]>
Commit | Line | Data |
---|---|---|
4f22f405 | 1 | /* |
48e5119a | 2 | * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. |
d02b48c6 | 3 | * |
0e9725bc | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
4f22f405 RS |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
d02b48c6 RE |
8 | */ |
9 | ||
07016a8a P |
10 | #include "e_os.h" |
11 | #include "internal/cryptlib.h" | |
25f2138b | 12 | #include "crypto/cryptlib.h" |
d02b48c6 RE |
13 | #include <stdio.h> |
14 | #include <stdlib.h> | |
bbd86bf5 | 15 | #include <limits.h> |
458cddc1 | 16 | #include <openssl/crypto.h> |
d02b48c6 | 17 | |
0f113f3e MC |
18 | /* |
19 | * the following pointers may be changed as long as 'allow_customize' is set | |
20 | */ | |
bbd86bf5 | 21 | static int allow_customize = 1; |
a5435e8b | 22 | |
05c7b163 | 23 | static void *(*malloc_impl)(size_t, const char *, int) |
bbd86bf5 | 24 | = CRYPTO_malloc; |
05c7b163 | 25 | static void *(*realloc_impl)(void *, size_t, const char *, int) |
bbd86bf5 | 26 | = CRYPTO_realloc; |
05c7b163 | 27 | static void (*free_impl)(void *, const char *, int) |
bbd86bf5 | 28 | = CRYPTO_free; |
74924dcb | 29 | |
9efa0ae0 | 30 | #if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODE) |
8f154985 | 31 | # include "internal/tsan_assist.h" |
0e598a3d | 32 | |
8f154985 AP |
33 | static TSAN_QUALIFIER int malloc_count; |
34 | static TSAN_QUALIFIER int realloc_count; | |
35 | static TSAN_QUALIFIER int free_count; | |
36 | ||
37 | # define INCREMENT(x) tsan_counter(&(x)) | |
0e598a3d | 38 | |
f7edeced RS |
39 | static char *md_failstring; |
40 | static long md_count; | |
50718243 | 41 | static int md_fail_percent = 0; |
f7edeced | 42 | static int md_tracefd = -1; |
f7edeced RS |
43 | |
44 | static void parseit(void); | |
45 | static int shouldfail(void); | |
46 | ||
47 | # define FAILTEST() if (shouldfail()) return NULL | |
48 | ||
f3a2a044 | 49 | #else |
f7edeced | 50 | |
0e598a3d | 51 | # define INCREMENT(x) /* empty */ |
f7edeced | 52 | # define FAILTEST() /* empty */ |
f3a2a044 | 53 | #endif |
9ac42ed8 | 54 | |
bbd86bf5 RS |
55 | int CRYPTO_set_mem_functions( |
56 | void *(*m)(size_t, const char *, int), | |
57 | void *(*r)(void *, size_t, const char *, int), | |
05c7b163 | 58 | void (*f)(void *, const char *, int)) |
74924dcb | 59 | { |
74924dcb RS |
60 | if (!allow_customize) |
61 | return 0; | |
bbd86bf5 | 62 | if (m) |
05c7b163 | 63 | malloc_impl = m; |
bbd86bf5 | 64 | if (r) |
05c7b163 | 65 | realloc_impl = r; |
bbd86bf5 | 66 | if (f) |
05c7b163 | 67 | free_impl = f; |
74924dcb RS |
68 | return 1; |
69 | } | |
70 | ||
bbd86bf5 RS |
71 | void CRYPTO_get_mem_functions( |
72 | void *(**m)(size_t, const char *, int), | |
73 | void *(**r)(void *, size_t, const char *, int), | |
05c7b163 | 74 | void (**f)(void *, const char *, int)) |
0f113f3e MC |
75 | { |
76 | if (m != NULL) | |
05c7b163 | 77 | *m = malloc_impl; |
0f113f3e | 78 | if (r != NULL) |
