curl / Mailing Lists / curl-users / Single Mail

curl-users

Re: 'make check' and Use of uninitialised value in Curl_rand_hex

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Thu, 26 Jul 2018 15:54:03 +0200 (CEST)

On Wed, 25 Jul 2018, Jeffrey Walton wrote:

> I used 7.61.0.tar.gz and openssl-1.0.2.o.tar.gz.
>
> After thinking about this a bit, this may be due to -march=native on a Core
> i5 6th gen. It is also a 64-bit machine so -m64 is present, too. (When I am
> not building for distribution I build for the native machine.)

Seems like a common enough build that it shouldn't trigger any unusual code
paths...

curl_mime_init() calls Curl_rand_hex() to ask for 16 random hex character (by
providing a 17 byte length so that it also has room for the zero trailer).

(Unfortunately, curl_mime_init() doesn't check the return code from
Curl_rand_hex(), which we should consider a bug and I intend to fix it.)

Curl_rand_hex() in turn calls Curl_rand() to get a 16/2 == 8 bytes of random
bytes. Since your valgrind complaint is for 8 unitialized bytes, it could be
an indication that this particular call fails and you don't get any random
bytes returned at all. Any chance you can figure out if that's true?

-- 
  / daniel.haxx.se
-----------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-users
Etiquette:   https://curl.haxx.se/mail/etiquette.html

Received on 2018-07-26

This message: [ Message body ]
Next message: Daniel Stenberg: "Re: Cannot get location header or follow location"
Previous message: Jeffrey Walton: "Re: 'make check' and Use of uninitialised value in Curl_rand_hex"
In reply to: Jeffrey Walton: "Re: 'make check' and Use of uninitialised value in Curl_rand_hex"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]