diff options
Diffstat (limited to 'openpgp/src/crypto/mem.rs')
-rw-r--r-- | openpgp/src/crypto/mem.rs | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/openpgp/src/crypto/mem.rs b/openpgp/src/crypto/mem.rs index 972e9a70..f8a963f0 100644 --- a/openpgp/src/crypto/mem.rs +++ b/openpgp/src/crypto/mem.rs @@ -339,9 +339,14 @@ mod has_access_to_prekey { Self::sealing_key(&self.salt), Box::new(ciphertext)) .expect("Mandatory algorithm unsupported"); - io::copy(&mut decryptor, &mut plaintext) - .expect("Encrypted memory modified or corrupted"); + + // Be careful not to leak partially decrypted plain text. + let r = io::copy(&mut decryptor, &mut plaintext); let plaintext: Protected = plaintext.into(); + if r.is_err() { + drop(plaintext); // Securely erase partial plaintext. + panic!("Encrypted memory modified or corrupted"); + } fun(&plaintext) } } |