Integer Overflow Leading to Buffer Overflow in "Official" SHA-3 Implementation

Original Post:
SHA-3 Buffer Overflow
We discussed this vulnerability during Episode 162 on 25 October 2022

An integer overflow in the official SHA-3 implementation as used by PHP, Python, Ruby and I’m sure other places. When updating a block that already has some data in it, it will try to calculate if the new partial block bytes will go out of bounds, it makes the classic mistake of adding the current index and the length of new data, then just checking if it is lower than a bounding value. If the addition overflows it will be seen as within bounds and it will add the bytes leading to a buffer overflow.

This does only happen when updating and not if all the data is passed in at once so that does slightly limit the attack surface, and since its based on data length it does require sending like 4gb of data which can be a significant ask, but as something like SHA-3 may be used on files, it is definitely possible.