From a70a54031d521984b1aa5747a7aedabfd5900e1d Mon Sep 17 00:00:00 2001
From: kozyilmaz <kazim@monolytic.com>
Date: Mon, 15 Jun 2026 11:46:38 +0300
Subject: [PATCH] Drop the ecdsa_preprocessing_data destructor (UB + heap leak)

It cleansed sizeof(struct) from k.data (== this), zeroing the vector/map control blocks before their destructors ran -- UB, leaking the buffers. The scalars already self-wipe and the containers are public, so it's unneeded.

Signed-off-by: kozyilmaz <kazim@monolytic.com>
---
 include/cosigner/cmp_ecdsa_signing_service.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/cosigner/cmp_ecdsa_signing_service.h b/include/cosigner/cmp_ecdsa_signing_service.h
index 3f7b978..9aa39d7 100644
--- a/include/cosigner/cmp_ecdsa_signing_service.h
+++ b/include/cosigner/cmp_ecdsa_signing_service.h
@@ -82,7 +82,7 @@ struct ecdsa_preprocessing_data
     byte_vector_t mta_request;
     std::map<uint64_t, byte_vector_t> G_proofs;
     std::map<uint64_t, ecdsa_signing_public_data> public_data;
-    ~ecdsa_preprocessing_data() {OPENSSL_cleanse(k.data, sizeof(ecdsa_preprocessing_data));}
+    // No destructor: scalar members self-wipe; a whole-struct cleanse here is UB + leak.
 };
 
 // this class holds the common functionality for cmp_ecdsa_online_signing_service and cmp_ecdsa_offline_signing_service