[gnutls-devel] GnuTLS | Memcheck:Cond valgrind error in gnutls_x509_crt_print() (#833)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Thu Sep 12 13:31:43 CEST 2019 


Martin Pitt created an issue: https://gitlab.com/gnutls/gnutls/issues/833



valgrind detects some code in `gnutls_x509_crt_print()` that depends on uninitialized data:

```
$ gcc -o /tmp/t -Wall gnutls-crt-print.c -lgnutls
$ valgrind  /tmp/t
==10529== Memcheck, a memory error detector
==10529== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==10529== Using Valgrind-3.15.0 and LibVEX; rerun with -h for copyright info
==10529== Command: /tmp/t
==10529== 
==10529== Conditional jump or move depends on uninitialised value(s)
==10529==    at 0x48FA861: decode_complex_string.isra.0 (common.c:395)
==10529==    by 0x48FABEE: _gnutls_x509_dn_to_string (common.c:464)
==10529==    by 0x4909F37: append_elements (dn.c:160)
==10529==    by 0x490A3B7: _gnutls_x509_get_dn (dn.c:236)
==10529==    by 0x491040B: print_oneline (output.c:1881)
==10529==    by 0x491597F: gnutls_x509_crt_print (output.c:2076)
==10529==    by 0x40125D: main (in /tmp/t)
==10529== 
cert: subject `CN=localhost', issuer `CN=localhost', serial 0x00ec5dca0f931ef8ab, RSA key 2048 bits, signed using RSA-SHA256, activated `2015-05-15 19:54:08 UTC', expires `2115-04-21 19:54:08 UTC', pin-sha256="p5szU3vH77RKSNI7ciu7Gtqa9TUJv23iYQGeyejBMYc="==10529== 
==10529== HEAP SUMMARY:
==10529==     in use at exit: 0 bytes in 0 blocks
==10529==   total heap usage: 1,586 allocs, 1,586 frees, 162,017 bytes allocated
==10529== 
==10529== All heap blocks were freed -- no leaks are possible
==10529== 
==10529== Use --track-origins=yes to see where uninitialised values come from
==10529== For lists of detected and suppressed errors, rerun with: -s
==10529== ERROR SUMMARY: 2 errors from 1 contexts (suppressed: 0 from 0)
```

The reproducer is so simple that I don't see how I should have introduced uninitialized data into it myself.

This happens at least with GnuTLS 3.6.8 (in Fedora 30) and 3.6.9 (in rawhide).

Reproducer: [gnutls-crt-print.c](/uploads/ff8f3d85fd5e74f529e5396b3010104f/gnutls-crt-print.c)

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/833
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190912/2fd44d8f/attachment.html>

More information about the Gnutls-devel mailing list