I think there's we need to create a FAQ entry about this ... * Daniel Brahneborg ([EMAIL PROTECTED]) wrote:
[snip] > At lines 467-469 in crypto/rand/md_rand.c is an interesting > thing: > > #ifndef PURIFY > MD_Update(&m,buf,j); /* purify complains */ > #endif > > That is the code that causes the problem (I just verified > it with Valgrind). Does it have any bad side affects to > always skip that code? Since both Purify and Valgrind is > unhappy with that function call, something must be wrong > with it. No, it's fine - the problem is Purify and Valgrind assume all use of uninitialised data is inherently bad, whereas a PRNG implementation has nothing but positive (or more correctly, non-negative) things to say about the idea. Why do you think the "#ifndef PURIFY" logic is there? If you're going to run an openssl-based app under instrumentation and *look* for uses of uninitialised data, add "-DPURIFY" to your configure line. Please also search the archives for words like "Valgrind", "Purify", "uninitialised memory", etc. This has come up many times before. Cheers, Geoff -- Geoff Thorpe [EMAIL PROTECTED] http://www.openssl.org/ ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
