使用帧级通配符(省略号)进行 Valgrind 抑制 [英] Valgrind suppression with using frame-level wildcard (ellipses)

查看:29
本文介绍了使用帧级通配符(省略号)进行 Valgrind 抑制的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我在 Valgrind 下发现了很多未初始化的值.该发现在意料之中,因为它与 OpenSSL 的 PRNG 相关:

I'm catching quite a few uninitialized value(s) under Valgrind. The finding is expected because its related to to OpenSSL's PRNG:

==5787== Use of uninitialised value of size 8
==5787==    at 0x533B449: _x86_64_AES_encrypt_compact (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787==    by 0x533B6DA: fips_aes_encrypt (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787==    by 0x56FBC47: ??? (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787==    by 0x56FBD27: ??? (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787==    by 0x56FBE47: ??? (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787==    by 0xFFEFFFE17: ???
==5787==  Uninitialised value was created by a heap allocation
==5787==    at 0x4C28D84: malloc (vg_replace_malloc.c:291)
==5787==    by 0x53575AF: CRYPTO_malloc (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787==    by 0x53FB52B: drbg_get_entropy (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787==    by 0x534C312: fips_get_entropy (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787==    by 0x534CABE: FIPS_drbg_instantiate (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787==    by 0x53FB94E: RAND_init_fips (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787==    by 0x5403F5D: EVP_add_cipher (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787==    by 0x507B7C0: SSL_library_init (in /usr/local/ssl/lib/libssl.so.1.0.0)
==5787==    by 0x4103E7: DoStartupOpenSSL() (ac-openssl-1.cpp:494)
==5787==    by 0x419504: main (main.cpp:69)
==5787==

但是我无法抑制它(这是意料之中的).我正在尝试使用以下三个规则,它们使用 框架级通配符.

But I'm having trouble suppressing it (and that's not expected). I'm trying to use the following three rules, which use frame-level wildcards.

{
   RAND_init_fips (1)
   Memcheck:Cond
   ...
   fun:RAND_init_fips
   ...
}

{
   RAND_init_fips (2)
   Memcheck:Value8
   ...
   fun:RAND_init_fips
   ...
}

{
   RAND_init_fips (3)
   Memcheck:Value4
   ...
   fun:RAND_init_fips
   ...
}

不想因为Debian PRNG 几年前惨败.另外,它是 OpenSSL FIPS 对象模块,因此我无法修改它,因为源代码和生成的对象文件被隔离.

I don't want to do things like initialize the memory because of the Debian PRNG fiasco a few years ago. Plus, its the OpenSSL FIPS Object Module, so I can't modify it because the source code and resulting object file are sequestered.

我不确定问题是什么,因为看起来 RAND_init_fips 被帧级通配符包围,应该与结果相符.任何想法这里可能出了什么问题?

I'm not sure what the issue is because it appears RAND_init_fips surrounded by frame level-wildcards should match the finding. Any ideas what might be going wrong here?

推荐答案

根据 Tom Hughes 在 Valgrind 用户的 邮件列表,无法编写禁止规则:

According to Tom Hughes on the Valgrind User's mailing list, its not possible to write the suppression rule:

这篇关于使用帧级通配符(省略号)进行 Valgrind 抑制的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
其他开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