[openssl-dev] [openssl.org #3622] bug: crypto, valgrind reports improper memory access with AES128 cbc and longer plaintext
Andy Polyakov via RT
rt at openssl.org
Wed Dec 10 17:35:48 UTC 2014
> Excellent. My summary is:
> - valgrind complaints about 1.0.1 OpenSLL are extremely unlikely to affect my program in operation (you will probably say "will not affect")
Well, as there is suggestion of what I would say, I would only say that
it's false positive.
> - when OpenSLL 1.0.2 eventually percolates through to Ubuntu and Fedora valgrind will stop complaining.
Another alternative is that they recognize it as bug worthy fixing,
valgrind or OpenSSL. Even though I argue that it's valgrind bug, I'm
ready to assist in addressing the issue on OpenSSL side. In other words
try to report it to your favorite distro vendor. Refer to this ticket.
But for now, I'm dismissing the case.
More information about the openssl-dev
mailing list