ruby-changes:69439
From: Jean <ko1@a...>
Date: Tue, 26 Oct 2021 01:51:23 +0900 (JST)
Subject: [ruby-changes:69439] 557fa38915 (master): [rubygems/rubygems] Fix Bundler::Digest#sha1 on big-endian systems
https://git.ruby-lang.org/ruby.git/commit/?id=557fa38915 From 557fa389155810f38f111c00a649c313a639dbb5 Mon Sep 17 00:00:00 2001 From: Jean Boussier <jean.boussier@g...> Date: Mon, 25 Oct 2021 17:02:42 +0200 Subject: [rubygems/rubygems] Fix Bundler::Digest#sha1 on big-endian systems As noticed by @nobu https://github.com/rubygems/rubygems/pull/4989#discussion_r735674633 From wikipedia: https://en.wikipedia.org/wiki/SHA-1#SHA-1_pseudocode > append ml, the original message length in bits, as a 64-bit big-endian integer. `Q` is native endian, so little-endian on most modern hardware. The original code from RubyDigest reverses the bytes: https://github.com/Solistra/ruby-digest/blob/d15f906caf09171f897efc74645c9e31373d7fd1/lib/ruby_digest.rb#L521 But that makes the code non-portable, the correct way is to directly ask for a big-endian representation. https://github.com/rubygems/rubygems/commit/ba2be01ea4 --- lib/bundler/digest.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/bundler/digest.rb b/lib/bundler/digest.rb index d560b82439a..759f6094165 100644 --- a/lib/bundler/digest.rb +++ b/lib/bundler/digest.rb @@ -59,7 +59,7 @@ module Bundler https://github.com/ruby/ruby/blob/trunk/lib/bundler/digest.rb#L59 size = string.bytesize * 8 buffer = string.bytes << 128 buffer << 0 while buffer.size % 64 != 56 - [size].pack("Q").bytes.reverse_each {|b| buffer << b } + buffer.concat([size].pack("Q>").bytes) buffer.each_slice(64, &block) end -- cgit v1.2.1 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/