So I've got a very basic example of talking to a facebook server over https, but valgrind is complaining sadly. So I assume I'm not setting something up incorrectly... does anyone know what I'm doing wrong?
Here's my code:
#include <string>
#include <iostream>
#include <curl/curl.h>
size_t write_fn_impl( void* ptr, size_t size, size_t nmemb, void * data )
{
std::string * result = static_cast<std::string*>(data);
*result += std::string( (char*)ptr, size*nmemb );
return size*nmemb;
}
int main()
{
std::string url_full="https://graph.facebook.com/me";
std::string useragent = "Facebook API C++ Client (curl)";
CURL * ch_ = curl_easy_init();
char error_buffer[CURL_ERROR_SIZE];
curl_easy_setopt( ch_, CURLOPT_ERRORBUFFER, error_buffer );
curl_easy_setopt( ch_, CURLOPT_WRITEFUNCTION, &write_fn_impl );
std::string result;
curl_easy_setopt( ch_, CURLOPT_WRITEDATA, &result );
int id = 1;
curl_easy_setopt( ch_, CURLOPT_VERBOSE, id );
curl_easy_setopt( ch_, CURLOPT_URL, url_full.c_str() );
curl_easy_setopt( ch_, CURLOPT_USERAGENT, useragent.c_str() );
curl_easy_setopt( ch_, CURLOPT_CONNECTTIMEOUT, 10);
curl_easy_setopt( ch_, CURLOPT_TIMEOUT, 30);
curl_easy_perform(ch_);
curl_easy_cleanup(ch_);
std::cout<< result<<std::endl;
}
And what valgrind says is:
==14149== Memcheck, a memory error detector
==14149== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al.
==14149== Using Valgrind-3.5.0-Debian and LibVEX; rerun with -h for copyright info
==14149== Command: ./a.out
==14149==
* About to connect() to graph.facebook.com port 443 (#0)
* Trying 66.220.146.47... * connected
* Connected to graph.facebook.com (66.220.146.47) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
==14149== Syscall param write(buf) points to uninitialised byte(s)
==14149== at 0x4268113: __write_nocancel (in /lib/tls/i686/cmov/libc-2.10.1.so)
==14149== by 0x44A5A8E: BIO_write (in /lib/i686/cmov/libcrypto.so.0.9.8)
==14149== by 0x43E49B8: ssl23_write_bytes (in /lib/i686/cmov/libssl.so.0.9.8)
==14149== by 0x43E39AB: ssl23_connect (in /lib/i686/cmov/libssl.so.0.9.8)
==14149== by 0x43F0D49: SSL_connect (in /lib/i686/cmov/libssl.so.0.9.8)
==14149== by 0x4050EB0: ossl_connect_common (in /usr/lib/libcurl.so.4.1.1)
==14149== by 0x4052202: Curl_ossl_connect (in /usr/lib/libcurl.so.4.1.1)
==14149== by 0x406597F: Curl_ssl_connect (in /usr/lib/libcurl.so.4.1.1)
==14149== by 0x403FF1B: Curl_http_connect (in /usr/lib/libcurl.so.4.1.1)
==14149== by 0x4046F6D: Curl_protocol_connect (in /usr/lib/libcurl.so.4.1.1)
==14149== by 0x404C396: Curl_connect (in /usr/lib/libcurl.so.4.1.1)
==14149== by 0x4059B23: Curl_perform (in /usr/lib/libcurl.so.4.1.1)
==14149== Address 0x47e92df is 15 bytes inside a block of size 21,848 alloc'd
==14149== at 0x4024C1C: malloc (vg_replace_malloc.c:195)
==14149== by 0x4446EFD: ??? (in /lib/i686/cmov/libcrypto.so.0.9.8)
==14149== by 0x444755B: CRYPTO_malloc (in /lib/i686/cmov/libcrypto.so.0.9.8)
==14149== by 0x44A4EF7: BUF_MEM_grow (in /lib/i686/cmov/libcrypto.so.0.9.8)
==14149== by 0x43E3BAB: ssl23_connect (in /lib/i686/cmov/libssl.so.0.9.8)
==14149== by 0x43F0D49: SSL_connect (in /lib/i686/cmov/libssl.so.0.9.8)
==14149== by 0x4050EB0: ossl_connect_common (in /usr/lib/libcurl.so.4.1.1)
==14149== by 0x4052202: Curl_ossl_connect (in /usr/lib/libcurl.so.4.1.1)
==14149== by 0x406597F: Curl_ssl_connect (in /usr/lib/libcurl.so.4.1.1)
==14149== by 0x403FF1B: Curl_http_connect (in /usr/lib/libcurl.so.4.1.1)
==14149== by 0x4046F6D: Curl_protocol_connect (in /usr/lib/libcurl.so.4.1.1)
==14149== by 0x404C396: Curl_connect (in /usr/lib/libcurl.so.4.1.1)
And pages more....
