[thirdparty/openssl.git] / crypto / mem.c

/*
 * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include "internal/e_os.h"
#include "internal/cryptlib.h"
#include "crypto/cryptlib.h"
#include <stdio.h>
#include <stdlib.h>
#include <limits.h>
#include <openssl/crypto.h>

/*
 * the following pointers may be changed as long as 'allow_customize' is set
 */
static int allow_customize = 1;
static CRYPTO_malloc_fn malloc_impl = CRYPTO_malloc;
static CRYPTO_realloc_fn realloc_impl = CRYPTO_realloc;
static CRYPTO_free_fn free_impl = CRYPTO_free;

#if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODULE)
# include "internal/tsan_assist.h"

# ifdef TSAN_REQUIRES_LOCKING
#  define INCREMENT(x) /* empty */
#  define LOAD(x) 0
# else  /* TSAN_REQUIRES_LOCKING */
static TSAN_QUALIFIER int malloc_count;
static TSAN_QUALIFIER int realloc_count;
static TSAN_QUALIFIER int free_count;

#  define INCREMENT(x) tsan_counter(&(x))
#  define LOAD(x)      tsan_load(&x)
# endif /* TSAN_REQUIRES_LOCKING */

static char *md_failstring;
static long md_count;
static int md_fail_percent = 0;
static int md_tracefd = -1;

static void parseit(void);
static int shouldfail(void);

# define FAILTEST() if (shouldfail()) return NULL

#else

# define INCREMENT(x) /* empty */
# define FAILTEST() /* empty */
#endif

int CRYPTO_set_mem_functions(CRYPTO_malloc_fn malloc_fn,
                             CRYPTO_realloc_fn realloc_fn,
                             CRYPTO_free_fn free_fn)
{
    if (!allow_customize)
        return 0;
    if (malloc_fn != NULL)
        malloc_impl = malloc_fn;
    if (realloc_fn != NULL)
        realloc_impl = realloc_fn;
    if (free_fn != NULL)
        free_impl = free_fn;
    return 1;
}

void CRYPTO_get_mem_functions(CRYPTO_malloc_fn *malloc_fn,
                              CRYPTO_realloc_fn *realloc_fn,
                              CRYPTO_free_fn *free_fn)
{
    if (malloc_fn != NULL)
        *malloc_fn = malloc_impl;
    if (realloc_fn != NULL)
        *realloc_fn = realloc_impl;
    if (free_fn != NULL)
        *free_fn = free_impl;
}

#if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODULE)
void CRYPTO_get_alloc_counts(int *mcount, int *rcount, int *fcount)
{
    if (mcount != NULL)
        *mcount = LOAD(malloc_count);
    if (rcount != NULL)
        *rcount = LOAD(realloc_count);
    if (fcount != NULL)
        *fcount = LOAD(free_count);
}

/*
 * Parse a "malloc failure spec" string.  This likes like a set of fields
 * separated by semicolons.  Each field has a count and an optional failure
 * percentage.  For example:
 *          100@0;100@25;0@0
 *    or    100;100@25;0
 * This means 100 mallocs succeed, then next 100 fail 25% of the time, and
 * all remaining (count is zero) succeed.
 */
static void parseit(void)
{
    char *semi = strchr(md_failstring, ';');
    char *atsign;

    if (semi != NULL)
        *semi++ = '\0';

    /* Get the count (atol will stop at the @ if there), and percentage */
    md_count = atol(md_failstring);
    atsign = strchr(md_failstring, '@');
    md_fail_percent = atsign == NULL ? 0 : atoi(atsign + 1);

    if (semi != NULL)
        md_failstring = semi;
}

/*
 * Windows doesn't have random(), but it has rand()
 * Some rand() implementations aren't good, but we're not
 * dealing with secure randomness here.
 */
# ifdef _WIN32
#  define random() rand()
# endif
/*
 * See if the current malloc should fail.
 */
static int shouldfail(void)
{
    int roll = (int)(random() % 100);
    int shoulditfail = roll < md_fail_percent;
# ifndef _WIN32
/* suppressed on Windows as POSIX-like file descriptors are non-inheritable */
    int len;
    char buff[80];

