Hi All,

Valgrind reports a problem with OpenSSL and Curl (see below).
Any idea how to fix it?


$> valgrind curl https://www.willcodeqtforfood.de/index.php
==4182== Memcheck, a memory error detector.
==4182== Copyright (C) 2002-2007, and GNU GPL'd, by Julian Seward et al.
==4182== Using LibVEX rev 1732, a library for dynamic binary translation.
==4182== Copyright (C) 2004-2007, and GNU GPL'd, by OpenWorks LLP.
==4182== Using valgrind-3.2.3, a dynamic binary instrumentation framework.
==4182== Copyright (C) 2000-2007, and GNU GPL'd, by Julian Seward et al.
==4182== For more details, rerun with: -v
==4182==
==4182== Syscall param write(buf) points to uninitialised byte(s)
==4182== at 0x42EB063: write (in /lib/libc-2.5.so)
==4182== by 0x4183D32: BIO_write (in /usr/lib/libcrypto.so.0.9.8)
==4182== by 0x40D0E5E: ssl23_write_bytes (in /usr/lib/libssl.so.0.9.8)
==4182== by 0x40CFF47: ssl23_connect (in /usr/lib/libssl.so.0.9.8)
==4182== by 0x40DAAC9: SSL_connect (in /usr/lib/libssl.so.0.9.8)
==4182== by 0x40612F3: Curl_ossl_connect_step2 (ssluse.c:1486)
==4182== by 0x40619EB: Curl_ossl_connect_common (ssluse.c:1749)
==4182== by 0x4061AE1: Curl_ossl_connect (ssluse.c:1790)
==4182== by 0x40755BD: Curl_ssl_connect (sslgen.c:203)
==4182== by 0x404D447: Curl_http_connect (http.c:1441)
==4182== by 0x405A870: Curl_protocol_connect (url.c:2380)
==4182== by 0x405D4E0: SetupConnection (url.c:3978)
==4182== Address 0x46D9CF4 is 92 bytes inside a block of size 21,848 alloc'd
==4182== at 0x4022B3F: malloc
(in /usr/lib/valgrind/x86-linux/vgpreload_memcheck.so)
==4182== by 0x412686D: (within /usr/lib/libcrypto.so.0.9.8)
==4182== by 0x4126ED8: CRYPTO_malloc (in /usr/lib/libcrypto.so.0.9.8)
==4182== by 0x4183324: BUF_MEM_grow (in /usr/lib/libcrypto.so.0.9.8)
==4182== by 0x40D02DB: ssl23_connect (in /usr/lib/libssl.so.0.9.8)
==4182== by 0x40DAAC9: SSL_connect (in /usr/lib/libssl.so.0.9.8)
==4182== by 0x40612F3: Curl_ossl_connect_step2 (ssluse.c:1486)
==4182== by 0x40619EB: Curl_ossl_connect_common (ssluse.c:1749)
==4182== by 0x4061AE1: Curl_ossl_connect (ssluse.c:1790)
==4182== by 0x40755BD: Curl_ssl_connect (sslgen.c:203)
==4182== by 0x404D447: Curl_http_connect (http.c:1441)
==4182== by 0x405A870: Curl_protocol_connect (url.c:2380)
curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify
failed
More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). The default
bundle is named curl-ca-bundle.crt; you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
==4182==
==4182== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 7 from 1)
==4182== malloc/free: in use at exit: 302 bytes in 13 blocks.
==4182== malloc/free: 12,070 allocs, 12,057 frees, 758,848 bytes allocated.
==4182== For counts of detected errors, rerun with: -v
==4182== searching for pointers to 13 not-freed blocks.
==4182== checked 200,720 bytes.
==4182==
==4182== LEAK SUMMARY:
==4182== definitely lost: 0 bytes in 0 blocks.
==4182== possibly lost: 0 bytes in 0 blocks.
==4182== still reachable: 302 bytes in 13 blocks.
==4182== suppressed: 0 bytes in 0 blocks.
==4182== Rerun with --leak-check=full to see details of leaked memory
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org