Overview

File 9381-inet_dns_tsig-Reject-client-MAC-size-choice-that-is-.patch of Package erlang

From 6d830cae12aad9b3ac717b3457c331c60ddd4087 Mon Sep 17 00:00:00 2001
From: Alexander Clouter <alex@digriz.org.uk>
Date: Wed, 4 Mar 2026 16:11:42 +0000
Subject: [PATCH 1/3] inet_dns_tsig: Reject client MAC size choice that is
 larger than alg output

---
 lib/kernel/src/inet_dns_tsig.erl | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/kernel/src/inet_dns_tsig.erl b/lib/kernel/src/inet_dns_tsig.erl
index 88fdad2b2a..e87f77fd2e 100644
--- a/lib/kernel/src/inet_dns_tsig.erl
+++ b/lib/kernel/src/inet_dns_tsig.erl
@@ -84,7 +84,9 @@ init(Config) ->
                     andalso
                    S >= ?MAC_SIZE_MIN
                     andalso
-                   S >= maps:get(size, crypto:hash_info(A)) div 2,
+                   S >= maps:get(size, crypto:hash_info(A)) div 2
+                    andalso
+                   S =< maps:get(size, crypto:hash_info(A)),
             {A,S};
         A when is_atom(A) ->
             true = lists:member(A, ?ALGS_SUPPORTED),
-- 
2.51.0
openSUSE Build Service is sponsored by
Places