]>
Commit | Line | Data |
---|---|---|
4f22f405 | 1 | /* |
48e5119a | 2 | * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. |
d02b48c6 | 3 | * |
0e9725bc | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
4f22f405 RS |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
d02b48c6 RE |
8 | */ |
9 | ||
07016a8a P |
10 | #include "e_os.h" |
11 | #include "internal/cryptlib.h" | |
25f2138b | 12 | #include "crypto/cryptlib.h" |
d02b48c6 RE |
13 | #include <stdio.h> |
14 | #include <stdlib.h> | |
bbd86bf5 | 15 | #include <limits.h> |
458cddc1 | 16 | #include <openssl/crypto.h> |
9efa0ae0 | 17 | #if !defined(OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE) && !defined(FIPS_MODE) |
f7edeced RS |
18 | # include <execinfo.h> |
19 | #endif | |
d02b48c6 | 20 | |
0f113f3e MC |
21 | /* |
22 | * the following pointers may be changed as long as 'allow_customize' is set | |
23 | */ | |
bbd86bf5 | 24 | static int allow_customize = 1; |
a5435e8b | 25 | |
05c7b163 | 26 | static void *(*malloc_impl)(size_t, const char *, int) |
bbd86bf5 | 27 | = CRYPTO_malloc; |
05c7b163 | 28 | static void *(*realloc_impl)(void *, size_t, const char *, int) |
bbd86bf5 | 29 | = CRYPTO_realloc; |
05c7b163 | 30 | static void (*free_impl)(void *, const char *, int) |
bbd86bf5 | 31 | = CRYPTO_free; |
74924dcb | 32 | |
9efa0ae0 | 33 | #if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODE) |
8f154985 | 34 | # include "internal/tsan_assist.h" |
0e598a3d | 35 | |
8f154985 AP |
36 | static TSAN_QUALIFIER int malloc_count; |
37 | static TSAN_QUALIFIER int realloc_count; | |
38 | static TSAN_QUALIFIER int free_count; | |
39 | ||
40 | # define INCREMENT(x) tsan_counter(&(x)) | |
0e598a3d | 41 | |
f7edeced RS |
42 | static char *md_failstring; |
43 | static long md_count; | |
50718243 | 44 | static int md_fail_percent = 0; |
f7edeced | 45 | static int md_tracefd = -1; |
bbd86bf5 | 46 | static int call_malloc_debug = 1; |
f7edeced RS |
47 | |
48 | static void parseit(void); | |
49 | static int shouldfail(void); | |
50 | ||
51 | # define FAILTEST() if (shouldfail()) return NULL | |
52 | ||
f3a2a044 | 53 | #else |
bbd86bf5 | 54 | static int call_malloc_debug = 0; |
f7edeced | 55 | |
0e598a3d | 56 | # define INCREMENT(x) /* empty */ |
f7edeced | 57 | # define FAILTEST() /* empty */ |
f3a2a044 | 58 | #endif |
9ac42ed8 | 59 | |
bbd86bf5 RS |
60 | int CRYPTO_set_mem_functions( |
61 | void *(*m)(size_t, const char *, int), | |
62 | void *(*r)(void *, size_t, const char *, int), | |
05c7b163 | 63 | void (*f)(void *, const char *, int)) |
74924dcb | 64 | { |
74924dcb RS |
65 | if (!allow_customize) |
66 | return 0; | |
bbd86bf5 | 67 | if (m) |
05c7b163 | 68 | malloc_impl = m; |
bbd86bf5 | 69 | if (r) |
05c7b163 | 70 | realloc_impl = r; |
bbd86bf5 | 71 | if (f) |
05c7b163 | 72 | free_impl = f; |
74924dcb RS |
73 | return 1; |
74 | } | |
75 | ||
bbd86bf5 | 76 | int CRYPTO_set_mem_debug(int flag) |
74924dcb RS |
77 | { |
78 | if (!allow_customize) | |
