On May 15, 2008 12:38:24 pm John Parker wrote:
> >> > It is already possible to use openssl and valgrind - just build
> >> > OpenSSL with -DPURIFY, and it is quite clean.
>
> Actually on my system, just -DPURIFY doesn't satisfy valgrind. What
> I'm asking for is something that both satisfies valgrind and doesn't
> reduce the keyspace.
>
What you simply need to do is make a supplemental "ignore known issues" file
for valgrind - for WvStreams, we use one that has the following in it:
{
more_fun_libcrypto_junk
Memcheck:Value4
fun:BF_encrypt
}
{
more_fun_libcrypto_junk_2
Memcheck:Value4
fun:AES_encrypt
}
{
more_fun_libcrypto_junk_3
Memcheck:Addr4
fun:AES_cbc_encrypt
}
{
more_fun_libcrypto_junk_4
Memcheck:Value4
fun:_x86_AES_encrypt
}
And then we run all of the unit tests through valgrind with the options:
valgrind --tool=memcheck --leak-check=yes --num-callers=10
--suppressions=$(WVSTREAMS_SRC)/wvstreams.supp
Between -DPURIFY and the suppressions, the unit tests come back clean (when we
haven't made any silly mistakes in our own code, of course :)
BTW: I'm not claiming that the above list of suppressions will work 100% for
you - the suppressions above are for things that our code tickles - you may
want to add more of them for those specific areas that your code touches that
ours does not.
Have fun.
--
Patrick Patterson
President and Chief PKI Architect,
Carillon Information Security Inc.
http://www.carillon.ca
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager [EMAIL PROTECTED]
