
Date: Mon, 26 Jun 2017 10:56:58 +0100
Subject: [PATCH] Zeroize tmp bufs in ctr_drbg.c functions

---
 library/ctr_drbg.c | 28 +++++++++++++---------------
 1 file changed, 13 insertions(+), 15 deletions(-)

diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c
index 55612c7fc..7828c4e37 100644
--- a/library/ctr_drbg.c
+++ b/library/ctr_drbg.c
@@ -430,12 +430,11 @@ int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char
         goto exit;
 
     if( fwrite( buf, 1, MBEDTLS_CTR_DRBG_MAX_INPUT, f ) != MBEDTLS_CTR_DRBG_MAX_INPUT )
-    {
         ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR;
-        goto exit;
-    }
+    else
+        ret = 0;
 
-    ret = 0;
+    mbedtls_zeroize( buf, sizeof( buf ) );
 
 exit:
     fclose( f );
@@ -444,6 +443,7 @@ exit:
 
 int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path )
 {
+    int ret = 0;
     FILE *f;
     size_t n;
     unsigned char buf[ MBEDTLS_CTR_DRBG_MAX_INPUT ];
@@ -456,20 +456,18 @@ int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char
     fseek( f, 0, SEEK_SET );
 
     if( n > MBEDTLS_CTR_DRBG_MAX_INPUT )
-    {
-        fclose( f );
-        return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
-    }
-
-    if( fread( buf, 1, n, f ) != n )
-    {
-        fclose( f );
-        return( MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR );
-    }
+        ret = MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG;
+    else if( fread( buf, 1, n, f ) != n )
+        ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR;
+    else
+        mbedtls_ctr_drbg_update( ctx, buf, n );
 
     fclose( f );
 
-    mbedtls_ctr_drbg_update( ctx, buf, n );
+    mbedtls_zeroize( buf, sizeof( buf ) );
+
+    if( ret != 0 )
+        return( ret );
 
     return( mbedtls_ctr_drbg_write_seed_file( ctx, path ) );
 }