79 | return 0; | |
bbd86bf5 | 80 | call_malloc_debug = flag; |
0f113f3e MC |
81 | return 1; |
82 | } | |
83 | ||
bbd86bf5 RS |
84 | void CRYPTO_get_mem_functions( |
85 | void *(**m)(size_t, const char *, int), | |
86 | void *(**r)(void *, size_t, const char *, int), | |
05c7b163 | 87 | void (**f)(void *, const char *, int)) |
0f113f3e MC |
88 | { |
89 | if (m != NULL) | |
05c7b163 | 90 | *m = malloc_impl; |
0f113f3e | 91 | if (r != NULL) |
05c7b163 | 92 | *r = realloc_impl; |
74924dcb | 93 | if (f != NULL) |
05c7b163 | 94 | *f = free_impl; |
0f113f3e | 95 | } |
d02b48c6 | 96 | |
9efa0ae0 | 97 | #if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODE) |
0e598a3d RS |
98 | void CRYPTO_get_alloc_counts(int *mcount, int *rcount, int *fcount) |
99 | { | |
100 | if (mcount != NULL) | |
8f154985 | 101 | *mcount = tsan_load(&malloc_count); |
0e598a3d | 102 | if (rcount != NULL) |
8f154985 | 103 | *rcount = tsan_load(&realloc_count); |
0e598a3d | 104 | if (fcount != NULL) |
8f154985 | 105 | *fcount = tsan_load(&free_count); |
0e598a3d RS |
106 | } |
107 | ||
f7edeced RS |
108 | /* |
109 | * Parse a "malloc failure spec" string. This likes like a set of fields | |
110 | * separated by semicolons. Each field has a count and an optional failure | |
111 | * percentage. For example: | |
50718243 RS |
112 | * 100@0;100@25;0@0 |
113 | * or 100;100@25;0 | |
f7edeced RS |
114 | * This means 100 mallocs succeed, then next 100 fail 25% of the time, and |
115 | * all remaining (count is zero) succeed. | |
116 | */ | |
117 | static void parseit(void) | |
118 | { | |
119 | char *semi = strchr(md_failstring, ';'); | |
120 | char *atsign; | |
121 | ||
122 | if (semi != NULL) | |
123 | *semi++ = '\0'; | |
124 | ||
125 | /* Get the count (atol will stop at the @ if there), and percentage */ | |
126 | md_count = atol(md_failstring); | |
127 | atsign = strchr(md_failstring, '@'); | |
50718243 | 128 | md_fail_percent = atsign == NULL ? 0 : atoi(atsign + 1); |
f7edeced RS |
129 | |
130 | if (semi != NULL) | |
131 | md_failstring = semi; | |
132 | } | |
133 | ||
afe9bba7 RL |
134 | /* |
135 | * Windows doesn't have random(), but it has rand() | |
136 | * Some rand() implementations aren't good, but we're not | |
137 | * dealing with secure randomness here. | |
138 | */ | |
ab307dc6 DO |
139 | # ifdef _WIN32 |
140 | # define random() rand() | |
141 | # endif | |
f7edeced RS |
142 | /* |
143 | * See if the current malloc should fail. | |
144 | */ | |
145 | static int shouldfail(void) | |
146 | { | |
147 | int roll = (int)(random() % 100); | |
d2b53fcd | 148 | int shoulditfail = roll < md_fail_percent; |
ab307dc6 DO |
149 | # ifndef _WIN32 |
150 | /* suppressed on Windows as POSIX-like file descriptors are non-inheritable */ | |
43a0449f | 151 | int len; |
f7edeced RS |
152 | char buff[80]; |
153 | ||
154 | if (md_tracefd > 0) { | |
155 | BIO_snprintf(buff, sizeof(buff), | |
156 | "%c C%ld %%%d R%d\n", | |
