Signed integer overflow when SipHasher processes inputs >= 2 GB

[practicalswift]

Signed integer overflow when SipHasher processes inputs >= 2 GB.

Live demo:

$ src/test/fuzz/simplest_possible_siphash_fuzzer -rss_limit_mb=8000 crash-061a172add013c03beedf57eb2a121a8289696af
crypto/siphash.cpp:56:10: runtime error: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int'
$ cat src/test/fuzz/simplest_possible_siphash_fuzzer.cpp
#include <cstdint>
#include <vector>

#include <crypto/siphash.h>

void test_one_input(const std::vector<uint8_t>& buffer)
{
    CSipHasher(0, 0).Write(buffer.data(), buffer.size()).Finalize();
}

Credits to @elichai who submitted a differential SipHasher fuzzer in #19920 and @guidovranken who first spotted the issue. Thanks!

Remember: don't trust -- fuzz! :)

[sipa]

Not strictly an issue in our codebase, as all uses of CSipHasher are limited in size, but it's trivial to fix: #19931.

Thanks!