rust-openssl: MdCtxRef::digest_final() writes past caller buffer with no length check