at ext/mri/bcrypt_pbkdf_ext.c in bc_crypt_pbkdf, xalloc happens before any sort of boundary check is performed on keylen, so if passing a big enough keylen. Feels like would be better to do the guard check that happens inside bcrypt_pbkdf inside the ext as well.
at ext/mri/bcrypt_pbkdf_ext.c in bc_crypt_pbkdf, xalloc happens before any sort of boundary check is performed on keylen, so if passing a big enough keylen. Feels like would be better to do the guard check that happens inside bcrypt_pbkdf inside the ext as well.