From: Steve G <lin...@ya...> - 2003-05-23 14:22:35
|
Hello, I've been doing some testing of daemon's using valgrind. I've run across a problem with valgrind and have created a simple test program. I've tried several different versions of valgrind including cvs. I've attached a program that can be compiled as: gcc -o ssltest ssltest.c -lcrypto The valgrind line I use is: valgrind --num-callers=8 --logfile-fd=19 --leak-check=yes --leak-resolution=high ssltest 19>out The problem I see is: ==7796== Use of uninitialised value of size 4 ==7796== at 0x40267B6B: RC4_set_key (rc4_skey.c:111) ==7796== by 0x80485FC: arc4random_stir (in /home/steve/ssl_test/ssltest) ==7796== by 0x804862D: main (in /home/steve/ssl_test/ssltest) ==7796== by 0x40330A46: __libc_start_main (in /lib/libc-2.3.2.so) ==7796== by 0x80484CC: ??? (start.S:81) If you uncomment the dump_buffer lines & re-run, you can see that all the bytes are changed/initialized by the call to RAND_bytes. I see this kind of problem in sshd, stunnel, or apache when I do testing. Since these are security related programs, I am curious about what is happening or correcting the problem. TIA, Steve Grubb __________________________________ Do you Yahoo!? The New Yahoo! Search - Faster. Easier. Bingo. http://search.yahoo.com |