commit: 86e6d395d931f532b18fccdeb65c300b22fbce8a
parent 79d69ce72a4a922d1be8f3aae36d5fff3089fd1c
Author: Mark Felder <feld@feld.me>
Date: Wed, 14 Feb 2024 17:54:56 -0500
Fix atom leak in password digest functionality
The value here gets passesd to :crypto.pbkdf2_hmac and it expects one of these atoms: :sha | :sha224 | :sha256 | :sha384 | :sha512 so it will always exist
Diffstat:
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/pleroma/password/pbkdf2.ex b/lib/pleroma/password/pbkdf2.ex
@@ -28,7 +28,7 @@ defmodule Pleroma.Password.Pbkdf2 do
iterations = String.to_integer(iterations)
- digest = String.to_atom(digest)
+ digest = String.to_existing_atom(digest)
binary_hash =
KeyGenerator.generate(password, salt, digest: digest, iterations: iterations, length: 64)