valgrind: check if session ticket key is used without initialization

This adds a valgrind client request for session->key.session_ticket_key to make sure that it is not used without initialization. Signed-off-by: Daiki Ueno <ueno@gnu.org>

valgrind: check if session ticket key is used without initialization
This adds a valgrind client request for session->key.session_ticket_key to make sure that it is not used without initialization. Signed-off-by: Daiki Ueno <ueno@gnu.org>
3d7fae76 · Daiki Ueno · c2646aee · 3d7fae76 · 3d7fae76
Commit 3d7fae76 authored Jun 02, 2020 by Daiki Ueno
--- a/lib/state.c
+++ b/lib/state.c
@@ -578,9 +578,12 @@ int gnutls_init(gnutls_session_t * session, unsigned int flags)
 		if (flags & GNUTLS_CLIENT)
 			VALGRIND_MAKE_MEM_UNDEFINED((*session)->security_parameters.client_random,
 						    GNUTLS_RANDOM_SIZE);
-		if (flags & GNUTLS_SERVER)
+		if (flags & GNUTLS_SERVER) {
 			VALGRIND_MAKE_MEM_UNDEFINED((*session)->security_parameters.server_random,
 						    GNUTLS_RANDOM_SIZE);
+			VALGRIND_MAKE_MEM_UNDEFINED((*session)->key.session_ticket_key,
+						    TICKET_MASTER_KEY_SIZE);
+		}
 	}
 #endif
 	handshake_internal_state_clear1(*session);

--- a/lib/stek.c
+++ b/lib/stek.c
@@ -21,6 +21,9 @@
 */
 #include "gnutls_int.h"
 #include "stek.h"
+#ifdef HAVE_VALGRIND_MEMCHECK_H
+#include <valgrind/memcheck.h>
+#endif

 #define NAME_POS (0)
 #define KEY_POS (TICKET_KEY_NAME_SIZE)
@@ -143,6 +146,11 @@ static int rotate(gnutls_session_t session)
 		call_rotation_callback(session, key, t);
 		session->key.totp.last_result = t;
 		memcpy(session->key.session_ticket_key, key, sizeof(key));
+#ifdef HAVE_VALGRIND_MEMCHECK_H
+		if (RUNNING_ON_VALGRIND)
+			VALGRIND_MAKE_MEM_DEFINED(session->key.session_ticket_key,
+						  TICKET_MASTER_KEY_SIZE);
+#endif

 		session->key.totp.was_rotated = 1;
 	} else if (t < 0) {