    if (md_tracefd > 0) {
        BIO_snprintf(buff, sizeof(buff),
                     "%c C%ld %%%d R%d\n",
                     shoulditfail ? '-' : '+', md_count, md_fail_percent, roll);
        len = strlen(buff);
        if (write(md_tracefd, buff, len) != len)
            perror("shouldfail write failed");
    }
# endif

    if (md_count) {
        /* If we used up this one, go to the next. */
        if (--md_count == 0)
            parseit();
    }

    return shoulditfail;
}

void ossl_malloc_setup_failures(void)
{
    const char *cp = getenv("OPENSSL_MALLOC_FAILURES");

    if (cp != NULL && (md_failstring = strdup(cp)) != NULL)
        parseit();
    if ((cp = getenv("OPENSSL_MALLOC_FD")) != NULL)
        md_tracefd = atoi(cp);
}
#endif

void *CRYPTO_malloc(size_t num, const char *file, int line)
{
    INCREMENT(malloc_count);
    if (malloc_impl != CRYPTO_malloc)
        return malloc_impl(num, file, line);

    if (num == 0)
        return NULL;

    FAILTEST();
    if (allow_customize) {
        /*
         * Disallow customization after the first allocation. We only set this
         * if necessary to avoid a store to the same cache line on every
         * allocation.
         */
        allow_customize = 0;
    }

    return malloc(num);
}

void *CRYPTO_zalloc(size_t num, const char *file, int line)
{
    void *ret;

    ret = CRYPTO_malloc(num, file, line);
    FAILTEST();
    if (ret != NULL)
        memset(ret, 0, num);

    return ret;
}

void *CRYPTO_realloc(void *str, size_t num, const char *file, int line)
{
    INCREMENT(realloc_count);
    if (realloc_impl != CRYPTO_realloc)
        return realloc_impl(str, num, file, line);

    FAILTEST();
    if (str == NULL)
        return CRYPTO_malloc(num, file, line);

    if (num == 0) {
        CRYPTO_free(str, file, line);
        return NULL;
    }

    return realloc(str, num);
}

void *CRYPTO_clear_realloc(void *str, size_t old_len, size_t num,
                           const char *file, int line)
{
    void *ret = NULL;

    if (str == NULL)
        return CRYPTO_malloc(num, file, line);

    if (num == 0) {
        CRYPTO_clear_free(str, old_len, file, line);
        return NULL;
    }

    /* Can't shrink the buffer since memcpy below copies |old_len| bytes. */
    if (num < old_len) {
        OPENSSL_cleanse((char*)str + num, old_len - num);
        return str;
    }

    ret = CRYPTO_malloc(num, file, line);
    if (ret != NULL) {
        memcpy(ret, str, old_len);
        CRYPTO_clear_free(str, old_len, file, line);
    }
    return ret;
}

void CRYPTO_free(void *str, const char *file, int line)
{
    INCREMENT(free_count);
    if (free_impl != CRYPTO_free) {
        free_impl(str, file, line);
        return;
    }

    free(str);
}

void CRYPTO_clear_free(void *str, size_t num, const char *file, int line)
{
    if (str == NULL)
        return;
    if (num)
        OPENSSL_cleanse(str, num);
    CRYPTO_free(str, file, line);
}

#if !defined(OPENSSL_NO_CRYPTO_MDEBUG)

# ifndef OPENSSL_NO_DEPRECATED_3_0
int CRYPTO_mem_ctrl(int mode)
{
    (void)mode;
    return -1;
}

int CRYPTO_set_mem_debug(int flag)
{
    (void)flag;
    return -1;
}

int CRYPTO_mem_debug_push(const char *info, const char *file, int line)
{
    (void)info; (void)file; (void)line;
    return -1;
}

int CRYPTO_mem_debug_pop(void)
{
    return -1;
}

void CRYPTO_mem_debug_malloc(void *addr, size_t num, int flag,
                             const char *file, int line)
{
    (void)addr; (void)num; (void)flag; (void)file; (void)line;
}

void CRYPTO_mem_debug_realloc(void *addr1, void *addr2, size_t num, int flag,
                              const char *file, int line)
{
    (void)addr1; (void)addr2; (void)num; (void)flag; (void)file; (void)line;
}

void CRYPTO_mem_debug_free(void *addr, int flag,
                           const char *file, int line)
{
    (void)addr; (void)flag; (void)file; (void)line;
}

int CRYPTO_mem_leaks(BIO *b)
{
    (void)b;
    return -1;
}

#  ifndef OPENSSL_NO_STDIO
int CRYPTO_mem_leaks_fp(FILE *fp)
{
    (void)fp;
    return -1;
}
#  endif

int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
                        void *u)
{
    (void)cb; (void)u;
    return -1;
}

