fix possible security leak for counter Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>

commit: 745db226dbb3c020e8c76aa3bf2a28d69ded8a7a [log] [tgz]
author: Jerry Yu <jerry.h.yu@arm.com> Thu Dec 02 16:31:19 2021 +0800
committer: Jerry Yu <jerry.h.yu@arm.com> Fri Dec 10 10:33:27 2021 +0800
tree: a9b4e6b1bbc57df6957286945c147b7b7e7e2292
parent: 1dc3c4553d9b370451586aae5f6f08aec4b9e0ed [diff]
diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index 286294f..4de851c 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c

@@ -5332,14 +5332,14 @@
                                         mbedtls_ssl_transform *transform )
 {
     ssl->transform_in = transform;
-    memset( ssl->in_ctr, 0, MBEDTLS_SSL_SEQUENCE_NUMBER_LEN );
+    mbedtls_platform_zeroize( ssl->in_ctr, MBEDTLS_SSL_SEQUENCE_NUMBER_LEN );
 }
 
 void mbedtls_ssl_set_outbound_transform( mbedtls_ssl_context *ssl,
                                          mbedtls_ssl_transform *transform )
 {
     ssl->transform_out = transform;
-    memset( ssl->cur_out_ctr, 0, sizeof( ssl->cur_out_ctr ) );
+    mbedtls_platform_zeroize( ssl->cur_out_ctr, sizeof( ssl->cur_out_ctr ) );
 }
 
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
commit	745db226dbb3c020e8c76aa3bf2a28d69ded8a7a	[log] [tgz]
author	Jerry Yu <jerry.h.yu@arm.com>	Thu Dec 02 16:31:19 2021 +0800
committer	Jerry Yu <jerry.h.yu@arm.com>	Fri Dec 10 10:33:27 2021 +0800
tree	a9b4e6b1bbc57df6957286945c147b7b7e7e2292
parent	1dc3c4553d9b370451586aae5f6f08aec4b9e0ed [diff]