Skip to content
Permalink
Browse files

tag the first release of the C implementation, c-0.2.0

This release is motivated by a fix for a potential security
vulnerability. 421a21a fixes a bug
introduced in a1c4c4e. A truncated
pointer register led to a segfault on x86-64 under Clang 7 and 8.
Clang 9 happens to be unaffected, but the behavior is undefined in
general. See also:
#60 (comment)

The C implementation of BLAKE3 hasn't been formally packaged anywhere,
and most callers vendor code from master. This release tag is intended
to make the fix above more visible, to encourage callers to update their
vendored copies. We will continue to publish tags like this whenever
bugs in the C implementation are fixed, or if there are any incompatible
API changes.

Note that the issue above does not impact callers of the Rust `blake3`
crate. The affected file, `blake3_dispatch.c`, is not compiled by that
crate in any configuration. It does impact callers of the internal
`blake3_c_rust_bindings` crate, but that crate is not published on
crates.io and not intended for production use.
  • Loading branch information
oconnor663 committed Feb 13, 2020
1 parent 421a21a commit fdeb3a38eeb2867e60998b49a97cc2c583539f50
Showing with 0 additions and 0 deletions.

0 comments on commit fdeb3a3

Please sign in to comment.
You can’t perform that action at this time.