# endif

#endif
Commit	Line	Data
4f22f405	1	/*
fecb3aae	2	* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
d02b48c6	3	*
0e9725bc	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
4f22f405 RS	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
d02b48c6 RE	8	*/
d02b48c6 RE	9
d5f9166b	10	#include "internal/e_os.h"
07016a8a	11	#include "internal/cryptlib.h"
25f2138b	12	#include "crypto/cryptlib.h"
d02b48c6 RE	13	#include <stdio.h>
d02b48c6 RE	14	#include <stdlib.h>
bbd86bf5	15	#include <limits.h>
458cddc1	16	#include <openssl/crypto.h>
d02b48c6	17
0f113f3e MC	18	/*
	19	* the following pointers may be changed as long as 'allow_customize' is set
	20	*/
bbd86bf5	21	static int allow_customize = 1;
f4dcc09b DG	22	static CRYPTO_malloc_fn malloc_impl = CRYPTO_malloc;
	23	static CRYPTO_realloc_fn realloc_impl = CRYPTO_realloc;
	24	static CRYPTO_free_fn free_impl = CRYPTO_free;
74924dcb	25
f844f9eb	26	#if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODULE)
8f154985	27	# include "internal/tsan_assist.h"
0e598a3d	28
5c41cee2 P	29	# ifdef TSAN_REQUIRES_LOCKING
	30	# define INCREMENT(x) /* empty */
	31	# define LOAD(x) 0
	32	# else /* TSAN_REQUIRES_LOCKING */
8f154985 AP	33	static TSAN_QUALIFIER int malloc_count;
	34	static TSAN_QUALIFIER int realloc_count;
	35	static TSAN_QUALIFIER int free_count;
	36
5c41cee2 P	37	# define INCREMENT(x) tsan_counter(&(x))
	38	# define LOAD(x) tsan_load(&x)
	39	# endif /* TSAN_REQUIRES_LOCKING */
0e598a3d	40
f7edeced RS	41	static char *md_failstring;
f7edeced RS	42	static long md_count;
50718243	43	static int md_fail_percent = 0;
f7edeced	44	static int md_tracefd = -1;
f7edeced RS	45
	46	static void parseit(void);
	47	static int shouldfail(void);
	48
	49	# define FAILTEST() if (shouldfail()) return NULL
	50
f3a2a044	51	#else
f7edeced	52
0e598a3d	53	# define INCREMENT(x) /* empty */
f7edeced	54	# define FAILTEST() /* empty */
f3a2a044	55	#endif
9ac42ed8	56
f4dcc09b DG	57	int CRYPTO_set_mem_functions(CRYPTO_malloc_fn malloc_fn,
	58	CRYPTO_realloc_fn realloc_fn,
	59	CRYPTO_free_fn free_fn)
74924dcb	60	{
74924dcb RS	61	if (!allow_customize)
74924dcb RS	62	return 0;
f4dcc09b DG	63	if (malloc_fn != NULL)
	64	malloc_impl = malloc_fn;
	65	if (realloc_fn != NULL)
	66	realloc_impl = realloc_fn;
	67	if (free_fn != NULL)
	68	free_impl = free_fn;
74924dcb RS	69	return 1;
	70	}
	71
f4dcc09b DG	72	void CRYPTO_get_mem_functions(CRYPTO_malloc_fn *malloc_fn,
	73	CRYPTO_realloc_fn *realloc_fn,
	74	CRYPTO_free_fn *free_fn)
0f113f3e	75	{
f4dcc09b DG	76	if (malloc_fn != NULL)
	77	*malloc_fn = malloc_impl;
	78	if (realloc_fn != NULL)
	79	*realloc_fn = realloc_impl;
	80	if (free_fn != NULL)
	81	*free_fn = free_impl;
0f113f3e	82	}
d02b48c6	83
f844f9eb	84	#if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODULE)
0e598a3d RS	85	void CRYPTO_get_alloc_counts(int mcount, int rcount, int *fcount)
	86	{
	87	if (mcount != NULL)
5c41cee2	88	*mcount = LOAD(malloc_count);
0e598a3d	89	if (rcount != NULL)
5c41cee2	90	*rcount = LOAD(realloc_count);
0e598a3d	91	if (fcount != NULL)
