lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-08-04 09:42:08 +03:00
Code Activity

ci: Add valgrind runs for all crypto backends

Browse Source 
The libgcrypt has a lot of reachable code so allowing it to fail

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This commit is contained in:
Jakub Jelen
2024-07-01 20:05:39 +02:00
parent ec6363d6b5
commit 13935fca7e
2 changed files with 65 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
.gitlab-ci.yml
View File

@@ -226,11 +226,7 @@ fedora/openssl_3.0.x/x86_64/minimal:
-DWITH_GEX=OFF .. && -DWITH_GEX=OFF .. &&
make -j$(nproc) make -j$(nproc)
# The PKCS#11 support is turned off as it brings dozens of memory issues from .valgrind:
# engine_pkcs11 or openssl itself
fedora/valgrind:
variables:
CMAKE_ADDITIONAL_OPTIONS: -DWITH_PKCS11_URI=OFF
extends: .fedora extends: .fedora
stage: analysis stage: analysis
script: script:
@@ -239,6 +235,24 @@ fedora/valgrind:
make test_memcheck make test_memcheck
- cat Testing/Temporary/MemoryChecker.*.log | wc -l | grep "^0$" - cat Testing/Temporary/MemoryChecker.*.log | wc -l | grep "^0$"
# The PKCS#11 support is turned off as it brings dozens of memory issues from
# engine_pkcs11 or openssl itself
fedora/valgrind/openssl:
variables:
CMAKE_ADDITIONAL_OPTIONS: -DWITH_PKCS11_URI=OFF
extends: .valgrind
fedora/valgrind/mbedtls:
variables:
CMAKE_ADDITIONAL_OPTIONS: -DWITH_MBEDTLS=ON
extends: .valgrind
fedora/valgrind/libgcrypt:
variables:
CMAKE_ADDITIONAL_OPTIONS: -DWITH_GCRYPT=ON
extends: .valgrind
allow_failure: true
# Address sanitizer doesn't mix well with LD_PRELOAD used in the testsuite # Address sanitizer doesn't mix well with LD_PRELOAD used in the testsuite
# so, this is only enabled for unit tests right now. # so, this is only enabled for unit tests right now.
# TODO: add -DCLIENT_TESTING=ON -DSERVER_TESTING=ON # TODO: add -DCLIENT_TESTING=ON -DSERVER_TESTING=ON

46
tests/valgrind.supp
View File

@@ -151,3 +151,49 @@
fun:torture_run_tests fun:torture_run_tests
fun:main fun:main
} }
## libgcrypt
{
Reachable allocations from libgcrypt
Memcheck:Leak
match-leak-kinds: reachable
fun:malloc
...
fun:gcry_check_version
fun:ssh_crypto_init
fun:_ssh_init
fun:libssh_constructor
fun:call_init
fun:__libc_start_main@@GLIBC_2.34
fun:(below main)
}
{
randomize in libgcrypt keeps some memory around
Memcheck:Leak
match-leak-kinds: reachable
fun:malloc
...
fun:_gcry_xmalloc
fun:_gcry_xcalloc
fun:initialize.lto_priv.0
fun:_gcry_rngcsprng_randomize
fun:ssh_get_random
...
}
{
EC key operation allocs some reachable memory
Memcheck:Leak
match-leak-kinds: reachable
fun:malloc
...
fun:_gcry_xmalloc
fun:_gcry_mpi_alloc
fun:_gcry_mpi_scan
fun:ec_p_init.lto_priv.0
...
fun:_gcry_mpi_ec_internal_new
fun:ecc_sign.lto_priv.0
fun:_gcry_pk_sign
fun:gcry_pk_sign
...
}