From 8a2de0b97ac0a915333727d62db17bd04a2966a8 Mon Sep 17 00:00:00 2001
From: Taylor R Campbell <campbell@mumble.net>
Date: Fri, 11 Jan 2019 09:37:48 +0000
Subject: [PATCH] Refuse to let the MD5 primitives run unless self-test passes.

---
 src/microcode/prmd5.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/src/microcode/prmd5.c b/src/microcode/prmd5.c
index 7ab5c3b69..c1aad8e02 100644
--- a/src/microcode/prmd5.c
+++ b/src/microcode/prmd5.c
@@ -31,6 +31,17 @@ USA.
 
 #include "md5.h"
 
+static void
+do_md5_selftest (void)
+{
+  static bool passed = false;
+  if (passed)
+    return;
+  if ((md5_selftest ()) != 0)
+    error_external_return ();
+  passed = true;
+}
+
 DEFINE_PRIMITIVE ("MD5", Prim_md5, 1, 1,
   "(BYTEVECTOR)\n\
 Generate an MD5 digest of bytevector.\n\
@@ -38,6 +49,7 @@ The digest is returned as a 16-byte bytevector.")
 {
   PRIMITIVE_HEADER (1);
   CHECK_ARG (1, BYTEVECTOR_P);
+  do_md5_selftest ();
   {
     SCHEME_OBJECT bytevector = (ARG_REF (1));
     SCHEME_OBJECT result = (allocate_bytevector (16));
@@ -56,6 +68,7 @@ DEFINE_PRIMITIVE ("MD5-INIT", Prim_md5_init, 0, 0,
 Create and return an MD5 digest context.")
 {
   PRIMITIVE_HEADER (0);
+  do_md5_selftest ();
   {
     SCHEME_OBJECT context = (allocate_bytevector (sizeof (struct md5)));
     md5_init ((struct md5 *) (BYTEVECTOR_POINTER (context)));
@@ -69,6 +82,7 @@ md5_context_arg (int arg)
   CHECK_ARG (arg, BYTEVECTOR_P);
   if ((BYTEVECTOR_LENGTH (ARG_REF (arg))) != (sizeof (struct md5)))
     error_bad_range_arg (arg);
+  do_md5_selftest ();
   return ((struct md5 *) (BYTEVECTOR_POINTER (ARG_REF (arg))));
 }
 
-- 
2.25.1