Port XKCP's fix for the buffer overflows in SHA-3 (CVE-2022-37454).