The implementation does not enforce alignment requirements on input slices while incorrectly assuming 4-byte alignment through an unsafe call to std::slice::from_raw_parts_mut
, which breaks the contract and introduces undefined behavior.
This affects Chacha20 encryption and decryption in crypto2.
{ "license": "CC0-1.0" }