cf4d9f98c7
* Security: we're improving a countermeasure. * Requirement change: the library will no longer compile on a platform without setbuf(). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
11 lines
551 B
Plaintext
11 lines
551 B
Plaintext
Security
|
|
* Add the platform function mbedtls_setbuf() to allow buffering to be
|
|
disabled on stdio files, to stop secrets loaded from said files being
|
|
potentially left in memory after file operations. Reported by
|
|
Glenn Strauss.
|
|
Requirement changes
|
|
* The library will no longer compile out of the box on a platform without
|
|
setbuf() if MBEDTLS_FS_IO is enabled. If your platform does not have
|
|
setbuf(), you can configure an alternative function by enabling
|
|
MBEDTLS_PLATFORM_SETBUF_ALT or MBEDTLS_PLATFORM_SETBUF_MACRO.
|