DMTF · jyao1 · Dec 10, 2025 · Nov 6, 2025
@@ -453,6 +453,7 @@ libspdm_return_t libspdm_handle_error_large_response(
             *inout_response_size = large_response_size;
 
             LIBSPDM_INTERNAL_DUMP_HEX(large_response, large_response_size);
+            libspdm_zero_mem(large_response, large_response_size);
         }
     }
 

@@ -95,6 +95,10 @@ libspdm_return_t libspdm_send_request(void *spdm_context, const uint32_t *sessio
     status = context->transport_encode_message(
         context, session_id, is_app_message, true, request_size,
         request, &message_size, (void **)&message);
+    if (session_id != NULL) {
+        /* clean up secure message which was copied to scratch buffer */
+        libspdm_zero_mem(request, request_size);
+    }
     if (LIBSPDM_STATUS_IS_ERROR(status)) {
         LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "transport_encode_message status - %xu\n", status));
         if ((session_id != NULL) &&
@@ -597,6 +601,7 @@ libspdm_return_t libspdm_handle_large_request(
              && send_info->chunk_bytes_transferred < send_info->large_message_size);
 
     if (LIBSPDM_STATUS_IS_ERROR(status)) {
+        libspdm_zero_mem(send_info->large_message, send_info->large_message_capacity);
         send_info->chunk_in_use = false;
         send_info->chunk_handle++; /* Implicit wrap-around*/
         send_info->chunk_seq_no = 0;
@@ -755,6 +760,7 @@ libspdm_return_t libspdm_receive_spdm_response(libspdm_context_t *spdm_context,
 
         /* This response may either be an actual response or ERROR_LARGE_RESPONSE,
          * the latter which should be handled in the large response handler. */
+        libspdm_zero_mem(send_info->large_message, send_info->large_message_capacity);
         send_info->chunk_in_use = false;
         send_info->chunk_handle++; /* Implicit wrap-around*/
         send_info->chunk_seq_no = 0;

@@ -167,6 +167,7 @@ libspdm_return_t libspdm_try_vendor_send_request_receive_response(
         libspdm_release_sender_buffer (spdm_context);
         return LIBSPDM_STATUS_SEND_FAIL;
     }
+    libspdm_zero_mem(message, message_size);
     libspdm_release_sender_buffer (spdm_context);
     spdm_request = (void *)spdm_context->last_spdm_request;
 
@@ -296,6 +297,14 @@ libspdm_return_t libspdm_try_vendor_send_request_receive_response(
 
     status = LIBSPDM_STATUS_SUCCESS;
 done:
+    libspdm_zero_mem(spdm_context->last_spdm_request,
+                     libspdm_get_scratch_buffer_last_spdm_request_capacity(spdm_context));
+    spdm_context->last_spdm_request_size = 0;
+    /*
+     * reciver buffer "message" contains crypted message
+     * "spdm_response" contains the plain-text VDM message
+     */
+    libspdm_zero_mem(spdm_response, spdm_response_size);
     libspdm_release_receiver_buffer (spdm_context); /* this will free up response-message, need to find workaround */
     return status;
 }

@@ -208,6 +208,7 @@ libspdm_return_t libspdm_get_response_chunk_get(
 
     LIBSPDM_ASSERT(get_info->chunk_bytes_transferred <= get_info->large_message_size);
     if (get_info->chunk_bytes_transferred == get_info->large_message_size) {
+        libspdm_zero_mem(get_info->large_message, get_info->large_message_capacity);
         get_info->chunk_in_use = false;
         get_info->chunk_handle++; /* implicit wrap - around to 0. */
         get_info->chunk_seq_no = 0;

@@ -291,6 +291,7 @@ libspdm_return_t libspdm_process_request(void *spdm_context, uint32_t **session_
                       libspdm_get_scratch_buffer_last_spdm_request_capacity(context),
                       decoded_message_ptr,
                       decoded_message_size);
+    libspdm_zero_mem (decoded_message_ptr, decoded_message_size);
 
     if (!(*is_app_message)) {
         /* Check for minimal SPDM message size. */
@@ -745,15 +746,16 @@ libspdm_return_t libspdm_build_response(void *spdm_context, const uint32_t *sess
      * return UNSUPPORTED and clear response_size to continue the dispatch without send response.*/
     if ((my_response_size == 0) && (status == LIBSPDM_STATUS_UNSUPPORTED_CAP)) {
         *response_size = 0;
-        return LIBSPDM_STATUS_UNSUPPORTED_CAP;
+        status = LIBSPDM_STATUS_UNSUPPORTED_CAP;
+        goto done;
     }
 
     if (LIBSPDM_STATUS_IS_ERROR(status)) {
         status = libspdm_generate_error_response(
             context, SPDM_ERROR_CODE_UNSUPPORTED_REQUEST,
             spdm_request->request_response_code, &my_response_size, my_response);
         if (LIBSPDM_STATUS_IS_ERROR(status)) {
-            return status;
+            goto done;
         }
     }
 
@@ -774,7 +776,7 @@ libspdm_return_t libspdm_build_response(void *spdm_context, const uint32_t *sess
             libspdm_free_session_id(context, *session_id);
         }
         LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "transport_encode_message : %xu\n", status));
-        return status;
+        goto done;
     }
 
     request_response_code = spdm_response->request_response_code;
@@ -864,7 +866,17 @@ libspdm_return_t libspdm_build_response(void *spdm_context, const uint32_t *sess
         }
     }
 
-    return LIBSPDM_STATUS_SUCCESS;
+    status = LIBSPDM_STATUS_SUCCESS;
+done:
+    if (session_id != NULL) {
+        /* clean plain text in stratch buffer */
+        libspdm_zero_mem (my_response, my_response_size);
+    }
+    libspdm_zero_mem (context->last_spdm_request,
+                        libspdm_get_scratch_buffer_last_spdm_request_capacity(context));
+    context->last_spdm_request_size = 0;
+    context->last_spdm_request_session_id_valid = false;
+    return status;
 }
 
 void libspdm_register_get_response_func(void *context, libspdm_get_response_func get_response_func)

@@ -1,6 +1,6 @@
 /**
  *  Copyright Notice:
- *  Copyright 2021-2022 DMTF. All rights reserved.
+ *  Copyright 2021-2025 DMTF. All rights reserved.
  *  License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
  **/
 
@@ -69,6 +69,9 @@ libspdm_return_t libspdm_get_response_respond_if_ready(libspdm_context_t *spdm_c
                                spdm_context->cache_spdm_request,
                                response_size, response);
 
+    libspdm_zero_mem(spdm_context->cache_spdm_request, spdm_context->cache_spdm_request_size);
+    spdm_context->cache_spdm_request_size = 0;
+
     return status;
 }
-Original file line number
+Diff line change
@@ Expand Up / @@ -453,6 +453,7 @@ libspdm_return_t libspdm_handle_error_large_response( @@
                 *inout_response_size = large_response_size;
                 LIBSPDM_INTERNAL_DUMP_HEX(large_response, large_response_size);
+                libspdm_zero_mem(large_response, large_response_size);
             }
         }
@@ Expand Down @@