Bug#363516: [Pkg-openssl-devel] Bug#363516: valgrind-clean the RNG
Kurt Roeckx
kurt at roeckx.be
Wed Apr 19 16:56:03 UTC 2006
On Wed, Apr 19, 2006 at 04:01:22PM +0100, Richard Kettlewell wrote:
> Package: openssl
> Version: 0.9.7e
> Severity: wishlist
>
> Suppressions don't seem to be good enough to eliminate this
> unfortunately - the uninitializedness taints all the users of the
> openssl random number generator, producing valgrind hits throughout
> your program, making it unnecessarily difficult to see the wood for
> the trees.
This is not the proper way to fix it. You can still find other
cases where you'll get the same results.
The problems are the following 2 pieces of code in
crypto/rand/md_rand.c:
247:
MD_Update(&m,buf,j);
467:
#ifndef PURIFY
MD_Update(&m,buf,j); /* purify complains */
#endif
What it's doing is adding uninitialised numbers to the pool to
create random numbers.
I've been thinking about commenting those out.
I've been told that using VALGRIND_MAKE_READABLE can be used to
suppress those errors. So I've been pondering about building the
library with that. I haven't tried that this works yet though.
Martin, what do you think about this?
Kurt
More information about the Pkg-openssl-devel
mailing list