From 2355f5b50093b40140a36a912c82ceb82e7142f4 Mon Sep 17 00:00:00 2001
From: Benjamin Berg <benjamin.berg@intel.com>
Date: Tue, 18 Mar 2025 11:19:56 +0100
Subject: [PATCH] SAE: Explicitly clear SAE(k)

The code never cleared SAE(k) and the data could remain on the stack for
a longer period of time. This caused a test failure when running with
ASAN enabled.

Explicitly clear the variable to ensure no data is leaked.

Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
---
 src/common/sae.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/common/sae.c b/src/common/sae.c
index 801f36301..8005095fc 100644
--- a/src/common/sae.c
+++ b/src/common/sae.c
@@ -1670,12 +1670,17 @@ fail:
 int sae_process_commit(struct sae_data *sae)
 {
 	u8 k[SAE_MAX_PRIME_LEN];
+	int ret = 0;
+
 	if (sae->tmp == NULL ||
 	    (sae->tmp->ec && sae_derive_k_ecc(sae, k) < 0) ||
 	    (sae->tmp->dh && sae_derive_k_ffc(sae, k) < 0) ||
 	    sae_derive_keys(sae, k) < 0)
-		return -1;
-	return 0;
+		ret = -1;
+
+	forced_memzero(k, SAE_MAX_PRIME_LEN);
+
+	return ret;
 }
 
 
-- 
2.47.2