From 9391b656030bc1f0c7fbf2249504709e82d976d1 Mon Sep 17 00:00:00 2001
From: "Pierre R. Mai" <pmai@pmsf.de>
Date: Sat, 14 Sep 2013 23:46:44 +0200
Subject: [PATCH] Fix buffer handling for partial updates (fix #1).

Calls to sha3-update that did not completely fill an already partially
filled buffer were handled incorrectly, in that the buffer-index wasn't
properly updated. Thanks to Orivej Desh for the bug report.
---
 sha3.lisp | 17 +++++++++++------
 1 file changed, 11 insertions(+), 6 deletions(-)

diff --git a/sha3.lisp b/sha3.lisp
index 74edf05..9e3ea29 100644
--- a/sha3.lisp
+++ b/sha3.lisp
@@ -110,14 +110,19 @@ and `end', which must be numeric bounding-indices."
              #.*optimize-declaration*)
     ;; Handle potential remaining bytes
     (unless (zerop buffer-index)
-      (let ((remainder (- (length buffer) buffer-index)))
-        (declare (type fixnum remainder))
+      (let ((remainder (- (length buffer) buffer-index))
+            (length (- end start)))
+        (declare (type fixnum remainder length))
         (replace buffer vector :start1 buffer-index :start2 start :end2 end)
-        (when (>= (- end start) remainder)
-          (keccak-state-merge-input keccak-state bit-rate buffer 0)
-          (keccak-f keccak-state))
+        ;; Return if still unfilled buffer
+        (when (< length remainder)
+          (incf (sha3-state-buffer-index state) length)
+          (return-from sha3-update))
+        ;; Else handle now complete buffer
+        (keccak-state-merge-input keccak-state bit-rate buffer 0)
+        (keccak-f keccak-state)
         (setf (sha3-state-buffer-index state) 0
-              start (min (+ start remainder) end))))
+              start (+ start remainder))))
     ;; Now handle full blocks, stuff any remainder into buffer
     (loop for block-offset of-type fixnum from start to end by rate-bytes
           do