[gnutls-devel] GnuTLS | gnutls 3.8.10 triggers valgrind Conditional jump or move depends on uninitialised value(s) (#1738)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Mon Sep 15 19:23:38 CEST 2025 


Andreas Metzler created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1738



Hello,

gnutls 3.8.10 breaks gsasl's Debian CI test on ppc64el. debian/tests/gsasl-mailutils-gs2krb5-gssapi which fails with:
```
327s ==2630== Command: /usr/bin/gsasl -m GSSAPI -d --no-starttls --imap ci-255-07bddaf3 19835 -z debci
327s ==2630==
327s Trying ‘ci-255-07bddaf3’...
327s * OK IMAP4rev1

327s . CAPABILITY
327s * CAPABILITY IMAP4rev1 NAMESPACE ID IDLE LITERAL+ UNSELECT AUTH=GSSAPI AUTH=ANONYMOUS AUTH=EXTERNAL AUTH=LOGIN AUTH=PLAIN AUTH=SECURID AUTH=DIGEST-MD5 AUTH=CRAM-MD5 AUTH=SCRAM-SHA-1 AUTH=SCRAM-SHA-1-PLUS AUTH=SCRAM-SHA-256 AUTH=SCRAM-SHA-256-PLUS AUTH=SAML20 AUTH=OPENID20 AUTH=GSSAPI AUTH=GS2-KRB5

327s . OK CAPABILITY Completed

327s . AUTHENTICATE GSSAPI
327s +

327s ==2630== Conditional jump or move depends on uninitialised value(s)
327s ==2630==    at 0x40420F0: strcmp (strcmp.S:76)
327s ==2630==    by 0x40198E3: _dl_name_match_p (dl-misc.c:75)
327s ==2630==    by 0x401A833: dl_open_worker_begin (dl-open.c:614)
327s ==2630==    by 0x400163B: _dl_catch_exception (dl-catch.c:241)
327s ==2630==    by 0x401A35F: dl_open_worker (dl-open.c:761)
327s ==2630==    by 0x400163B: _dl_catch_exception (dl-catch.c:241)
327s ==2630==    by 0x401BCCB: _dl_open (dl-open.c:874)
327s ==2630==    by 0x4C873F3: dlopen_doit (dlopen.c:56)
327s ==2630==    by 0x400163B: _dl_catch_exception (dl-catch.c:241)
327s ==2630==    by 0x40017BB: _dl_catch_error (dl-catch.c:260)
327s ==2630==    by 0x4C86CD7: _dlerror_run (dlerror.c:138)
327s ==2630==    by 0x4C87503: dlopen_implementation (dlopen.c:71)
327s ==2630==    by 0x4C87503: dlopen@@GLIBC_2.34 (dlopen.c:81)
327s ==2630==
[...]
327s ==2630== 
327s ==2630== HEAP SUMMARY:
327s ==2630==     in use at exit: 11,519 bytes in 58 blocks
327s ==2630==   total heap usage: 2,773 allocs, 2,715 frees, 397,284 bytes allocated
327s ==2630== 
327s ==2630== LEAK SUMMARY:
327s ==2630==    definitely lost: 16 bytes in 1 blocks
327s ==2630==    indirectly lost: 0 bytes in 0 blocks
327s ==2630==      possibly lost: 0 bytes in 0 blocks
327s ==2630==    still reachable: 11,503 bytes in 57 blocks
327s ==2630==         suppressed: 0 bytes in 0 blocks
327s ==2630== Rerun with --leak-check=full to see details of leaked memory
327s ==2630== 
327s ==2630== Use --track-origins=yes to see where uninitialised values come from
327s ==2630== For lists of detected and suppressed errors, rerun with: -s
327s ==2630== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)

(--track-origins=yes does not yield additional details).
```
I have run git bisect on master - The error is triggered by

[66b78875f1ad28bef852ce44e13f5db5c2175b0c] x509: support decoding of ML-DSA private keys in CHOICE format

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1738
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250915/cb50fb5c/attachment-0001.html>

More information about the Gnutls-devel mailing list