You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Used the sample code in https://golang.org/src/crypto/cipher/example_test.go but didn't notice that ExampleNewCBCDecrypter used mode.CryptBlocks(ciphertext, ciphertext) effectively overwriting the source array.
What did you expect to see?
The sample code should really be the most safe rather than the most performant. Something like:
// CryptBlocks can work in-place if the two arguments are the same (i.e. mode.CryptBlocks(ciphertext, ciphertext)) or can use a new array.
cleartext := make([]byte, len(ciphertext))
mode.CryptBlocks(cleartext, ciphertext)
What did you see instead?
Add a new array, plaintext, that's the same size as ciphertext and have the comment say that mode.CryptBlocks(dst, src) can use the same array for both src and dst.
The text was updated successfully, but these errors were encountered:
bradfitz
changed the title
Update sample code for crypto/cipher
crypto/cipher: example legally but confusingly uses CryptBlocks input as its output
Apr 3, 2017
I think it's perfectly fine to use input as output in the example. It's legal and it's common: you've prepared the data in a buffer and now you want to encrypt it. It's rare you want to keep the old form around too.
Please answer these questions before submitting your issue. Thanks!
What version of Go are you using (
go version
)?1.8
What operating system and processor architecture are you using (
go env
)?GOARCH="amd64"
GOBIN="/usr/local/go/bin"
GOEXE=""
GOHOSTARCH="amd64"
GOHOSTOS="darwin"
GOOS="darwin"
GOPATH="/Users/tim/go"
GORACE=""
GOROOT="/usr/local/go"
GOTOOLDIR="/usr/local/go/pkg/tool/darwin_amd64"
GCCGO="gccgo"
CC="clang"
GOGCCFLAGS="-fPIC -m64 -pthread -fno-caret-diagnostics -Qunused-arguments -fmessage-length=0 -fdebug-prefix-map=/var/folders/ny/78hxt5md5d9129ys2b43yq700000gn/T/go-build126828932=/tmp/go-build -gno-record-gcc-switches -fno-common"
CXX="clang++"
CGO_ENABLED="1"
PKG_CONFIG="pkg-config"
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
What did you do?
Used the sample code in https://golang.org/src/crypto/cipher/example_test.go but didn't notice that ExampleNewCBCDecrypter used mode.CryptBlocks(ciphertext, ciphertext) effectively overwriting the source array.
What did you expect to see?
The sample code should really be the most safe rather than the most performant. Something like:
What did you see instead?
Add a new array, plaintext, that's the same size as ciphertext and have the comment say that mode.CryptBlocks(dst, src) can use the same array for both src and dst.
The text was updated successfully, but these errors were encountered: