From 0b35e1a8109b6ab0bcbf534bc1c912b1055e08d9 Mon Sep 17 00:00:00 2001
From: Kazuki Yamaguchi <k@rhe.jp>
Date: Fri, 29 May 2026 17:26:19 +0900
Subject: [PATCH] pkcs7: avoid using strcmp() with Ruby strings

We should not rely on the NUL terminator of Ruby strings. Use memcmp().
---
 ext/openssl/ossl_pkcs7.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ext/openssl/ossl_pkcs7.c b/ext/openssl/ossl_pkcs7.c
index 3cf5820c3..44e8cb305 100644
--- a/ext/openssl/ossl_pkcs7.c
+++ b/ext/openssl/ossl_pkcs7.c
@@ -453,7 +453,7 @@ ossl_pkcs7_sym2typeid(VALUE sym)
         if(i == numberof(p7_type_tab))
             ossl_raise(ePKCS7Error, "unknown type \"%"PRIsVALUE"\"", sym);
         if(strlen(p7_type_tab[i].name) != l) continue;
-        if(strcmp(p7_type_tab[i].name, s) == 0){
+        if(memcmp(p7_type_tab[i].name, s, l) == 0){
             ret = p7_type_tab[i].nid;
             break;
         }