05c7b163 | 79 | *r = realloc_impl; |
74924dcb | 80 | if (f != NULL) |
05c7b163 | 81 | *f = free_impl; |
0f113f3e | 82 | } |
d02b48c6 | 83 | |
9efa0ae0 | 84 | #if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODE) |
0e598a3d RS |
85 | void CRYPTO_get_alloc_counts(int *mcount, int *rcount, int *fcount) |
86 | { | |
87 | if (mcount != NULL) | |
8f154985 | 88 | *mcount = tsan_load(&malloc_count); |
0e598a3d | 89 | if (rcount != NULL) |
8f154985 | 90 | *rcount = tsan_load(&realloc_count); |
0e598a3d | 91 | if (fcount != NULL) |
8f154985 | 92 | *fcount = tsan_load(&free_count); |
0e598a3d RS |
93 | } |
94 | ||
f7edeced RS |
95 | /* |
96 | * Parse a "malloc failure spec" string. This likes like a set of fields | |
97 | * separated by semicolons. Each field has a count and an optional failure | |
98 | * percentage. For example: | |
50718243 RS |
99 | * 100@0;100@25;0@0 |
100 | * or 100;100@25;0 | |
f7edeced RS |
101 | * This means 100 mallocs succeed, then next 100 fail 25% of the time, and |
102 | * all remaining (count is zero) succeed. | |
103 | */ | |
104 | static void parseit(void) | |
105 | { | |
106 | char *semi = strchr(md_failstring, ';'); | |
107 | char *atsign; | |
108 | ||
109 | if (semi != NULL) | |
110 | *semi++ = '\0'; | |
111 | ||
112 | /* Get the count (atol will stop at the @ if there), and percentage */ | |
113 | md_count = atol(md_failstring); | |
114 | atsign = strchr(md_failstring, '@'); | |
50718243 | 115 | md_fail_percent = atsign == NULL ? 0 : atoi(atsign + 1); |
f7edeced RS |
116 | |
117 | if (semi != NULL) | |
118 | md_failstring = semi; | |
119 | } | |
120 | ||
afe9bba7 RL |
121 | /* |
122 | * Windows doesn't have random(), but it has rand() | |
123 | * Some rand() implementations aren't good, but we're not | |
124 | * dealing with secure randomness here. | |
125 | */ | |
ab307dc6 DO |
126 | # ifdef _WIN32 |
127 | # define random() rand() | |
128 | # endif | |
f7edeced RS |
129 | /* |
130 | * See if the current malloc should fail. | |
131 | */ | |
132 | static int shouldfail(void) | |
133 | { | |
134 | int roll = (int)(random() % 100); | |
d2b53fcd | 135 | int shoulditfail = roll < md_fail_percent; |
ab307dc6 DO |
136 | # ifndef _WIN32 |
137 | /* suppressed on Windows as POSIX-like file descriptors are non-inheritable */ | |
43a0449f | 138 | int len; |
f7edeced RS |
139 | char buff[80]; |
140 | ||
141 | if (md_tracefd > 0) { | |
142 | BIO_snprintf(buff, sizeof(buff), | |
143 | "%c C%ld %%%d R%d\n", | |
d2b53fcd | 144 | shoulditfail ? '-' : '+', md_count, md_fail_percent, roll); |
43a0449f P |
145 | len = strlen(buff); |
146 | if (write(md_tracefd, buff, len) != len) | |
147 | perror("shouldfail write failed"); | |
f7edeced | 148 | } |
ab307dc6 | 149 | # endif |
f7edeced RS |
150 | |
151 | if (md_count) { | |
152 | /* If we used up this one, go to the next. */ | |
153 | if (--md_count == 0) | |
154 | parseit(); | |
155 | } | |