d2b53fcd | 157 | shoulditfail ? '-' : '+', md_count, md_fail_percent, roll); |
43a0449f P |
158 | len = strlen(buff); |
159 | if (write(md_tracefd, buff, len) != len) | |
160 | perror("shouldfail write failed"); | |
ab307dc6 | 161 | # ifndef OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE |
d2b53fcd | 162 | if (shoulditfail) { |
f7edeced RS |
163 | void *addrs[30]; |
164 | int num = backtrace(addrs, OSSL_NELEM(addrs)); | |
165 | ||
166 | backtrace_symbols_fd(addrs, num, md_tracefd); | |
167 | } | |
ab307dc6 | 168 | # endif |
f7edeced | 169 | } |
ab307dc6 | 170 | # endif |
f7edeced RS |
171 | |
172 | if (md_count) { | |
173 | /* If we used up this one, go to the next. */ | |
174 | if (--md_count == 0) | |
175 | parseit(); | |
176 | } | |
177 | ||
d2b53fcd | 178 | return shoulditfail; |
f7edeced RS |
179 | } |
180 | ||
181 | void ossl_malloc_setup_failures(void) | |
182 | { | |
183 | const char *cp = getenv("OPENSSL_MALLOC_FAILURES"); | |
184 | ||
185 | if (cp != NULL && (md_failstring = strdup(cp)) != NULL) | |
186 | parseit(); | |
187 | if ((cp = getenv("OPENSSL_MALLOC_FD")) != NULL) | |
188 | md_tracefd = atoi(cp); | |
189 | } | |
190 | #endif | |
191 | ||
ff842856 | 192 | void *CRYPTO_malloc(size_t num, const char *file, int line) |
0f113f3e MC |
193 | { |
194 | void *ret = NULL; | |
195 | ||
0e598a3d | 196 | INCREMENT(malloc_count); |
05c7b163 RL |
197 | if (malloc_impl != NULL && malloc_impl != CRYPTO_malloc) |
198 | return malloc_impl(num, file, line); | |
199 | ||
5e1f879a | 200 | if (num == 0) |
0f113f3e MC |
201 | return NULL; |
202 | ||
f7edeced | 203 | FAILTEST(); |
41aede86 | 204 | if (allow_customize) { |
205 | /* | |
206 | * Disallow customization after the first allocation. We only set this | |
207 | * if necessary to avoid a store to the same cache line on every | |
208 | * allocation. | |
209 | */ | |
210 | allow_customize = 0; | |
211 | } | |
9efa0ae0 | 212 | #if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODE) |
bbd86bf5 RS |
213 | if (call_malloc_debug) { |
214 | CRYPTO_mem_debug_malloc(NULL, num, 0, file, line); | |
215 | ret = malloc(num); | |
216 | CRYPTO_mem_debug_malloc(ret, num, 1, file, line); | |
217 | } else { | |
218 | ret = malloc(num); | |
0f113f3e | 219 | } |
bbd86bf5 | 220 | #else |
0e97f1e1 | 221 | (void)(file); (void)(line); |
bbd86bf5 RS |
222 | ret = malloc(num); |
223 | #endif | |
d02b48c6 | 224 | |
0f113f3e MC |
225 | return ret; |
226 | } | |
227 | ||
ff842856 | 228 | void *CRYPTO_zalloc(size_t num, const char *file, int line) |
b51bce94 RS |
229 | { |
230 | void *ret = CRYPTO_malloc(num, file, line); | |
231 | ||
f7edeced | 232 | FAILTEST(); |
b51bce94 RS |
233 | if (ret != NULL) |
234 | memset(ret, 0, num); | |
235 | return ret; | |
236 | } | |
237 | ||
ff842856 | 238 | void *CRYPTO_realloc(void *str, size_t num, const char *file, int line) |
0f113f3e | 239 | { |
0e598a3d | 240 | INCREMENT(realloc_count); |
05c7b163 RL |
241 | if (realloc_impl != NULL && realloc_impl != &CRYPTO_realloc) |
