building OpenSSL 1.1.1 with -DPURIFY

tim.j.culhane at gmail.com tim.j.culhane at gmail.com
Wed Oct 9 10:37:02 UTC 2019 

Hi,

I've built  OpenSSL 1.1.1c locally on my 64 bit CentOS 7 server.

My application  links with the libraries  contained in this build.

When running tests for my application under valgrind I'm seeing lots of
errors like the  below:

Use of uninitialised value of size 8
    at 0x4C30DDF: memset (vg_replace_strmem.c:1252)
    by 0xB389872: CRYPTO_zalloc (in /opt/openssl/1.1.1/lib/libcrypto.so.1.1)
    by 0xB2C3BDA: bn_expand2 (in /opt/openssl/1.1.1/lib/libcrypto.so.1.1)
    by 0xB2CACFD: bn_lshift_fixed_top (in
/opt/openssl/1.1.1/lib/libcrypto.so.1.1)
    by 0xB2BCC61: bn_div_fixed_top (in
/opt/openssl/1.1.1/lib/libcrypto.so.1.1)
    by 0xB2BD081: BN_div (in /opt/openssl/1.1.1/lib/libcrypto.so.1.1)
    by 0xB2C054E: int_bn_mod_inverse (in
/opt/openssl/1.1.1/lib/libcrypto.so.1.1)
    by 0xB2BC0B5: BN_BLINDING_create_param (in
/opt/openssl/1.1.1/lib/libcrypto.so.1.1)
    by 0xB3BDAB0: RSA_setup_blinding (in
/opt/openssl/1.1.1/lib/libcrypto.so.1.1)
    by 0xB3C276A: rsa_ossl_private_encrypt (in
/opt/openssl/1.1.1/lib/libcrypto.so.1.1)
    by 0xB3C4FE2: pkey_rsa_sign (in /opt/openssl/1.1.1/lib/libcrypto.so.1.1)
    by 0xB37A716: EVP_DigestSignFinal (in
/opt/openssl/1.1.1/lib/libcrypto.so.1.1)
    by 0xAFC4413: tls_construct_cert_verify (in
/opt/openssl/1.1.1/lib/libssl.so.1.1)
    by 0xAFBB526: state_machine (in /opt/openssl/1.1.1/lib/libssl.so.1.1)
    by 0xAFA6937: SSL_do_handshake (in /opt/openssl/1.1.1/lib/libssl.so.1.1)
    by 0xAD64C2C: sncr_tls_negotiation_ex (tls_openssl.c:1766)
    by 0xAD64D84: sncr_tls_negotiation (tls_openssl.c:1846)
    by 0x5A890E: run_smtp_server (receiver.c:1367)
    by 0x5A55A2: smtp_recv_thread (receiver.c:326)
    by 0x73158F: generic_worker_thread (threads.c:301)
    by 0x546BDD4: start_thread (in /usr/lib64/libpthread-2.17.so)
    by 0x61A502C: clone (in /usr/lib64/libc-2.17.so)
  Uninitialised value was created by a stack allocation
    at 0xB3B5000: rand_drbg_get_nonce (in
/opt/openssl/1.1.1/lib/libcrypto.so.1.1)

 Conditional jump or move depends on uninitialised value(s)
    at 0x4C30DE5: memset (vg_replace_strmem.c:1252)
    by 0xB389872: CRYPTO_zalloc (in /opt/openssl/1.1.1/lib/libcrypto.so.1.1)
    by 0xB2C3BDA: bn_expand2 (in /opt/openssl/1.1.1/lib/libcrypto.so.1.1)
    by 0xB2CACFD: bn_lshift_fixed_top (in
/opt/openssl/1.1.1/lib/libcrypto.so.1.1)
    by 0xB2BCC61: bn_div_fixed_top (in
/opt/openssl/1.1.1/lib/libcrypto.so.1.1)
    by 0xB2BD081: BN_div (in /opt/openssl/1.1.1/lib/libcrypto.so.1.1)
    by 0xB2C054E: int_bn_mod_inverse (in
/opt/openssl/1.1.1/lib/libcrypto.so.1.1)
    by 0xB2BC0B5: BN_BLINDING_create_param (in
/opt/openssl/1.1.1/lib/libcrypto.so.1.1)
    by 0xB3BDAB0: RSA_setup_blinding (in
/opt/openssl/1.1.1/lib/libcrypto.so.1.1)
    by 0xB3C276A: rsa_ossl_private_encrypt (in
/opt/openssl/1.1.1/lib/libcrypto.so.1.1)
    by 0xB3C4FE2: pkey_rsa_sign (in /opt/openssl/1.1.1/lib/libcrypto.so.1.1)
    by 0xB37A716: EVP_DigestSignFinal (in
/opt/openssl/1.1.1/lib/libcrypto.so.1.1)
    by 0xAFC4413: tls_construct_cert_verify (in
/opt/openssl/1.1.1/lib/libssl.so.1.1)
    by 0xAFBB526: state_machine (in /opt/openssl/1.1.1/lib/libssl.so.1.1)
    by 0xAFA6937: SSL_do_handshake (in /opt/openssl/1.1.1/lib/libssl.so.1.1)
    by 0xAD64C2C: sncr_tls_negotiation_ex (tls_openssl.c:1766)
    by 0xAD64D84: sncr_tls_negotiation (tls_openssl.c:1846)
    by 0x5A890E: run_smtp_server (receiver.c:1367)
    by 0x5A55A2: smtp_recv_thread (receiver.c:326)
    by 0x73158F: generic_worker_thread (threads.c:301)
    by 0x546BDD4: start_thread (in /usr/lib64/libpthread-2.17.so)
    by 0x61A502C: clone (in /usr/lib64/libc-2.17.so)
  Uninitialised value was created by a stack allocation
    at 0xB3B5000: rand_drbg_get_nonce (in
/opt/openssl/1.1.1/lib/libcrypto.so.1.1)