156 | ||
d2b53fcd | 157 | return shoulditfail; |
f7edeced RS |
158 | } |
159 | ||
160 | void ossl_malloc_setup_failures(void) | |
161 | { | |
162 | const char *cp = getenv("OPENSSL_MALLOC_FAILURES"); | |
163 | ||
164 | if (cp != NULL && (md_failstring = strdup(cp)) != NULL) | |
165 | parseit(); | |
166 | if ((cp = getenv("OPENSSL_MALLOC_FD")) != NULL) | |
167 | md_tracefd = atoi(cp); | |
168 | } | |
169 | #endif | |
170 | ||
ff842856 | 171 | void *CRYPTO_malloc(size_t num, const char *file, int line) |
0f113f3e MC |
172 | { |
173 | void *ret = NULL; | |
174 | ||
0e598a3d | 175 | INCREMENT(malloc_count); |
05c7b163 RL |
176 | if (malloc_impl != NULL && malloc_impl != CRYPTO_malloc) |
177 | return malloc_impl(num, file, line); | |
178 | ||
5e1f879a | 179 | if (num == 0) |
0f113f3e MC |
180 | return NULL; |
181 | ||
f7edeced | 182 | FAILTEST(); |
41aede86 | 183 | if (allow_customize) { |
184 | /* | |
185 | * Disallow customization after the first allocation. We only set this | |
186 | * if necessary to avoid a store to the same cache line on every | |
187 | * allocation. | |
188 | */ | |
189 | allow_customize = 0; | |
190 | } | |
0e97f1e1 | 191 | (void)(file); (void)(line); |
bbd86bf5 | 192 | ret = malloc(num); |
d02b48c6 | 193 | |
0f113f3e MC |
194 | return ret; |
195 | } | |
196 | ||
ff842856 | 197 | void *CRYPTO_zalloc(size_t num, const char *file, int line) |
b51bce94 RS |
198 | { |
199 | void *ret = CRYPTO_malloc(num, file, line); | |
200 | ||
f7edeced | 201 | FAILTEST(); |
b51bce94 RS |
202 | if (ret != NULL) |
203 | memset(ret, 0, num); | |
204 | return ret; | |
205 | } | |
206 | ||
ff842856 | 207 | void *CRYPTO_realloc(void *str, size_t num, const char *file, int line) |
0f113f3e | 208 | { |
0e598a3d | 209 | INCREMENT(realloc_count); |
05c7b163 RL |
210 | if (realloc_impl != NULL && realloc_impl != &CRYPTO_realloc) |
211 | return realloc_impl(str, num, file, line); | |
212 | ||
f7edeced | 213 | FAILTEST(); |
0f113f3e MC |
214 | if (str == NULL) |
215 | return CRYPTO_malloc(num, file, line); | |
d5234c7b | 216 | |
bbd86bf5 | 217 | if (num == 0) { |
05c7b163 | 218 | CRYPTO_free(str, file, line); |
0f113f3e | 219 | return NULL; |
bbd86bf5 | 220 | } |
d5234c7b | 221 | |
0e97f1e1 | 222 | (void)(file); (void)(line); |
bbd86bf5 | 223 | return realloc(str, num); |
9ac42ed8 | 224 | |
0f113f3e | 225 | } |
d02b48c6 | 226 | |
c99de053 | 227 | void *CRYPTO_clear_realloc(void *str, size_t old_len, size_t num, |
ff842856 | 228 | const char *file, int line) |
0f113f3e MC |
229 | { |
230 | void *ret = NULL; | |
231 | ||
232 | if (str == NULL) | |
233 | return CRYPTO_malloc(num, file, line); | |
234 | ||
bbd86bf5 | 235 | if (num == 0) { |
05c7b163 | 236 | CRYPTO_clear_free(str, old_len, file, line); |
0f113f3e | 237 | return NULL; |
bbd86bf5 | 238 | } |
0f113f3e | 239 | |
bbd86bf5 RS |
240 | /* Can't shrink the buffer since memcpy below copies |old_len| bytes. */ |
