Anon/pleroma
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix atom leak in password digest functionality

Browse Source 
The value here gets passesd to :crypto.pbkdf2_hmac and it expects one of these atoms: :sha | :sha224 | :sha256 | :sha384 | :sha512 so it will always exist
This commit is contained in:
Mark Felder 2024-02-14 17:54:56 -05:00
parent 79d69ce72a
commit 86e6d395d9
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/pleroma/password/pbkdf2.ex
View File

@ -28,7 +28,7 @@ defmodule Pleroma.Password.Pbkdf2 do
iterations = String.to_integer(iterations) iterations = String.to_integer(iterations)
digest = String.to_atom(digest) digest = String.to_existing_atom(digest)
binary_hash = binary_hash =
KeyGenerator.generate(password, salt, digest: digest, iterations: iterations, length: 64) KeyGenerator.generate(password, salt, digest: digest, iterations: iterations, length: 64)