sha256.cpp buffer overrun warning
zyluo opened this issue · comments
https://github.com/stbrumme/hash-library/blob/master/sha256.cpp#L293 is reporting a buffer overrun warning.
Suggested changed in bold.
// process full blocks
while (numBytes >= BlockSize)
{
processBlock(current);
current += BlockSize;
m_numBytes += BlockSize;
numBytes -= BlockSize;
}
// keep remaining bytes in buffer
//while (numBytes > 0)
while (numBytes > 0 && m_bufferSize < BlockSize)
{
m_buffer[m_bufferSize++] = *current++;
numBytes--;
}
}
I have trouble thinking of a scenario that causes buffer overflow here. What initial values of m_BufferSize
and numBytes
will be needed to trigger overflow?
Theoretically there won't be a buffer overflow here based on context but it's just that Visual Studio is complaining that there is a possibility.