On Mon, Apr 20, 2026 at 07:08:27AM +0800, Kevin J. McCarthy wrote: > On Sun, Apr 19, 2026 at 05:08:29PM +0200, Rene Kita wrote: > > On Sun, Apr 19, 2026 at 01:50:51PM +0800, Kevin J. McCarthy wrote: > > > For a secret longer that MD5_BLOCK_LEN, an MD5 digest is used > > > > s/that/than > > Ack. Thank you. > > > The part after the else above is: > > strfcpy((char *) secret, password, sizeof(secret)); > > > > Are we dealing here with strings or with buffers of bytes/chars? > > Alex answered, but just to concur. We are dealing with bytes for the output > of md5_buffer(). But the password parameter is a string.
So depending on secret_len, secret will either contain raw bytes or a string (Yes, I know it's only a semantic difference)? That's ugly, but then the strfcpy here is probably correct and I have to apologize for the noise.
