[MDEV-5312] Conditional jump or move depends on uninitialised value(s) in ssl3_read_bytes Created: 2013-11-19  Updated: 2014-05-01  Due: 2014-04-26  Resolved: 2014-05-01

Status: Closed
Project: MariaDB Server
Component/s: None
Affects Version/s: 10.0.5
Fix Version/s: 10.0.11

Type: Bug Priority: Major
Reporter: Alexander Barkov Assignee: Sergei Golubchik
Resolution: Cannot Reproduce Votes: 0
Labels: None


 Description   

When MariaDB is built with the external openssl library

cmake . -DCMAKE_INSTALL_PREFIX=/opt/mariadb-10.0 -DCMAKE_BUILD_TYPE=Debug -DWITH_VALGRIND=1

some --valgrind test fail with the following output:

./mtr --valgrind ssl_cipher
 
...
 
==7154== Conditional jump or move depends on uninitialised value(s)
 
==7154==    at 0x5DC1B3: read_client_connect_attrs(char**, char*, charset_info_st const*) (sql_acl.cc:11144)
 
==7154==    by 0x5DD1F2: parse_client_handshake_packet(MPVIO_EXT*, unsigned char**, unsigned long) (sql_acl.cc:11527)
 
==7154==    by 0x5DD7D8: server_mpvio_read_packet(st_plugin_vio*, unsigned char**) (sql_acl.cc:11701)
 
==7154==    by 0x5DED61: native_password_authenticate(st_plugin_vio*, st_mysql_server_auth_info*) (sql_acl.cc:12272)
 
==7154==    by 0x5DDE31: do_auth_once(THD*, st_mysql_lex_string const*, MPVIO_EXT*) (sql_acl.cc:11869)
 
==7154==    by 0x5DE168: acl_authenticate(THD*, unsigned int, unsigned int) (sql_acl.cc:11971)
 
==7154==    by 0x7601E0: check_connection(THD*) (sql_connect.cc:1070)
 
==7154==    by 0x760353: login_connection(THD*) (sql_connect.cc:1138)
 
==7154==    by 0x7608D0: thd_prepare_connection(THD*) (sql_connect.cc:1301)
 
==7154==    by 0x760B5D: do_handle_one_connection(THD*) (sql_connect.cc:1370)
 
==7154==    by 0x7608A5: handle_one_connection (sql_connect.cc:1293)
 
==7154==    by 0xD3B682: pfs_spawn_thread (pfs.cc:1853)
 
==7154==    by 0x37C7807D14: start_thread (in /usr/lib64/libpthread-2.16.so)
 
==7154==    by 0x37C70F253C: clone (in /usr/lib64/libc-2.16.so)
 
==7154== Conditional jump or move depends on uninitialised value(s)
 
==7154==    at 0x37D1C296B2: ssl3_read_bytes (in /usr/lib64/libssl.so.1.0.1e)
 
==7154==    by 0x37D1C26D11: ??? (in /usr/lib64/libssl.so.1.0.1e)
 
==7154==    by 0xE6B296: vio_ssl_read (viossl.c:171)
 
==7154==    by 0x598E38: my_real_read(st_net*, unsigned long*) (net_serv.cc:870)
 
==7154==    by 0x59955C: my_net_read (net_serv.cc:1072)
 
==7154==    by 0x643936: do_command(THD*) (sql_parse.cc:925)
 
==7154==    by 0x760B7F: do_handle_one_connection(THD*) (sql_connect.cc:1379)
 
==7154==    by 0x7608A5: handle_one_connection (sql_connect.cc:1293)
 
==7154==    by 0xD3B682: pfs_spawn_thread (pfs.cc:1853)
 
==7154==    by 0x37C7807D14: start_thread (in /usr/lib64/libpthread-2.16.so)
 
==7154==    by 0x37C70F253C: clone (in /usr/lib64/libc-2.16.so)

The same tests do not fail when built with the bundled ssl library:

cmake . -DCMAKE_INSTALL_PREFIX=/opt/mariadb-10.0 -DCMAKE_BUILD_TYPE=Debug -DWITH_VALGRIND=1 -DWITH_SSL=bundled

Note, this problem is not caught by BuildBot,
because work-amd64-valgrind compiles with the bundled ssl library.

 Comments   
Comment by Oleksandr Byelkin [ 2013-12-19 ]

It looks like valgrind thinks like a big part of read buffer is something random.

Comment by Oleksandr Byelkin [ 2014-01-21 ]

Looks looks it is not related to client attributes but to the ssl library.

Comment by Sergei Golubchik [ 2014-03-26 ]

I cannot repeat that. I'm getting tons of valgrind warnings about openssl, but not this one.

Generated at Thu Feb 08 07:03:19 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.