Testing the string use-case shows that it goes wrong on 253 bytes:
$ dd if=/dev/urandom of=foo bs=1 count=252 ; python -c 'import apt_pkg; print apt_pkg.sha256sum(open("foo").read())' ; sha256sum foo 252+0 records in 252+0 records out 252 bytes (252 B) copied, 0,00294077 s, 85,7 kB/s 83c762165fbec99d6fd590ed2d3b291d40bfa8525c97b391d2cfb661c27e25fa 83c762165fbec99d6fd590ed2d3b291d40bfa8525c97b391d2cfb661c27e25fa foo
$ dd if=/dev/urandom of=foo bs=1 count=252 ; python -c 'import apt_pkg; print apt_pkg.sha256sum(open("foo").read())' ; sha256sum foo 253+0 records in 253+0 records out 253 bytes (253 B) copied, 0,00317775 s, 79,6 kB/s 976fc1a77523e602fd1fe36d13771d83bae61f8e5d5279ca97b158664ff8b8c8 d68a24e86b8037437a20a592a717c40c163127f4942b511b102f0b11e449794c foo
Testing the string use-case shows that it goes wrong on 253 bytes:
$ dd if=/dev/urandom of=foo bs=1 count=252 ; python -c 'import apt_pkg; print apt_pkg. sha256sum( open("foo" ).read( ))' ; sha256sum foo d6fd590ed2d3b29 1d40bfa8525c97b 391d2cfb661c27e 25fa d6fd590ed2d3b29 1d40bfa8525c97b 391d2cfb661c27e 25fa foo
252+0 records in
252+0 records out
252 bytes (252 B) copied, 0,00294077 s, 85,7 kB/s
83c762165fbec99
83c762165fbec99
$ dd if=/dev/urandom of=foo bs=1 count=252 ; python -c 'import apt_pkg; print apt_pkg. sha256sum( open("foo" ).read( ))' ; sha256sum foo 2fd1fe36d13771d 83bae61f8e5d527 9ca97b158664ff8 b8c8 37a20a592a717c4 0c163127f4942b5 11b102f0b11e449 794c foo
253+0 records in
253+0 records out
253 bytes (253 B) copied, 0,00317775 s, 79,6 kB/s
976fc1a77523e60
d68a24e86b80374