From 8a996d2a5530def2307548546cbc27db610c964d Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Thu, 25 May 2017 15:18:22 +0100 Subject: [PATCH] Document that HMAC() with a NULL md is not thread safe Fixes #3541 Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/3555) --- doc/crypto/hmac.pod | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/doc/crypto/hmac.pod b/doc/crypto/hmac.pod index 2c8f20a201..ca9798af62 100644 --- a/doc/crypto/hmac.pod +++ b/doc/crypto/hmac.pod @@ -38,7 +38,8 @@ B bytes long. It places the result in B (which must have space for the output of the hash function, which is no more than B bytes). If B is NULL, the digest is placed in a static array. The size of -the output is placed in B, unless it is B. +the output is placed in B, unless it is B. Note: passing a NULL +value for B to use the static array is not thread safe. B can be EVP_sha1(), EVP_ripemd160() etc. -- 2.25.1