242 | return realloc_impl(str, num, file, line); | |
243 | ||
f7edeced | 244 | FAILTEST(); |
0f113f3e MC |
245 | if (str == NULL) |
246 | return CRYPTO_malloc(num, file, line); | |
d5234c7b | 247 | |
bbd86bf5 | 248 | if (num == 0) { |
05c7b163 | 249 | CRYPTO_free(str, file, line); |
0f113f3e | 250 | return NULL; |
bbd86bf5 | 251 | } |
d5234c7b | 252 | |
9efa0ae0 | 253 | #if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODE) |
bbd86bf5 RS |
254 | if (call_malloc_debug) { |
255 | void *ret; | |
256 | CRYPTO_mem_debug_realloc(str, NULL, num, 0, file, line); | |
257 | ret = realloc(str, num); | |
258 | CRYPTO_mem_debug_realloc(str, ret, num, 1, file, line); | |
259 | return ret; | |
260 | } | |
261 | #else | |
0e97f1e1 | 262 | (void)(file); (void)(line); |
bbd86bf5 RS |
263 | #endif |
264 | return realloc(str, num); | |
9ac42ed8 | 265 | |
0f113f3e | 266 | } |
d02b48c6 | 267 | |
c99de053 | 268 | void *CRYPTO_clear_realloc(void *str, size_t old_len, size_t num, |
ff842856 | 269 | const char *file, int line) |
0f113f3e MC |
270 | { |
271 | void *ret = NULL; | |
272 | ||
273 | if (str == NULL) | |
274 | return CRYPTO_malloc(num, file, line); | |
275 | ||
bbd86bf5 | 276 | if (num == 0) { |
05c7b163 | 277 | CRYPTO_clear_free(str, old_len, file, line); |
0f113f3e | 278 | return NULL; |
bbd86bf5 | 279 | } |
0f113f3e | 280 | |
bbd86bf5 RS |
281 | /* Can't shrink the buffer since memcpy below copies |old_len| bytes. */ |
282 | if (num < old_len) { | |
3ce2fdab | 283 | OPENSSL_cleanse((char*)str + num, old_len - num); |
bbd86bf5 RS |
284 | return str; |
285 | } | |
0f113f3e | 286 | |
05c7b163 | 287 | ret = CRYPTO_malloc(num, file, line); |
2ac7753c | 288 | if (ret != NULL) { |
bbd86bf5 | 289 | memcpy(ret, str, old_len); |
2ac7753c DSH |
290 | CRYPTO_clear_free(str, old_len, file, line); |
291 | } | |
0f113f3e MC |
292 | return ret; |
293 | } | |
54a656ef | 294 | |
05c7b163 | 295 | void CRYPTO_free(void *str, const char *file, int line) |
0f113f3e | 296 | { |
0e598a3d | 297 | INCREMENT(free_count); |
05c7b163 RL |
298 | if (free_impl != NULL && free_impl != &CRYPTO_free) { |
299 | free_impl(str, file, line); | |
300 | return; | |
301 | } | |
302 | ||
9efa0ae0 | 303 | #if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODE) |
bbd86bf5 | 304 | if (call_malloc_debug) { |
05c7b163 | 305 | CRYPTO_mem_debug_free(str, 0, file, line); |
bbd86bf5 | 306 | free(str); |
05c7b163 | 307 | CRYPTO_mem_debug_free(str, 1, file, line); |
bbd86bf5 RS |
308 | } else { |
309 | free(str); | |
310 | } | |
311 | #else | |
312 | free(str); | |
313 | #endif | |
0f113f3e | 314 | } |
d02b48c6 | 315 | |
05c7b163 | 316 | void CRYPTO_clear_free(void *str, size_t num, const char *file, int line) |
4b45c6e5 | 317 | { |
bbd86bf5 | 318 | if (str == NULL) |
4b45c6e5 RS |
319 | return; |
320 | if (num) | |
321 | OPENSSL_cleanse(str, num); | |
05c7b163 | 322 | CRYPTO_free(str, file, line); |
4b45c6e5 | 323 | } |