From 8096cafa9454ba2f8e06e581e5bf4d1d75cb4685 Mon Sep 17 00:00:00 2001 From: Darryl Green Date: Mon, 11 Feb 2019 14:03:03 +0000 Subject: [PATCH] Only zeroize buffer if the buffer length is non-zero --- library/psa_crypto.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 086403109..5bf4f9924 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1235,7 +1235,8 @@ static psa_status_t psa_copy_key_material( const psa_key_slot_t *source, status = psa_import_key( target, source->type, buffer, length ); exit: - mbedtls_platform_zeroize( buffer, buffer_size ); + if( buffer_size != 0 ) + mbedtls_platform_zeroize( buffer, buffer_size ); mbedtls_free( buffer ); return( status ); }