Only check the actual used length of the hash by seism0saurus · Pull Request #8709 · esp8266/Arduino (original) (raw)

I assume that memcmp did an buffer over read here and read stuff after the 32 bytes of hash.

Right. No function called to fill it (memset, std::fill), no zero-init (= {0};, = {};) or explicit member init (u8 buf[] {1,2,3}), so we end up with some random stack contents. Also, accidentally read 32bytes past hash object real buffer contents.