Zeroize PolicySign key buffer before free

danielinux · danielinux · commit 61731cabd993 · 2026-04-15T17:25:15.000+02:00
F/2278
diff --git a/tools/tpm/policy_sign.c b/tools/tpm/policy_sign.c
@@ -159,7 +159,10 @@ static int PolicySign(int alg, const char* keyFile, byte* hash, word32 hashSz,
         rc = BAD_FUNC_ARG;
     }
 
-    XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (buf != NULL) {
+        wc_ForceZero(buf, bufSz);
+        XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    }
     wc_FreeRng(&rng);
 
     if (rc != 0) {
