libssh/tests/valgrind.supp

### GLIBC
{
   glibc_regcomp
   Memcheck:Leak
   fun:*alloc
   ...
   fun:regcomp
}
{
   glibc_getaddrinfo_leak
   Memcheck:Leak
   fun:malloc
   fun:make_request
   fun:__check_pf
   fun:getaddrinfo
   fun:getai
   fun:ssh_connect_host_nonblocking
}

{
   glibc_dlopen_getdelim_selinux
   Memcheck:Leak
   fun:malloc
   fun:getdelim
   obj:/lib64/libselinux.so.1
   fun:call_init
   fun:_dl_init
   obj:/lib64/ld-2.15.so
}

{
   glibc_dlopen_alloc
   Memcheck:Leak
   fun:calloc
   fun:_dlerror_run
   fun:dlopen@@GLIBC_2.2.5
}

### VALGRIND
{
    valgrind_exit_free_bug
    Memcheck:Free
    fun:free
    fun:__libc_freeres
    fun:_vgnU_freeres
    fun:__run_exit_handlers
    fun:exit
}


### OPENSSL
{
   openssl_crypto_value8
   Memcheck:Value8
   fun:*
   obj:/lib*/libcrypto.so*
}

{
   openssl_crypto_value4
   Memcheck:Value4
   fun:*
   obj:/lib*/libcrypto.so*
}

{
   openssl_crypto_cond
   Memcheck:Cond
   fun:*
   obj:/lib*/libcrypto.so*
}

{
   openssl_BN_cond
   Memcheck:Cond
   fun:BN_*
}

{
   openssl_bn_value8
   Memcheck:Value8
   fun:bn_*
}

{
   openssl_bn_value4
   Memcheck:Value4
   fun:bn_*
}

{
   openssl_AES_cond
   Memcheck:Cond
   fun:AES_*
}

{
   openssl_DES_cond
   Memcheck:Cond
   fun:DES_*
}

{
   openssl_DES_value8
   Memcheck:Value8
   fun:DES_*
}

{
   openssl_DES_value4
   Memcheck:Value4
   fun:DES_*
}

{
   openssl_BF_cond
   Memcheck:Cond
   fun:BF_*
}

{
   openssl_SHA1_cond
   Memcheck:Cond
   fun:SHA1_*
}
{
   openssl_CRYPTO_leak
   Memcheck:Cond
   fun:OPENSSL_cleanse
}
{
   openssl_FIPS_dlopen_leak
   Memcheck:Leak
   match-leak-kinds: reachable
   fun:calloc
   fun:_dlerror_run
   fun:dlopen*
   obj:/lib64/libcrypto.so*
   fun:FIPS_module_mode_set
   fun:FIPS_mode_set
   fun:OPENSSL_init_library
}
# Cmocka
{
   This looks like leak from cmocka when the forked server is not properly terminated
   Memcheck:Leak
   match-leak-kinds: reachable
   fun:calloc
   ...
   fun:_cmocka_run_group_tests
   fun:torture_run_tests
   fun:main
}

## libgcrypt
{
   Reachable allocations from libgcrypt
   Memcheck:Leak
   match-leak-kinds: reachable
   fun:malloc
   ...
   fun:gcry_check_version
   fun:ssh_crypto_init
   fun:_ssh_init
   fun:libssh_constructor
   ...
}
{
   randomize in libgcrypt keeps some memory around
   Memcheck:Leak
   match-leak-kinds: reachable
   fun:malloc
   ...
   fun:ssh_get_random
   ...
}
{
   EC key operation allocs some reachable memory
   Memcheck:Leak
   match-leak-kinds: reachable
   fun:malloc
   ...
   fun:gcry_pk_sign
   ...
}
{
   EC key operation allocs some reachable memory
   Memcheck:Leak
   match-leak-kinds: reachable
   fun:malloc
   ...
   fun:gcry_pk_verify
   ...
}
{
   EC key generation allocs some reachable memory
   Memcheck:Leak
   match-leak-kinds: reachable
   fun:malloc
   ...
   fun:gcry_pk_genkey
   ...
}
# NSS
{
   Reachable memory from getaddrinfo
   Memcheck:Leak
   match-leak-kinds: reachable
   fun:malloc
   fun:malloc
   fun:strdup
   fun:_dl_load_cache_lookup
   fun:_dl_map_object
   fun:dl_open_worker_begin
   fun:_dl_catch_exception
   fun:dl_open_worker
   fun:_dl_catch_exception
   fun:_dl_open
   fun:do_dlopen
   fun:_dl_catch_exception
   fun:_dl_catch_error
   fun:dlerror_run
   fun:__libc_dlopen_mode
   fun:module_load
   fun:__nss_module_get_function
   fun:getaddrinfo
   ...
   fun:krb5_sname_to_principal
   ...
   fun:gss_init_sec_context
   fun:ssh_packet_userauth_gssapi_response
   fun:ssh_packet_process
   fun:ssh_packet_socket_callback
   fun:ssh_socket_pollcallback
   fun:ssh_poll_ctx_dopoll
   fun:ssh_handle_packets
   fun:ssh_handle_packets_termination
   fun:ssh_userauth_get_response
   fun:ssh_userauth_gssapi
   fun:torture_gssapi_auth_server_identity
   ...
   fun:_cmocka_run_group_tests
   fun:torture_run_tests
   fun:main
}

{
   Reachable memory from getaddrinfo
   Memcheck:Leak
   match-leak-kinds: reachable
   fun:malloc
   fun:UnknownInlinedFun
   fun:_dl_new_object
   fun:_dl_map_object_from_fd
   fun:_dl_map_object
   fun:dl_open_worker_begin
   fun:_dl_catch_exception
   fun:dl_open_worker
   fun:_dl_catch_exception
   fun:_dl_open
   fun:do_dlopen
   fun:_dl_catch_exception
   fun:_dl_catch_error
   fun:dlerror_run
   fun:__libc_dlopen_mode
   fun:module_load
   fun:__nss_module_get_function
   fun:getaddrinfo
   ...
   fun:krb5_sname_to_principal
   ...
   fun:gss_init_sec_context
   fun:ssh_packet_userauth_gssapi_response
   fun:ssh_packet_process
   fun:ssh_packet_socket_callback
   fun:ssh_socket_pollcallback
   fun:ssh_poll_ctx_dopoll
   fun:ssh_handle_packets
   fun:ssh_handle_packets_termination
   fun:ssh_userauth_get_response
   fun:ssh_userauth_gssapi
   fun:torture_gssapi_auth_server_identity
   ...
   fun:_cmocka_run_group_tests
   fun:torture_run_tests
   fun:main
}

## libkrb5
# krb5_mcc_generate_new allocates a hashtab on a static global variable
# It doesn't get freed.
{
   Reachable memory from libkrb5
   Memcheck:Leak
   match-leak-kinds: reachable
   fun:malloc
   fun:k5_hashtab_create
   ...
   fun:krb5_mcc_generate_new*
}