Add FAQ entry on how to get rid of Valgrind warnings.

PR: 521

1 files changed, 15 insertions, 0 deletions

diff --git a/FAQ b/FAQ
index 74bf952ddc..e00651e9c5 100644
--- a/FAQ
+++ b/FAQ
@@ -66,6 +66,7 @@ OpenSSL  -  Frequently Asked Questions
 * Why doesn't my server application receive a client certificate?
 * Why does compilation fail due to an undefined symbol NID_uniqueIdentifier?
 * I think I've detected a memory leak, is this a bug?
+* Why does Valgrind complain about the use of uninitialized data?
 
 ===============================================================================
 
@@ -894,5 +895,19 @@ thread-safe):
   ERR_free_strings(), EVP_cleanup() and CRYPTO_cleanup_all_ex_data().
 
 
+* Why does Valgrind complain about the use of uninitialized data?
+
+OpenSSL does internally call its own PRNG routines to retrieve random
+numbers. It so does with uninitialed buffer contents. The buffer
+contents is mixed into the entropy pool so that it technically does
+not matter whether the buffer is initialized at this point or not.
+Valgrind (and other test tools) will complain whatsoever. When
+using Valgrind, make sure to use an OpenSSL library that has been
+compiled with the PEDANTIC macro being defined (-DPEDANTIC) to
+get rid of these warnings. Compling with -DPURIFY will help as well.
+
+The PEDANTIC macro was added in OpenSSL 0.9.8f.
+
+
 ===============================================================================