Daiki Ueno writes:
> Added `mark_bytes_undefined (1, &ciphertext[key->size]);` to the test
> cases doing encryption.
I'm afraid that isn't right. For one, mark_bytes_undefined is
conditioned so it only has any effect when running the sc tests. Second,
it will not produce any warnings for writes, which I think is what we'd
like to detect here. I think the options are:
1. Just don't allocate any extra byte, and valgrind's should arrange for
alerts on out-of-bounds writes without anything special.
2. Allocate an extra byte, write some random value before the call, and
check that the value is unchanged after the call (some other tests
do that sort of thing, it's simple, old fashioned, and doesn't depend
on valgrind).
3. Allocate an extra byte, and mark it using VALGRIND_MAKE_MEM_NOACCESS
(wrapped in some macro depending on the memcheck.h configure check).
I don't think that gives any real benefit over valgrind's default
behavior with (1), but might make sense if done in combination with
(2).
Regards,
/Niels
--
Niels Möller. PGP key CB4962D070D77D7FCB8BA36271D8F1FF368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list -- nettle-bugs@lists.lysator.liu.se
To unsubscribe send an email to nettle-bugs-le...@lists.lysator.liu.se