Richard Salz wrote:
Can't someone just create a valgrind suppression entry for this?
Valgrind can read a file that tells it things to ignore, like lint's old
NOTREACHED comment.
Valgrind reports at the point of use where it considers the usage
potentially harmful.
This means you can copy around uninitalized data within your program all
day long, but it is only at the point you pass that data to a libc
function or system call that a warning is emitted. It is that call
which is emitted in the valgrind output (not the original source of the
initialized data, the OpenSSL #ifdef PURIFY code).
Most of the time the source is close to the usage so this method of
reporting works well for most error. But Random data has its own
voodoo, like in being copied somewhere ready for use at startup then at
a seemingly random point in time the program decides to pick it up and
make use of it.
So the valgrind warning you see is the symptom not the problem and this
disconnection of events is what can cause confusion.
Maybe valgrind should have a rule put in place which resets the
uninitialized data bit in the memory bitmap over the block of data
returned by the low level RAND_xxxx() functions provided by OpenSSL.
Darryl
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager [EMAIL PROTECTED]