From 3982040232bfa983439d28edb831291a8121f4d0 Mon Sep 17 00:00:00 2001 From: Raef Coles Date: Fri, 23 Sep 2022 09:12:54 +0100 Subject: [PATCH] Fix LMS zeroization using wrong sizeof type Causing a buffer write out of bounds Signed-off-by: Raef Coles --- library/lms.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/lms.c b/library/lms.c index 7ec2b103fa..653530c75d 100644 --- a/library/lms.c +++ b/library/lms.c @@ -525,7 +525,7 @@ void mbedtls_lms_free_private( mbedtls_lms_private_t *ctx ) mbedtls_free( ctx->ots_public_keys ); } - mbedtls_platform_zeroize( ctx, sizeof( mbedtls_lms_public_t ) ); + mbedtls_platform_zeroize( ctx, sizeof( mbedtls_lms_private_t ) ); }