Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
cleanse stack variable in blake2[b|s] finalization
If the output of a blake2[b|s] digest isn't a multipl of 8, then a stack buffer is used to compute the final output, which is left un-zeroed prior to return, allowing the potential leak of key data. Ensure that, if the stack variable is used, it gets cleared prior to return. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from #23173) (cherry picked from commit 8b9cf1b)
- Loading branch information