On Fri, Mar 31, 2017 at 04:40:07PM +0300, Aleksander Alekseev wrote:
> > > And it seems to me that this is caused by the routines of OpenSSL.
> > > When building without --with-openssl, using the fallback
> > > implementations of SHA256 and RAND_bytes I see no warnings generated
> > > by scram_build_verifier... I think it makes most sense to discard that
> > > from the list of open items.
> >
> > FWIW a document of the function says that,
> >
> > https://www.openssl.org/docs/man1.0.1/crypto/RAND_bytes.html
> >
> > > The contents of buf is mixed into the entropy pool before
> > > retrieving the new pseudo-random bytes unless disabled at compile
> > > time (see FAQ).
> >
> > This isn't saying that RAND_bytes does the same thing but
> > something similar can be happening there.
>
> OK, turned out that warnings regarding uninitialized values disappear
> after removing --with-openssl. That's a good thing.
Does this remove the noise under --with-openssl?
--- a/src/port/pg_strong_random.c
+++ b/src/port/pg_strong_random.c
@@ -104,7 +104,10 @@ pg_strong_random(void *buf, size_t len) */#if defined(USE_OPENSSL_RANDOM) if
(RAND_bytes(buf,len) == 1)
+ {
+ VALGRIND_MAKE_MEM_DEFINED(buf, len); return true;
+ } return false; /*
> What about all these memory leak reports [1]? If I see them should I just
> ignore them or, if reports look false positive, suggest a patch that
> modifies a Valgrind suppression file? In other words what is current
> consensus in community regarding Valgrind and it's reports?
Pass --leak-check=no; PostgreSQL intentionally leaks a lot.
