Generating hash with Argon2 on Botan results in garbage data and 0xC0000005: Access violation reading location 0x0000000100000000

0
votes

I'm trying to hash passwords using the C++ cryptography library Botan. I've tried testing out the library using the code below:

#include <iostream>
#include <string>
#include <botan/argon2.h>
#include <botan/system_rng.h>

int main() {
    Botan::System_RNG rng;
    std::string password = "cool_password";

    std::string generated_hash = Botan::argon2_generate_pwhash(password.c_str(), 
    password.length(), rng, 1, 4000, 1); // crash occurs here

    std::cout << generated_hash << "\n";
}

but the code either printed garbage data, or gave me a runtime error: Unhandled exception at 0x00007FFEF11825E0 (ucrtbased.dll) in app.exe: 0xC0000005: Access violation reading location 0x0000000100000000.

What should I do? Using other hashing methods such as Botan::generate_bcrypt() also resulted in the same error.

1
c++cryptographybotanargon2-ffi
Was everything built with the exactly the same tool-chain and version ?Richard Critten
Yup, built everything with nmake following the tutorial on botan.randombit.net/handbook/building.html#on-windowsemredesu
If you compile your own program with -fsanitize=address you may get more info about where it crashes.Ted Lyngmo
I just downloaded, compiled and installed botan and then compiled your program (with -fsanitize=address and more) - no problem. It prints lines like $argon2id$v=19$m=4000,t=1,p=1$OAeT30yqV111xsvTjN43Rg$k5uwQIc2mNREuXRCTVZ4VuWdEbR4dumvDfHCkm0Bl2s every time I run it.Ted Lyngmo
Must be a problem with my build then. I'll try re-building it, thank you very much for the effort!emredesu

1 Answers

1
votes

After 4 hours of painful troubleshooting and rebuilding the library with different compilers over and over, I have found out that Botan does not work properly if "solution configuration" is not set to "Release" rather than "Debug" in Visual Studio.