5c41cee2	92	*fcount = LOAD(free_count);
0e598a3d RS	93	}
0e598a3d RS	94
f7edeced RS	95	/*
	96	* Parse a "malloc failure spec" string. This likes like a set of fields
	97	* separated by semicolons. Each field has a count and an optional failure
	98	* percentage. For example:
50718243 RS	99	* 100@0;100@25;0@0
50718243 RS	100	* or 100;100@25;0
f7edeced RS	101	* This means 100 mallocs succeed, then next 100 fail 25% of the time, and
	102	* all remaining (count is zero) succeed.
	103	*/
	104	static void parseit(void)
	105	{
	106	char *semi = strchr(md_failstring, ';');
	107	char *atsign;
	108
	109	if (semi != NULL)
	110	*semi++ = '\0';
	111
	112	/* Get the count (atol will stop at the @ if there), and percentage */
	113	md_count = atol(md_failstring);
	114	atsign = strchr(md_failstring, '@');
50718243	115	md_fail_percent = atsign == NULL ? 0 : atoi(atsign + 1);
f7edeced RS	116
	117	if (semi != NULL)
	118	md_failstring = semi;
	119	}
	120
afe9bba7 RL	121	/*
	122	* Windows doesn't have random(), but it has rand()
	123	* Some rand() implementations aren't good, but we're not
	124	* dealing with secure randomness here.
	125	*/
ab307dc6 DO	126	# ifdef _WIN32
	127	# define random() rand()
	128	# endif
f7edeced RS	129	/*
	130	* See if the current malloc should fail.
	131	*/
	132	static int shouldfail(void)
	133	{
	134	int roll = (int)(random() % 100);
d2b53fcd	135	int shoulditfail = roll < md_fail_percent;
ab307dc6 DO	136	# ifndef _WIN32
ab307dc6 DO	137	/* suppressed on Windows as POSIX-like file descriptors are non-inheritable */
43a0449f	138	int len;
f7edeced RS	139	char buff[80];
	140
	141	if (md_tracefd > 0) {
	142	BIO_snprintf(buff, sizeof(buff),
	143	"%c C%ld %%%d R%d\n",
d2b53fcd	144	shoulditfail ? '-' : '+', md_count, md_fail_percent, roll);
43a0449f P	145	len = strlen(buff);
	146	if (write(md_tracefd, buff, len) != len)
	147	perror("shouldfail write failed");
f7edeced	148	}
ab307dc6	149	# endif
f7edeced RS	150
	151	if (md_count) {
	152	/* If we used up this one, go to the next. */
	153	if (--md_count == 0)
	154	parseit();
	155	}
	156
d2b53fcd	157	return shoulditfail;
f7edeced RS	158	}
	159
	160	void ossl_malloc_setup_failures(void)
	161	{
	162	const char *cp = getenv("OPENSSL_MALLOC_FAILURES");
	163
	164	if (cp != NULL && (md_failstring = strdup(cp)) != NULL)
	165	parseit();
	166	if ((cp = getenv("OPENSSL_MALLOC_FD")) != NULL)
	167	md_tracefd = atoi(cp);
	168	}
	169	#endif
	170
ff842856	171	void CRYPTO_malloc(size_t num, const char file, int line)
0f113f3e	172	{
0e598a3d	173	INCREMENT(malloc_count);
f4dcc09b	174	if (malloc_impl != CRYPTO_malloc)
05c7b163 RL	175	return malloc_impl(num, file, line);
05c7b163 RL	176
5e1f879a	177	if (num == 0)
0f113f3e MC	178	return NULL;
0f113f3e MC	179
f7edeced	180	FAILTEST();
41aede86	181	if (allow_customize) {
	182	/*
	183	* Disallow customization after the first allocation. We only set this
	184	* if necessary to avoid a store to the same cache line on every
	185	* allocation.
	186	*/
	187	allow_customize = 0;
	188	}
d02b48c6	189
f4dcc09b	190	return malloc(num);
0f113f3e MC	191	}
