by justinas@justinas.me:

What does 'go version' print?
go version go1.2.2 darwin/amd64

What steps reproduce the problem?
If possible, include a link to a program on play.golang.org.

1. Compare two byte slices with ConstantTimeCompare(), where the second slice is longer
and the first slice is a prefix of the second.

http://play.golang.org/p/XH0gRhdDTu

What happened?

The function compares slices only up to the length of the first slice and thus gives a
false-positive.

What should have happened instead?

I understand that this is not the way this function is supposed to be used. However, the
behavior on this incorrect usage varies based on the order of the arguments. 

I think that panicking (due to out-of-range access), as the function does when the
*first* slice is longer, is a much better solution. Panic clearly indicates a mistake on
the programmer's part, whereas passing silently can go unnoticed for a long time and
even be exploited.

It's a simple fix to do, I think: instead of iterating up to len(x), iterate up to
max(len(x), len(y)).