使用帧级通配符(省略号)进行 Valgrind 抑制 [英] Valgrind suppression with using frame-level wildcard (ellipses)
问题描述
我在 Valgrind 下发现了很多未初始化的值
.该发现在意料之中,因为它与 OpenSSL 的 PRNG 相关:
I'm catching quite a few uninitialized value(s)
under Valgrind. The finding is expected because its related to to OpenSSL's PRNG:
==5787== Use of uninitialised value of size 8
==5787== at 0x533B449: _x86_64_AES_encrypt_compact (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787== by 0x533B6DA: fips_aes_encrypt (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787== by 0x56FBC47: ??? (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787== by 0x56FBD27: ??? (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787== by 0x56FBE47: ??? (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787== by 0xFFEFFFE17: ???
==5787== Uninitialised value was created by a heap allocation
==5787== at 0x4C28D84: malloc (vg_replace_malloc.c:291)
==5787== by 0x53575AF: CRYPTO_malloc (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787== by 0x53FB52B: drbg_get_entropy (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787== by 0x534C312: fips_get_entropy (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787== by 0x534CABE: FIPS_drbg_instantiate (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787== by 0x53FB94E: RAND_init_fips (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787== by 0x5403F5D: EVP_add_cipher (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787== by 0x507B7C0: SSL_library_init (in /usr/local/ssl/lib/libssl.so.1.0.0)
==5787== by 0x4103E7: DoStartupOpenSSL() (ac-openssl-1.cpp:494)
==5787== by 0x419504: main (main.cpp:69)
==5787==
但是我无法抑制它(这是意料之中的).我正在尝试使用以下三个规则,它们使用 框架级通配符.
But I'm having trouble suppressing it (and that's not expected). I'm trying to use the following three rules, which use frame-level wildcards.
{
RAND_init_fips (1)
Memcheck:Cond
...
fun:RAND_init_fips
...
}
{
RAND_init_fips (2)
Memcheck:Value8
...
fun:RAND_init_fips
...
}
{
RAND_init_fips (3)
Memcheck:Value4
...
fun:RAND_init_fips
...
}
我不想因为Debian PRNG 几年前惨败.另外,它是 OpenSSL FIPS 对象模块,因此我无法修改它,因为源代码和生成的对象文件被隔离.
I don't want to do things like initialize the memory because of the Debian PRNG fiasco a few years ago. Plus, its the OpenSSL FIPS Object Module, so I can't modify it because the source code and resulting object file are sequestered.
我不确定问题是什么,因为看起来 RAND_init_fips
被帧级通配符包围,应该与结果相符.任何想法这里可能出了什么问题?
I'm not sure what the issue is because it appears RAND_init_fips
surrounded by frame level-wildcards should match the finding. Any ideas what might be going wrong here?
推荐答案
根据 Tom Hughes 在 Valgrind 用户的 邮件列表,无法编写禁止规则:
According to Tom Hughes on the Valgrind User's mailing list, its not possible to write the suppression rule:
这篇关于使用帧级通配符(省略号)进行 Valgrind 抑制的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!