Conditional jump or move depends on uninitialised value(s)
    at 0xB2C4070: bn_correct_top (in
/opt/openssl/1.1.1/lib/libcrypto.so.1.1)
    by 0xB2C5397: BN_mod_mul_montgomery (in
/opt/openssl/1.1.1/lib/libcrypto.so.1.1)
    by 0xB3C2704: rsa_ossl_private_encrypt (in
/opt/openssl/1.1.1/lib/libcrypto.so.1.1)
    by 0xB3C4FE2: pkey_rsa_sign (in /opt/openssl/1.1.1/lib/libcrypto.so.1.1)
    by 0xB37A716: EVP_DigestSignFinal (in
/opt/openssl/1.1.1/lib/libcrypto.so.1.1)
    by 0xAFC4413: tls_construct_cert_verify (in
/opt/openssl/1.1.1/lib/libssl.so.1.1)
    by 0xAFBB526: state_machine (in /opt/openssl/1.1.1/lib/libssl.so.1.1)
    by 0xAFA6937: SSL_do_handshake (in /opt/openssl/1.1.1/lib/libssl.so.1.1)
    by 0xAD64C2C: sncr_tls_negotiation_ex (tls_openssl.c:1766)
    by 0xAD64D84: sncr_tls_negotiation (tls_openssl.c:1846)
    by 0x5A890E: run_smtp_server (receiver.c:1367)
    by 0x5A55A2: smtp_recv_thread (receiver.c:326)
    by 0x73158F: generic_worker_thread (threads.c:301)
    by 0x546BDD4: start_thread (in /usr/lib64/libpthread-2.17.so)
    by 0x61A502C: clone (in /usr/lib64/libc-2.17.so)
  Uninitialised value was created by a stack allocation
    at 0xB3E2363: sha256_block_data_order_avx2 (in
/opt/openssl/1.1.1/lib/libcrypto.so.1.1)


There are many, many of these errors with varying  backtraces shown.

But the common  function seems to be either sha256_block_data_order_avx2 or
rand_drbg_get_nonce
I've read somewhere that  compiling OpenSSL with -DPURIFY would help remove
these errors.

However, looking at the CHANGES document which comes with the source I see
the below change in 1.1.0:

*) Always DPURIFY. Remove the use of uninitialized memory in the
RNG, and other conditional uses of DPURIFY. This makes -DPURIFY a no-op.
[Emilia Käsper]

So does this mean that -DPURIFY  is enabled by default?

If so, why am I seeing  these valgrind errors?

I've shown   the output of my openssl version -a  below.

I could put in suppressions for these valgrind errors but there are so many
and affect so many areas that it would almost make my valgrind  tests
useless.

Looking forward to any help,

Tim


OpenSSL 1.1.1c 28 May 2019
platform: linux-x86_64 
options: bn(64,64) rc4(16x,int) des(int) idea(int) blowfish(ptr) 
compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -O3
-DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ
-DOPENSSL_IA32_SSE2 -DOPE
NSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM
-DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM
-DVPAES_A
SM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM
-DNDEBUG 
OPENSSLDIR: "/opt/openssl/1.1.1" 
ENGINESDIR: "/opt/openssl/1.1.1/lib/engines-1.1" 
Seeding source: os-specific

More information about the openssl-users mailing list