Open vi opened 4 years ago
Also happens with zbox = {version = "0.8.8", features=["libsodium-bundled"]}
:
#1 0x00007ffff7d7a535 in __GI_abort () at abort.c:79
save_stage = 1
act = {__sigaction_handler = {sa_handler = 0x555555977b00, sa_sigaction = 0x555555977b00}, sa_mask = {__val = {93824996571904, 93824996571904, 93824994973876, 93824996571904, 93824996571904, 93824996571904, 93824993494580, 93824996571904, 93824996571904, 93824996571904, 93824992494356, 93824996571904, 93824996571904, 93824996571904, 93824993294774, 140737488343024}}, sa_flags = 1435990784, sa_restorer = 0x555555977b00}
sigs = {__val = {32, 0 <repeats 15 times>}}
#2 0x0000555555584245 in sodium_misuse () at sodium/core.c:199
handler = <optimized out>
#3 0x0000555555826bfd in _sodium_malloc (size=<optimized out>) at sodium/utils.c:578
user_ptr = <optimized out>
base_ptr = <optimized out>
total_size = <optimized out>
canary_ptr = <optimized out>
unprotected_ptr = <optimized out>
size_with_canary = <optimized out>
unprotected_size = <optimized out>
user_ptr = <optimized out>
base_ptr = <optimized out>
canary_ptr = <optimized out>
unprotected_ptr = <optimized out>
size_with_canary = <optimized out>
total_size = <optimized out>
unprotected_size = <optimized out>
__PRETTY_FUNCTION__ = "_sodium_malloc"
#4 sodium_malloc (size=<optimized out>) at sodium/utils.c:610
ptr = <optimized out>
#5 0x000055555581d29a in zbox::base::crypto::SafeBox<T>::new_empty () at /home/vi/.cargo/registry/src/github.com-1ecc6299db9ec823/zbox-0.8.8/src/base/crypto.rs:163
size = 32
$ cc --version
cc (Debian 8.3.0-6) 8.3.0
Found out about sodium_init
, then about zbox::init_env
. Now it works.
Is an abort
(but not undefined behaviour) guranteed if trying to use Zbox without init_env
? Otherwise RepoOpener::open
should be an unsafe fn
.
I think there should be assert!
or debug_assert!
(or even just a regular Err
from RepoOpener::open
) to render better error message in this case.
As init_env
is part of the basic API contract, I'd prefer use debug_assert!
. Thank you for your advice.
Why init_env
isn't done automatically on each RepoOpener::open
?
As init_env is part of the basic API contract, I'd prefer use
debug_assert!
Can the function that is called to start using ZboxFS remain safe (non-unsafe
) in this case? What properties are guranteed when using libsodium without sodium_init
?
Why
init_env
isn't done automatically on eachRepoOpener::open
?
That's because RepoOpener::open
is not the only one entry point. If we call init_env
in that place, we might need to do the same and add it everywhere in all the other possible entry points. That is superfluous, so I'd prefer to leave it as a contract of the API.
As init_env is part of the basic API contract, I'd prefer use
debug_assert!
Can the function that is called to start using ZboxFS remain safe (non-
unsafe
) in this case? What properties are guranteed when using libsodium withoutsodium_init
?
If sodium_init
is not called, the behavior is not specified in libsodium document but most likely it will crash as I've seen it many times in different environments. Also, maybe you can ask libsodium author directly in this issue: https://github.com/jedisct1/libsodium/issues/908