0
我趕上Valgrind的下不少uninitialized value(s)。這一發現令人意外,因爲它關係到OpenSSL的PRNG:Valgrind的抑制使用幀級通配符(省略號)
==5787== Use of uninitialised value of size 8
==5787== at 0x533B449: _x86_64_AES_encrypt_compact (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787== by 0x533B6DA: fips_aes_encrypt (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787== by 0x56FBC47: ??? (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787== by 0x56FBD27: ??? (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787== by 0x56FBE47: ??? (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787== by 0xFFEFFFE17: ???
==5787== Uninitialised value was created by a heap allocation
==5787== at 0x4C28D84: malloc (vg_replace_malloc.c:291)
==5787== by 0x53575AF: CRYPTO_malloc (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787== by 0x53FB52B: drbg_get_entropy (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787== by 0x534C312: fips_get_entropy (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787== by 0x534CABE: FIPS_drbg_instantiate (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787== by 0x53FB94E: RAND_init_fips (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787== by 0x5403F5D: EVP_add_cipher (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
==5787== by 0x507B7C0: SSL_library_init (in /usr/local/ssl/lib/libssl.so.1.0.0)
==5787== by 0x4103E7: DoStartupOpenSSL() (ac-openssl-1.cpp:494)
==5787== by 0x419504: main (main.cpp:69)
==5787==
但我無法抑制它(這不是預期)。我試圖使用以下三條規則,它們使用frame-level wildcards。
{
RAND_init_fips (1)
Memcheck:Cond
...
fun:RAND_init_fips
...
}
{
RAND_init_fips (2)
Memcheck:Value8
...
fun:RAND_init_fips
...
}
{
RAND_init_fips (3)
Memcheck:Value4
...
fun:RAND_init_fips
...
}
我不想要做的事情一樣初始化,因爲Debian PRNG慘敗幾年前的記憶。另外,它的OpenSSL FIPS對象模塊,所以我不能修改它,因爲源代碼和生成的目標文件是隔離的。
我不知道是什麼問題,因爲它似乎RAND_init_fips通過框架級別的通配符包圍應匹配的發現。任何想法可能會在這裏出錯?
