On March 20, 2019, the Go team released a patch for a security vulnerability in x/crypto/salsa20. This talk will regale you with the full story from discovery by differential fuzzing, via low-level assembly root cause analysis to the contentious disclosure process.
Along the way we’ll explore testing practices for security-critical software, in particular the use of go-fuzz to check compatibility with reference implementations. Ultimately we’ll see how even the most subtle of mistakes in assembly code can have catastrophic implications.