From ecb95bea1da239175d73041dd542777de6742e61 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Fri, 11 Aug 2023 16:41:04 +0100 Subject: [PATCH] Fix incorrect size used for zeroization of buffer Signed-off-by: Paul Elliott --- library/ssl_tls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 6ed8a863e9..7a1f85531f 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -7722,7 +7722,7 @@ static int ssl_calc_finished_tls_generic(mbedtls_ssl_context *ssl, void *ctx, MBEDTLS_SSL_DEBUG_BUF(3, "calc finished result", buf, len); - mbedtls_platform_zeroize(padbuf, sizeof(padbuf)); + mbedtls_platform_zeroize(padbuf, hlen); MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc finished"));