8 роки тому · b9392360e4
--- a/src/borg/_hashindex.c
+++ b/src/borg/_hashindex.c
@@ -280,7 +280,7 @@ hashindex_read(PyObject *file_py, int permit_compact)
 
				 {
			
 
				     Py_ssize_t length, buckets_length, bytes_read;
			
 
				     Py_buffer header_buffer;
			
 
				-    PyObject *header_bytes, *length_object, *bucket_bytes;
			
 
				+    PyObject *header_bytes, *length_object, *bucket_bytes, *tmp;
			
 
				     HashHeader *header;
			
 
				     HashIndex *index = NULL;
			
 
				 
			
@@ -307,7 +307,8 @@ hashindex_read(PyObject *file_py, int permit_compact)
 
				      * Hash the header
			
 
				      * If the header is corrupted this bails before doing something stupid (like allocating 3.8 TB of memory)
			
 
				      */
			
 
				-    Py_XDECREF(PyObject_CallMethod(file_py, "hash_part", "s", "HashHeader"));
			
 
				+    tmp = PyObject_CallMethod(file_py, "hash_part", "s", "HashHeader");
			
 
				+    Py_XDECREF(tmp);
			
 
				     if(PyErr_Occurred()) {
			
 
				         if(PyErr_ExceptionMatches(PyExc_AttributeError)) {
			
 
				             /* Be able to work with regular file objects which do not have a hash_part method. */
			
@@ -329,7 +330,8 @@ hashindex_read(PyObject *file_py, int permit_compact)
 
				         goto fail_decref_header;
			
 
				     }
			
 
				 
			
 
				-    Py_XDECREF(PyObject_CallMethod(file_py, "seek", "ni", (Py_ssize_t)sizeof(HashHeader), SEEK_SET));
			
 
				+    tmp = PyObject_CallMethod(file_py, "seek", "ni", (Py_ssize_t)sizeof(HashHeader), SEEK_SET);
			
 
				+    Py_XDECREF(tmp);
			
 
				     if(PyErr_Occurred()) {
			
 
				         goto fail_decref_header;
			
 
				     }
			
@@ -479,7 +481,7 @@ hashindex_free(HashIndex *index)
 
				 static void
			
 
				 hashindex_write(HashIndex *index, PyObject *file_py)
			
 
				 {
			
 
				-    PyObject *length_object, *buckets_view;
			
 
				+    PyObject *length_object, *buckets_view, *tmp;
			
 
				     Py_ssize_t length;
			
 
				     Py_ssize_t buckets_length = (Py_ssize_t)index->num_buckets * index->bucket_size;
			
 
				     HashHeader header = {
			
@@ -507,7 +509,8 @@ hashindex_write(HashIndex *index, PyObject *file_py)
 
				     /*
			
 
				      * Hash the header
			
 
				      */
			
 
				-    Py_XDECREF(PyObject_CallMethod(file_py, "hash_part", "s", "HashHeader"));
			
 
				+    tmp = PyObject_CallMethod(file_py, "hash_part", "s", "HashHeader");
			
 
				+    Py_XDECREF(tmp);
			
 
				     if(PyErr_Occurred()) {
			
 
				         if(PyErr_ExceptionMatches(PyExc_AttributeError)) {
			
 
				             /* Be able to work with regular file objects which do not have a hash_part method. */
			
--- a/src/borg/crypto/low_level.pyx
+++ b/src/borg/crypto/low_level.pyx
@@ -6,6 +6,7 @@ from math import ceil
 
				 
			
 
				 from libc.stdlib cimport malloc, free
			
 
				 from cpython.buffer cimport PyBUF_SIMPLE, PyObject_GetBuffer, PyBuffer_Release
			
 
				+from cpython.bytes cimport PyBytes_FromStringAndSize
			
 
				 
			
 
				 API_VERSION = '1.1_01'
			
 
				 
			
@@ -201,19 +202,18 @@ cdef class AES:
 
				 
			
 
				 
			
 
				 def hmac_sha256(key, data):
			
 
				-    md = bytes(32)
			
 
				     cdef Py_buffer data_buf = ro_buffer(data)
			
 
				     cdef const unsigned char *key_ptr = key
			
 
				     cdef int key_len = len(key)
			
 
				-    cdef unsigned char *md_ptr = md
			
 
				+    cdef unsigned char md[32]
			
 
				     try:
			
 
				         with nogil:
			
 
				-            rc = HMAC(EVP_sha256(), key_ptr, key_len, <const unsigned char*> data_buf.buf, data_buf.len, md_ptr, NULL)
			
 
				-        if rc != md_ptr:
			
 
				+            rc = HMAC(EVP_sha256(), key_ptr, key_len, <const unsigned char*> data_buf.buf, data_buf.len, md, NULL)
			
 
				+        if rc != md:
			
 
				             raise Exception('HMAC(EVP_sha256) failed')
			
 
				     finally:
			
 
				         PyBuffer_Release(&data_buf)
			
 
				-    return md
			
 
				+    return PyBytes_FromStringAndSize(<char*> &md[0], 32)
			
 
				 
			
 
				 
			
 
				 cdef blake2b_update_from_buffer(blake2b_state *state, obj):
			
@@ -232,8 +232,7 @@ def blake2b_256(key, data):
 
				     if blake2b_init(&state, 32) == -1:
			
 
				         raise Exception('blake2b_init() failed')
			
 
				 
			
 
				-    md = bytes(32)
			
 
				-    cdef unsigned char *md_ptr = md
			
 
				+    cdef unsigned char md[32]
			
 
				     cdef unsigned char *key_ptr = key
			
 
				 
			
 
				     # This is secure, because BLAKE2 is not vulnerable to length-extension attacks (unlike SHA-1/2, MD-5 and others).
			
@@ -246,11 +245,11 @@ def blake2b_256(key, data):
 
				         raise Exception('blake2b_update() failed')
			
 
				     blake2b_update_from_buffer(&state, data)
			
 
				 
			
 
				-    rc = blake2b_final(&state, md_ptr, 32)
			
 
				+    rc = blake2b_final(&state, &md[0], 32)
			
 
				     if rc == -1:
			
 
				         raise Exception('blake2b_final() failed')
			
 
				 
			
 
				-    return md
			
 
				+    return PyBytes_FromStringAndSize(<char*> &md[0], 32)
			
 
				 
			
 
				 
			
 
				 def hkdf_hmac_sha512(ikm, salt, info, output_length):