Niels Möller nisse@lysator.liu.se writes:
Daiki Ueno ueno@gnu.org writes:
Added `mark_bytes_undefined (1, &ciphertext[key->size]);` to the test cases doing encryption.
I'm afraid that isn't right. For one, mark_bytes_undefined is conditioned so it only has any effect when running the sc tests. Second, it will not produce any warnings for writes, which I think is what we'd like to detect here. I think the options are:
Just don't allocate any extra byte, and valgrind's should arrange for alerts on out-of-bounds writes without anything special.
Allocate an extra byte, write some random value before the call, and check that the value is unchanged after the call (some other tests do that sort of thing, it's simple, old fashioned, and doesn't depend on valgrind).
Allocate an extra byte, and mark it using VALGRIND_MAKE_MEM_NOACCESS (wrapped in some macro depending on the memcheck.h configure check). I don't think that gives any real benefit over valgrind's default behavior with (1), but might make sense if done in combination with (2).
Sorry for the confusion and thank you for the explanation; now I get it. I pushed a change along the of option (2). Could you take a look again?
Regards,