test_crypto_generichash fails with libsodium 1.0.13 about pysodium HOT 14 CLOSED

interesting! also on alpine linux. but not with 1.0.12. looking at libsodium what changed between those two versions.

from pysodium.

smallest reproducible testcase is this:

state = pysodium.crypto_generichash_init()

from pysodium.

maybe this change triggered it: jedisct1/libsodium@f72bcfa

from pysodium.

Very likely.

But you shouldn't assume anything about the content of the structure. This may change, especially if BLAKE2X is added.

Use crypto_generichash_statebytes() to get the correct amount of bytes required to store the state, and you will always be safe.

from pysodium.

confirmed. just built a libsodium with that change reverted and it doesn't segfault anymore.

from pysodium.

not sure it's the number of bytes that's the problem, but the alignment itself?
this https://github.com/stef/pysodium/blob/master/pysodium/__init__.py#L160 seems to be exactly matching this https://github.com/jedisct1/libsodium/blob/master/src/libsodium/include/sodium/crypto_generichash_blake2b.h#L23

from pysodium.

Use crypto_generichash_statebytes(), trust me :)

from pysodium.

would this be correct to pass to generichash_init?

state = sodium_malloc(crypto_generichash_statebytes());

and i would not have to mess with alignment?

from pysodium.

That would work! But maybe CryptoGenericHashState can just be an array whose size is ctypes.c_uint8 * sodium.crypto_generichash_statebytes() bytes?

from pysodium.

seems to work. pushed a fix.

from pysodium.

thx to all of you, for reporting and contributing a fix

from pysodium.

i bumped the version and also uploaded a new version to pypi, if you agree to the fix please close this issue.

from pysodium.

Awesome, thanks Stef!

from pysodium.

Thanks for the prompt response. Debian package updated:

https://packages.qa.debian.org/p/pysodium/news/20170811T211431Z.html

Christopher

from pysodium.