From 9b3051fb1060e3d783bf9f900295eace740b1c66 Mon Sep 17 00:00:00 2001 From: Minos Galanakis Date: Mon, 2 Jun 2025 14:36:25 +0100 Subject: [PATCH] Built-in lms driver: always zeroize output-buffer in create_merkle_leaf_value Signed-off-by: Minos Galanakis --- library/lms.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/library/lms.c b/library/lms.c index 78886ab78d..11e2508954 100644 --- a/library/lms.c +++ b/library/lms.c @@ -101,6 +101,9 @@ static int create_merkle_leaf_value(const mbedtls_lms_parameters_t *params, size_t output_hash_len; unsigned char r_node_idx_bytes[4]; + /* Always zeroize the output buffer to avoid undefined behavior at an early exit */ + memset(out, 0, MBEDTLS_LMS_M_NODE_BYTES(params->type)); + op = psa_hash_operation_init(); status = psa_hash_setup(&op, PSA_ALG_SHA_256); if (status != PSA_SUCCESS) {