Missing final step after hashing update operation
Hash is incomplete or non-secure
Description
The defect occurs when, after an update operation on a message digest context, you do not perform a final step before you clean up or reinitialize the context.
When you use message digest functions, you typically initialize a message digest context and perform at least one update step to add data into the context. You then sign, verify, or retrieve the data in the context as a final step.
Risk
A missing final step might indicate that the hash is incomplete or is non-secure.
Fix
Perform a final step to sign, verify, or retrieve date from the message digest context before you clean up or reinitialize the context.
Examples
Result Information
| Group: Cryptography | 
| Language: C | C++ | 
| Default: Off | 
| Command-Line Syntax: CRYPTO_MD_NO_FINAL | 
| Impact: Medium | 
Version History
Introduced in R2020a
See Also
Find defects
        (-checkers) | No data added into
        context | Nonsecure hash
        algorithm
Topics
- Interpret Bug Finder Results in Polyspace Desktop User Interface
- Address Results in Polyspace User Interface Through Bug Fixes or Justifications
- Interpret Bug Finder Results in Polyspace Access Web Interface (Polyspace Access)
- Address Results in Polyspace Access Through Bug Fixes or Justifications (Polyspace Access)