Re: [Valgrind-users] suppressing by specifying method where value was created?

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

On 28/03/2012 4:56 PM, Igmar Palsenberg wrote:
>
>> ......I could get rid of all these if I could tell Valgrind to ignore 
>> any value created by RAND_load_file. Is there such a capability?
>>
>> ==00:00:00:17.356 30844== Conditional jump or move depends on 
>> uninitialised value(s)
>> ==00:00:00:17.356 30844==    at 0x423F92B: SHA1_Final (in 
>> /lib/i686/cmov/libcrypto.so.0.9.8)
>> ==00:00:00:17.356 30844==    by 0x418BA02: ??? (in 
>> /usr/lib/libcurl.so.4.1.1)
>> ==00:00:00:17.356 30844==  Uninitialised value was created by a stack 
>> allocation
>> ==00:00:00:17.356 30844==    at 0x42A2956: RAND_load_file (in 
>> /lib/i686/cmov/libcrypto.so.0.9.8)
>>
> This was / is caused by the RNG using uninitialized bytes for it's 
> RNG. There was an article on slashdot a while ago, when the Debian guys
> issues a patch to initialize the values (due to a valgrind report). 
> Result : Insecure SSH keys. See 
> http://wiki.debian.org/SSLkeys#End_User_Summary for more information.
>
> My advice : Write a suppression for this.
>
>
>
> Igmar
Thanks for the link - I'm aware of PRNG debian "solution" and debates 
around valgrind/openssl.

 >> Write a suppression for this.

That's my question - how? Or rather - can I write a suppression that 
doesn't include the stack but just says ignore the error for any value 
created in RAND_load_file? My impression is I can't.