ruby-changes:70377
From: Kazuki <ko1@a...>
Date: Tue, 21 Dec 2021 00:11:49 +0900 (JST)
Subject: [ruby-changes:70377] c1a7c6df18 (master): [ruby/openssl] hmac: fix wrong usage of EVP_DigestSignFinal()
https://git.ruby-lang.org/ruby.git/commit/?id=c1a7c6df18 From c1a7c6df18f6d6eb0c701443b1231ea2c0baf6ea Mon Sep 17 00:00:00 2001 From: Kazuki Yamaguchi <k@r...> Date: Sat, 11 Dec 2021 16:27:42 +0900 Subject: [ruby/openssl] hmac: fix wrong usage of EVP_DigestSignFinal() According to the manpage, the "siglen" parameter must be initialized beforehand. https://github.com/ruby/openssl/commit/6a60c7b2e7 --- ext/openssl/ossl_hmac.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ext/openssl/ossl_hmac.c b/ext/openssl/ossl_hmac.c index f89ff2f9a16..bfe3a74b126 100644 --- a/ext/openssl/ossl_hmac.c +++ b/ext/openssl/ossl_hmac.c @@ -175,7 +175,7 @@ static VALUE https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_hmac.c#L175 ossl_hmac_digest(VALUE self) { EVP_MD_CTX *ctx; - size_t buf_len; + size_t buf_len = EVP_MAX_MD_SIZE; VALUE ret; GetHMAC(self, ctx); @@ -200,7 +200,7 @@ ossl_hmac_hexdigest(VALUE self) https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_hmac.c#L200 { EVP_MD_CTX *ctx; unsigned char buf[EVP_MAX_MD_SIZE]; - size_t buf_len; + size_t buf_len = EVP_MAX_MD_SIZE; VALUE ret; GetHMAC(self, ctx); -- cgit v1.2.1 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/