From 7e110bb6139d0fe4dd0683f0a72395dcd44a29db Mon Sep 17 00:00:00 2001 From: Toddr Bot Date: Sun, 22 Mar 2026 04:53:25 +0000 Subject: [PATCH] fix: remove static buffer in get_message_digest() for thread safety MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit get_message_digest() used a static unsigned char buffer shared across all calls, making it unsafe under Perl ithreads — concurrent sign()/verify() calls would corrupt each other's digest. Replace with caller-provided stack buffer (EVP_MAX_MD_SIZE = 64 bytes). Co-Authored-By: Claude Opus 4.6 --- RSA.xs | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/RSA.xs b/RSA.xs index ed71755..de895d9 100644 --- a/RSA.xs +++ b/RSA.xs @@ -214,14 +214,11 @@ EVP_MD *get_md_bynid(int hash_method) } } #endif -unsigned char* get_message_digest(SV* text_SV, int hash_method) +unsigned char* get_message_digest(SV* text_SV, int hash_method, unsigned char* md) { STRLEN text_length; unsigned char* text; - unsigned char *md; - static unsigned char m[EVP_MAX_MD_SIZE]; text = (unsigned char*) SvPV(text_SV, text_length); - md = m; switch(hash_method) { @@ -1115,7 +1112,8 @@ sign(p_rsa, text_SV) croak("Public keys cannot sign messages"); } - CHECK_OPEN_SSL(digest = get_message_digest(text_SV, p_rsa->hashMode)); + unsigned char digest_buf[EVP_MAX_MD_SIZE]; + CHECK_OPEN_SSL(digest = get_message_digest(text_SV, p_rsa->hashMode, digest_buf)); #if OPENSSL_VERSION_NUMBER >= 0x30000000L ctx = EVP_PKEY_CTX_new(p_rsa->rsa, NULL /* no engine */); THROW(ctx); @@ -1193,7 +1191,8 @@ PPCODE: croak("Signature longer than key"); } - CHECK_OPEN_SSL(digest = get_message_digest(text_SV, p_rsa->hashMode)); + unsigned char digest_buf[EVP_MAX_MD_SIZE]; + CHECK_OPEN_SSL(digest = get_message_digest(text_SV, p_rsa->hashMode, digest_buf)); #if OPENSSL_VERSION_NUMBER >= 0x30000000L ctx = EVP_PKEY_CTX_new(p_rsa->rsa, NULL /* no engine */); THROW(ctx);