valgrind: add suppressions for undefined use valgrind will warn that OpenSSL will use undefined data in connect/read when talking to certain other TLS stacks. Thankfully, this only seems to occur when gcc is the compiler, so hopefully valgrind is just misunderstanding an optimization. Regardless, suppress this warning.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46
diff --git a/script/valgrind.supp b/script/valgrind.supp
index 8459a71..d938aa9 100644
--- a/script/valgrind.supp
+++ b/script/valgrind.supp
@@ -124,6 +124,26 @@
}
{
+ ignore-openssl-undefined-in-read
+ Memcheck:Cond
+ ...
+ obj:*libssl.so*
+ ...
+ fun:openssl_read
+ ...
+}
+
+{
+ ignore-openssl-undefined-in-connect
+ Memcheck:Cond
+ ...
+ obj:*libssl.so*
+ ...
+ fun:openssl_connect
+ ...
+}
+
+{
ignore-libssh2-rsa-sha1-sign
Memcheck:Leak
...
diff --git a/src/streams/openssl.c b/src/streams/openssl.c
index fe5f79c..8613f70 100644
--- a/src/streams/openssl.c
+++ b/src/streams/openssl.c
@@ -597,6 +597,10 @@ static int openssl_connect(git_stream *stream)
st->connected = true;
+#ifdef VALGRIND
+ VALGRIND_MAKE_MEM_DEFINED(st->ssl, sizeof(SSL));
+#endif
+
return verify_server_cert(st->ssl, st->host);
}