241 | if (num < old_len) { | |
3ce2fdab | 242 | OPENSSL_cleanse((char*)str + num, old_len - num); |
bbd86bf5 RS |
243 | return str; |
244 | } | |
0f113f3e | 245 | |
05c7b163 | 246 | ret = CRYPTO_malloc(num, file, line); |
2ac7753c | 247 | if (ret != NULL) { |
bbd86bf5 | 248 | memcpy(ret, str, old_len); |
2ac7753c DSH |
249 | CRYPTO_clear_free(str, old_len, file, line); |
250 | } | |
0f113f3e MC |
251 | return ret; |
252 | } | |
54a656ef | 253 | |
05c7b163 | 254 | void CRYPTO_free(void *str, const char *file, int line) |
0f113f3e | 255 | { |
0e598a3d | 256 | INCREMENT(free_count); |
05c7b163 RL |
257 | if (free_impl != NULL && free_impl != &CRYPTO_free) { |
258 | free_impl(str, file, line); | |
259 | return; | |
260 | } | |
261 | ||
bbd86bf5 | 262 | free(str); |
0f113f3e | 263 | } |
d02b48c6 | 264 | |
05c7b163 | 265 | void CRYPTO_clear_free(void *str, size_t num, const char *file, int line) |
4b45c6e5 | 266 | { |
bbd86bf5 | 267 | if (str == NULL) |
4b45c6e5 RS |
268 | return; |
269 | if (num) | |
270 | OPENSSL_cleanse(str, num); | |
05c7b163 | 271 | CRYPTO_free(str, file, line); |
4b45c6e5 | 272 | } |
742ccab3 RS |
273 | |
274 | #if !defined(OPENSSL_NO_CRYPTO_MDEBUG) | |
275 | ||
276 | # ifndef OPENSSL_NO_DEPRECATED_3_0 | |
277 | int CRYPTO_mem_ctrl(int mode) | |
278 | { | |
279 | (void)mode; | |
280 | return -1; | |
281 | } | |
282 | ||
283 | int CRYPTO_set_mem_debug(int flag) | |
284 | { | |
285 | (void)flag; | |
286 | return -1; | |
287 | } | |
288 | ||
289 | int CRYPTO_mem_debug_push(const char *info, const char *file, int line) | |
290 | { | |
291 | (void)info; (void)file; (void)line; | |
292 | return -1; | |
293 | } | |
294 | ||
295 | int CRYPTO_mem_debug_pop(void) | |
296 | { | |
297 | return -1; | |
298 | } | |
299 | ||
f64f2622 RS |
300 | void CRYPTO_mem_debug_malloc(void *addr, size_t num, int flag, |
301 | const char *file, int line) | |
302 | { | |
303 | (void)addr; (void)num; (void)flag; (void)file; (void)line; | |
304 | } | |
305 | ||
306 | void CRYPTO_mem_debug_realloc(void *addr1, void *addr2, size_t num, int flag, | |
307 | const char *file, int line) | |
308 | { | |
309 | (void)addr1; (void)addr2; (void)num; (void)flag; (void)file; (void)line; | |
310 | } | |
311 | ||
312 | void CRYPTO_mem_debug_free(void *addr, int flag, | |
313 | const char *file, int line) | |
314 | { | |
315 | (void)addr; (void)flag; (void)file; (void)line; | |
316 | } | |
317 | ||
742ccab3 RS |
318 | int CRYPTO_mem_leaks(BIO *b) |
319 | { | |
320 | (void)b; | |
321 | return -1; | |
322 | } | |
323 | ||
324 | # ifndef OPENSSL_NO_STDIO | |
325 | int CRYPTO_mem_leaks_fp(FILE *fp) | |
326 | { | |
327 | (void)fp; | |
328 | return -1; | |
329 | } | |
330 | # endif | |
331 | ||
332 | int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u), | |
333 | void *u) | |
334 | { | |
335 | (void)cb; (void)u; | |
336 | return -1; | |
337 | } | |
338 | ||
339 | # endif | |
340 | ||
341 | #endif |