Re: [Valgrind-users] valgrinding a SSL application

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

2017-01-05 12:54 GMT+01:00 Matthias Apitz <gu...@un...>:

>
> Hello,
>
> I'm 'valgrinding' a huge client/server application, where the server
> runs on Linux (SLES 12) and uses SSL (OpenSSL) to communicate with the
> clients.
>
> Valgrind is complaining a lot on any SSL function call (some 20.000
> lines) before the first data is exchanged, i.e. on creating the SSL
> socket and accepting the connection.
>
> I know how to suppress such complaints which I can not solve because the
> full function stack is inside the libssl.so or libcrypto.so
>
> But, when I read bytes in clear text from the SSL connection the
> resulting returned 'buf' is invalid too and this goes up the way as
> invalid into my application layers. See the example below and the
> resulting valgrind complaints. It does not even help to strncpy(3) the
> buffer and work with the result. The data in it remains
> invalid/uninitialized.
>
> What is the correct way to deal with this?
>

One of the straightforward ways (workarounds) will be to use a Valgrind
client request to explicitly set the data buffer as defined.
See memcheck.h, VALGRIND_MAKE_MEM_DEFINED.
I.