Commit 2ad3eb3e8e87d3ae190f894a39c324b8d6da59bb
2019-11-24T15:59:26
valgrind: add suppressions for undefined use valgrind will warn that OpenSSL will use undefined data in connect/read when talking to certain other TLS stacks. Thankfully, this only seems to occur when gcc is the compiler, so hopefully valgrind is just misunderstanding an optimization. Regardless, suppress this warning.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46
diff --git a/script/valgrind.supp b/script/valgrind.supp
index 8459a71..d938aa9 100644
--- a/script/valgrind.supp
+++ b/script/valgrind.supp
@@ -124,6 +124,26 @@
}
{
+ ignore-openssl-undefined-in-read
+ Memcheck:Cond
+ ...
+ obj:*libssl.so*
+ ...
+ fun:openssl_read
+ ...
+}
+
+{
+ ignore-openssl-undefined-in-connect
+ Memcheck:Cond
+ ...
+ obj:*libssl.so*
+ ...
+ fun:openssl_connect
+ ...
+}
+
+{
ignore-libssh2-rsa-sha1-sign
Memcheck:Leak
...
diff --git a/src/streams/openssl.c b/src/streams/openssl.c
index fe5f79c..8613f70 100644
--- a/src/streams/openssl.c
+++ b/src/streams/openssl.c
@@ -597,6 +597,10 @@ static int openssl_connect(git_stream *stream)
st->connected = true;
+#ifdef VALGRIND
+ VALGRIND_MAKE_MEM_DEFINED(st->ssl, sizeof(SSL));
+#endif
+
return verify_server_cert(st->ssl, st->host);
}