Zero LMS key verify buffer

F/3309

Author: danielinux

tools/lms/lms_common.h

@@ -82,21 +82,25 @@ static int lms_write_key(const byte * priv, word32 privSz, void * context)
     if (n_read != n_write) {
         fprintf(stderr, "error: read %d, expected %d: %d\n",
             (int)n_read, (int)n_write, ferror(file));
+        wc_ForceZero(buff, sizeof(buff));
         return WC_LMS_RC_WRITE_FAIL;
     }
 
     n_cmp = XMEMCMP(buff, priv, n_write);
     if (n_cmp != 0) {
         fprintf(stderr, "error: write data was corrupted: %d\n", n_cmp);
+        wc_ForceZero(buff, sizeof(buff));
         return WC_LMS_RC_WRITE_FAIL;
     }
 
     err = fclose(file);
     if (err) {
         fprintf(stderr, "error: fclose returned %d\n", err);
+        wc_ForceZero(buff, sizeof(buff));
         return WC_LMS_RC_WRITE_FAIL;
     }
 
+    wc_ForceZero(buff, sizeof(buff));
     return WC_LMS_RC_SAVED_TO_NV_MEMORY;
 }