Silence most noisy sources of memory leakage.

==27135== Use of uninitialised value of size 8 ==27135== at 0x57BE17B: BN_num_bits_word (in /usr/lib/libcrypto.so.1.0.0) ==27135== by 0x57BE205: BN_num_bits (in /usr/lib/libcrypto.so.1.0.0) ==27135== by 0x57BADF7: BN_div (in /usr/lib/libcrypto.so.1.0.0) ==27135== by 0x57C48FC: BN_mod_inverse (in /usr/lib/libcrypto.so.1.0.0) ==27135== by 0x57C3647: BN_BLINDING_create_param (in /usr/lib/libcrypto.so.1.0.0) ==27135== by 0x5812D44: RSA_setup_blinding (in /usr/lib/libcrypto.so.1.0.0) ==27135== by 0x58095CB: rsa_get_blinding (in /usr/lib/libcrypto.so.1.0.0) ==27135== by 0x580A64F: RSA_eay_private_decrypt (in /usr/lib/libcrypto.so.1.0.0) ==27135== by 0x4E5D9BC: rsa_private_decrypt (rsa.c:97) ==27135== by 0x4E51E1B: metakey_h (protocol_auth.c:524) ==27135== by 0x4E505FD: receive_request (protocol.c:136) ==27135== by 0x4E46002: receive_meta (meta.c:290) ==27135== Uninitialised value was created by a heap allocation ==27135== at 0x4C29F90: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==27135== by 0x575DCD7: CRYPTO_malloc (in /usr/lib/libcrypto.so.1.0.0) ==27135== by 0x57C24E1: BN_rand (in /usr/lib/libcrypto.so.1.0.0) ==27135== by 0x57C216F: bn_rand_range (in /usr/lib/libcrypto.so.1.0.0) ==27135== by 0x57C3630: BN_BLINDING_create_param (in /usr/lib/libcrypto.so.1.0.0) ==27135== by 0x5812D44: RSA_setup_blinding (in /usr/lib/libcrypto.so.1.0.0) ==27135== by 0x58095CB: rsa_get_blinding (in /usr/lib/libcrypto.so.1.0.0) ==27135== by 0x580A64F: RSA_eay_private_decrypt (in /usr/lib/libcrypto.so.1.0.0) ==27135== by 0x4E5D9BC: rsa_private_decrypt (rsa.c:97) ==27135== by 0x4E51E1B: metakey_h (protocol_auth.c:524) ==27135== by 0x4E505FD: receive_request (protocol.c:136) ==27135== by 0x4E46002: receive_meta (meta.c:290)
2015-06-28 00:39:57 +02:00 · 2015-06-28 00:39:57 +02:00 · 408fb3b011
commit 408fb3b011
parent 7aca0be0f9
3 changed files with 9 additions and 2 deletions
--- a/src/meta.c
+++ b/src/meta.c
@ -287,7 +287,8 @@ bool receive_meta(connection_t *c) {

 			char *request = buffer_readline(&c->inbuf);
 			if(request) {
-				bool result = receive_request(c, request);
+				bool result = false;
+				result = receive_request(c, request);
 				if(!result)
 					return false;
 				continue;
--- a/src/net_packet.c
+++ b/src/net_packet.c
@ -837,6 +837,7 @@ bool receive_sptps_record(void *handle, uint8_t type, const void *data, uint16_t
 	}

 	vpn_packet_t inpkt;
+	bzero(&inpkt, sizeof(inpkt));
 	inpkt.offset = DEFAULT_PACKET_OFFSET;

 	if(type == PKT_PROBE) {
--- a/src/protocol_auth.c
+++ b/src/protocol_auth.c
@ -498,6 +498,11 @@ bool metakey_h(connection_t *c, const char *request) {
 	char enckey[len];
 	char key[len];

+	bzero(key, len);
+	bzero(enckey, len);
+
+	cipher = digest = maclength =compression = 0;
+
 	if(sscanf(request, "%*d %d %d %d %d " MAX_STRING, &cipher, &digest, &maclength, &compression, hexkey) != 5) {
 		logger(DEBUG_ALWAYS, LOG_ERR, "Got bad %s from %s (%s)", "METAKEY", c->name, c->hostname);
 		return false;
@ -692,7 +697,7 @@ bool send_ack(connection_t *c) {
 	   to create node_t and edge_t structures. */

 	struct timeval now;
-	bool choice;
+	bool choice = false;

 	/* Estimate weight */