summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorSébastien Helleu <flashcode@flashtux.org>2021-06-23 20:46:53 +0200
committerSébastien Helleu <flashcode@flashtux.org>2021-06-23 20:46:53 +0200
commitb3b4ef648b0a858c4183dba28071b2c84ef31a7c (patch)
tree18a124a7b464e19e4db49fefe2c17f00a5d0f313 /src
parent60b9e36ae28a8e6dd1c4922a420f7fcfd8840804 (diff)
downloadweechat-b3b4ef648b0a858c4183dba28071b2c84ef31a7c.zip
core: fix use of uninitialized hash when call to weecrypto_hmac fails
Diffstat (limited to 'src')
-rw-r--r--src/core/wee-crypto.c12
1 files changed, 7 insertions, 5 deletions
diff --git a/src/core/wee-crypto.c b/src/core/wee-crypto.c
index 119230996..aa13b71a4 100644
--- a/src/core/wee-crypto.c
+++ b/src/core/wee-crypto.c
@@ -318,7 +318,7 @@ weecrypto_totp_generate_internal (const char *secret, int length_secret,
{
uint64_t moving_factor_swapped;
char hash[20];
- int offset, length;
+ int rc, offset, length;
unsigned long bin_code;
moving_factor_swapped = (moving_factor >> 56)
@@ -330,10 +330,12 @@ weecrypto_totp_generate_internal (const char *secret, int length_secret,
| ((moving_factor >> 40) & 0x000000000000FF00)
| (moving_factor << 56);
- weecrypto_hmac (secret, length_secret,
- &moving_factor_swapped, sizeof (moving_factor_swapped),
- GCRY_MD_SHA1,
- hash, NULL);
+ rc = weecrypto_hmac (secret, length_secret,
+ &moving_factor_swapped, sizeof (moving_factor_swapped),
+ GCRY_MD_SHA1,
+ hash, NULL);
+ if (!rc)
+ return 0;
offset = hash[19] & 0xf;
bin_code = (hash[offset] & 0x7f) << 24