Off-by-one error. Didn't do the 1 byte update. | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		tinglymintyfrsh on Oct 20, 2022 \| parent \| context \| favorite \| on: SHA-3 Buffer Overflow Off-by-one error. Didn't do the 1 byte update.

tptacek on Oct 20, 2022 [–]

See downthread, but I don't think it matters. I didn't look at the code before writing the test case; the code here is just the SHA3 transform, not the buffer management code around it, which AFAIK is just Go code. I don't see an opportunity for the overflow here?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact