Using clang 13.0.1, I get a warning with the undefined behavior sanitizer when using the crypto_pwhash_scryptsalsa208sha256 function.
Example
#include <sodium.h>
int main()
{
uint8_t buffer[32];
int x = crypto_pwhash_scryptsalsa208sha256(
buffer, 32, "fdsa", 4, (const uint8_t*)"asdffdsaasdffdsaasdffdsaasdffdsa",
crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE,
crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE);
(void)x;
}
Then compile the libsodium and the test program using -fsanitize=undefined.
The error message returned is:
crypto_pwhash/scryptsalsa208sha256/nosse/pwhash_scryptsalsa208sha256_nosse.c:65:24: runtime error: index 8 out of bounds for type 'uint64_t const[8]'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior crypto_pwhash/scryptsalsa208sha256/nosse/pwhash_scryptsalsa208sha256_nosse.c:65:24 in
crypto_pwhash/scryptsalsa208sha256/nosse/pwhash_scryptsalsa208sha256_nosse.c:65:9: runtime error: index 8 out of bounds for type 'uint64_t [8]'
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior crypto_pwhash/scryptsalsa208sha256/nosse/pwhash_scryptsalsa208sha256_nosse.c:65:9 in
Using clang 13.0.1, I get a warning with the undefined behavior sanitizer when using the
crypto_pwhash_scryptsalsa208sha256
function.Example
Then compile the libsodium and the test program using
-fsanitize=undefined
.The error message returned is: