Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
10.4(EOL), 10.5
Description
As noted in MDEV-20377, MyCTX_nopad is causing MemorySanitizer to report some uninitialized values. The following patch silences the errors, but I am not sure if that is safe to do, or if the buffer should actually be initialized:
diff --git a/mysys_ssl/my_crypt.cc b/mysys_ssl/my_crypt.cc
|
index 02770644259..cb9e60e4dc7 100644
|
--- a/mysys_ssl/my_crypt.cc
|
+++ b/mysys_ssl/my_crypt.cc
|
@@ -94,6 +94,8 @@ class MyCTX
|
}
|
};
|
|
+#include <sanitizer/msan_interface.h>
|
+
|
class MyCTX_nopad : public MyCTX
|
{
|
public:
|
@@ -143,6 +145,7 @@ class MyCTX_nopad : public MyCTX
|
of this class too.
|
*/
|
uchar mask[MY_AES_BLOCK_SIZE];
|
+ __msan_unpoison(mask, sizeof mask);
|
uint mlen;
|
|
int rc= my_aes_crypt(MY_AES_ECB, ENCRYPTION_FLAG_ENCRYPT | ENCRYPTION_FLAG_NOPAD, |
I used cmake -DWITH_SSL=bundled, which is WolfSSL starting with 10.4.
Note: this might affect earlier versions as well. I did not check it. I would like to be able to use MSAN starting with 10.2.
Attachments
Issue Links
- is part of
-
-
- Closed
-