crypto/ecdsa: GenerateKey infinite loop/reader EOF with all zero reader #58454
Labels
NeedsInvestigation
Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
What version of Go are you using (
go version
)?Does this issue reproduce with the latest release?
Yes
What operating system and processor architecture are you using (
go env
)?go env
OutputWhat did you do?
Ran tests on a package after upgrading to Go 1.20. It had a test passing a reader with all zero bytes to GenerateKey. I've distilled it down to two examples in the Go playground:
What did you expect to see?
In 1.19, the call succeeded. The new code in 1.20 has tests to reject this, so perhaps an appropriate error after a certain number of loops/bytes read? This is a highly unlikely scenario, but figured it was probably worth at least reporting.
What did you see instead?
With a limited reader, I receive "unexpected EOF", since it hits the end of the reader. With a reader that keeps returning data, an infinite loop happens.
The text was updated successfully, but these errors were encountered: