diff options
author | Edward Thomson <ethomson@edwardthomson.com> | 2019-11-24 16:22:31 +1100 |
---|---|---|
committer | Edward Thomson <ethomson@edwardthomson.com> | 2019-11-24 17:29:38 +1100 |
commit | cb77423fa4b86e073862f426556601a111505cd5 (patch) | |
tree | c3df6253018a09dcab9aa4060147b9a75a27c9bc | |
parent | 2ad3eb3e8e87d3ae190f894a39c324b8d6da59bb (diff) | |
download | libgit2-cb77423fa4b86e073862f426556601a111505cd5.tar.gz |
valgrind: add valgrind hints in OpenSSL
Provide usage hints to valgrind. We trust the data coming back from
OpenSSL to have been properly initialized. (And if it has not, it's an
OpenSSL bug, not a libgit2 bug.)
We previously took the `VALGRIND` option to CMake as a hint to disable
mmap. Remove that; it's broken. Now use it to pass on the `VALGRIND`
definition so that sources can provide valgrind hints.
-rw-r--r-- | src/CMakeLists.txt | 4 | ||||
-rw-r--r-- | src/streams/openssl.c | 16 |
2 files changed, 19 insertions, 1 deletions
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 0ca1e7374..9e4a41a61 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -288,9 +288,11 @@ IF (WIN32 AND NOT CYGWIN) ELSEIF (AMIGA) ADD_DEFINITIONS(-DNO_ADDRINFO -DNO_READDIR_R -DNO_MMAP) ELSE() + ADD_FEATURE_INFO(valgrind VALGRIND "valgrind hints") IF (VALGRIND) - ADD_DEFINITIONS(-DNO_MMAP) + ADD_DEFINITIONS(-DVALGRIND) ENDIF() + FILE(GLOB SRC_OS unix/*.c unix/*.h) ENDIF() diff --git a/src/streams/openssl.c b/src/streams/openssl.c index 8613f70be..98a3635af 100644 --- a/src/streams/openssl.c +++ b/src/streams/openssl.c @@ -30,6 +30,10 @@ #include <openssl/x509v3.h> #include <openssl/bio.h> +#ifdef VALGRIND +# include <valgrind/memcheck.h> +#endif + SSL_CTX *git__ssl_ctx; #define GIT_SSL_DEFAULT_CIPHERS "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES128-SHA256:DHE-DSS-AES256-SHA256:DHE-DSS-AES128-SHA:DHE-DSS-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA" @@ -311,6 +315,10 @@ static int bio_write(BIO *b, const char *buf, int len) { git_stream *io = (git_stream *) BIO_get_data(b); +#ifdef VALGRIND + VALGRIND_MAKE_MEM_DEFINED(buf, len); +#endif + return (int) git_stream_write(io, buf, len, 0); } @@ -587,6 +595,10 @@ static int openssl_connect(git_stream *stream) BIO_set_data(bio, st->io); SSL_set_bio(st->ssl, bio, bio); +#ifdef VALGRIND + VALGRIND_MAKE_MEM_DEFINED(st->ssl, sizeof(SSL)); +#endif + /* specify the host in case SNI is needed */ #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME SSL_set_tlsext_host_name(st->ssl, st->host); @@ -667,6 +679,10 @@ static ssize_t openssl_read(git_stream *stream, void *data, size_t len) if ((ret = SSL_read(st->ssl, data, len)) <= 0) return ssl_set_error(st->ssl, ret); +#ifdef VALGRIND + VALGRIND_MAKE_MEM_DEFINED(data, ret); +#endif + return ret; } |