MK is partially correct. Valgrind does throw up a lot of junk warnings about OpenSSL. But in my case the crashes I was seeing did seem to be due to some trouble with how I was using openSSL. In particular it was not getting correctly set up for multithreaded use. The curl docs cover what you need to do .. but somehow I must have missed it)
Anyway heres the suppression file that helped me find it .. it may be of use to someone.. But beware it probably doesnt' catch everything you'd want to catch, and it probably catches some things you dont want...
{
openssl-rand-write
Memcheck:Param
write(buf)
fun:__write_nocancel
fun:BIO_write
fun:ssl23_write_bytes
fun:ssl23_connect
fun:SSL_connect
fun:ossl_connect_common
}
{
openssl-rand-write2
Memcheck:Param
write(buf)
fun:__write_nocancel
fun:BIO_write
fun:ssl3_write_pending
obj:/lib/i686/cmov/libssl.so.0.9.8
fun:ssl3_write_bytes
fun:ssl3_write
fun:SSL_write
}
{
openssl-rand-write3
Memcheck:Param
write(buf)
fun:__write_nocancel
fun:BIO_write
...
fun:ossl_connect_common
}
{
openssl-rand-uninit_mod_inverse
Memcheck:Cond
fun:BN_mod_inverse
...
obj:/lib/i686/cmov/libcrypto.so.0.9.8
}
{
openssl-rand-uninit_div
Memcheck:Cond
fun:BN_div
...
obj:/lib/i686/cmov/libcrypto.so.0.9.8
}
{
openssl-uninit-padding
Memcheck:Cond
fun:RSA_padding_add_PKCS1_type_2
obj:/lib/i686/cmov/libcrypto.so.0.9.8
}
{
openssl-uninit-ucmp
Memcheck:Cond
fun:BN_ucmp
obj:/lib/i686/cmov/libcrypto.so.0.9.8
}
{
openssl-uninit-encrypt
Memcheck:Cond
obj:/lib/i686/cmov/libcrypto.so.0.9.8
fun:RSA_public_encrypt
}
{
openssl-uninit-ssl3_read_bytes
Memcheck:Cond
fun:ssl3_read_bytes
fun:ssl3_read
fun:SSL_read
}
{
openssl-uninit-get_finished
Memcheck:Cond
fun:ssl3_get_finished
fun:ssl3_connect
fun:SSL_connect
fun:ossl_connect_common
}
{
openssl-uninit-read_bytes
Memcheck:Cond
...
fun:ossl_connect_common
}
{
openssl-value4-connect_common
Memcheck:Value4
...
fun:ossl_connect_common
}
{
openssl-uninit-encrypt
Memcheck:Cond
...
fun:RSA_public_encrypt
}
Last time somebody tried to make sure OpenSSL runs clean under valgrind Bad Things (tm) happened: http://blogs.fsfe.org/tonnerre/archives/24
So I would just ignore any vlagrind warnings about OpenSSL.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With