0f113f3e MC	192
ff842856	193	void CRYPTO_zalloc(size_t num, const char file, int line)
b51bce94	194	{
f4dcc09b	195	void *ret;
b51bce94	196
f4dcc09b	197	ret = CRYPTO_malloc(num, file, line);
f7edeced	198	FAILTEST();
b51bce94 RS	199	if (ret != NULL)
b51bce94 RS	200	memset(ret, 0, num);
f4dcc09b	201
b51bce94 RS	202	return ret;
	203	}
	204
ff842856	205	void CRYPTO_realloc(void str, size_t num, const char *file, int line)
0f113f3e	206	{
0e598a3d	207	INCREMENT(realloc_count);
f4dcc09b	208	if (realloc_impl != CRYPTO_realloc)
05c7b163 RL	209	return realloc_impl(str, num, file, line);
05c7b163 RL	210
f7edeced	211	FAILTEST();
0f113f3e MC	212	if (str == NULL)
0f113f3e MC	213	return CRYPTO_malloc(num, file, line);
d5234c7b	214
bbd86bf5	215	if (num == 0) {
05c7b163	216	CRYPTO_free(str, file, line);
0f113f3e	217	return NULL;
bbd86bf5	218	}
d5234c7b	219
bbd86bf5	220	return realloc(str, num);
0f113f3e	221	}
d02b48c6	222
c99de053	223	void CRYPTO_clear_realloc(void str, size_t old_len, size_t num,
ff842856	224	const char *file, int line)
0f113f3e MC	225	{
	226	void *ret = NULL;
	227
	228	if (str == NULL)
	229	return CRYPTO_malloc(num, file, line);
	230
bbd86bf5	231	if (num == 0) {
05c7b163	232	CRYPTO_clear_free(str, old_len, file, line);
0f113f3e	233	return NULL;
bbd86bf5	234	}
0f113f3e	235
bbd86bf5 RS	236	/* Can't shrink the buffer since memcpy below copies \|old_len\| bytes. */
bbd86bf5 RS	237	if (num < old_len) {
3ce2fdab	238	OPENSSL_cleanse((char*)str + num, old_len - num);
bbd86bf5 RS	239	return str;
bbd86bf5 RS	240	}
0f113f3e	241
05c7b163	242	ret = CRYPTO_malloc(num, file, line);
2ac7753c	243	if (ret != NULL) {
bbd86bf5	244	memcpy(ret, str, old_len);
2ac7753c DSH	245	CRYPTO_clear_free(str, old_len, file, line);
2ac7753c DSH	246	}
0f113f3e MC	247	return ret;
0f113f3e MC	248	}
54a656ef	249
05c7b163	250	void CRYPTO_free(void str, const char file, int line)
0f113f3e	251	{
0e598a3d	252	INCREMENT(free_count);
f4dcc09b	253	if (free_impl != CRYPTO_free) {
05c7b163 RL	254	free_impl(str, file, line);
	255	return;
	256	}
	257
bbd86bf5	258	free(str);
0f113f3e	259	}
d02b48c6	260
05c7b163	261	void CRYPTO_clear_free(void str, size_t num, const char file, int line)
4b45c6e5	262	{
bbd86bf5	263	if (str == NULL)
4b45c6e5 RS	264	return;
	265	if (num)
	266	OPENSSL_cleanse(str, num);
05c7b163	267	CRYPTO_free(str, file, line);
4b45c6e5	268	}
742ccab3 RS	269
	270	#if !defined(OPENSSL_NO_CRYPTO_MDEBUG)
	271
	272	# ifndef OPENSSL_NO_DEPRECATED_3_0
	273	int CRYPTO_mem_ctrl(int mode)
	274	{
	275	(void)mode;
	276	return -1;
	277	}
	278
	279	int CRYPTO_set_mem_debug(int flag)
	280	{
	281	(void)flag;
	282	return -1;
	283	}
	284
	285	int CRYPTO_mem_debug_push(const char info, const char file, int line)
	286	{
	287	(void)info; (void)file; (void)line;
	288	return -1;
	289	}
	290
	291	int CRYPTO_mem_debug_pop(void)
	292	{
	293	return -1;
	294	}
	295
f64f2622 RS	296	void CRYPTO_mem_debug_malloc(void *addr, size_t num, int flag,
	297	const char *file, int line)
	298	{
	299	(void)addr; (void)num; (void)flag; (void)file; (void)line;
	300	}
	301
	302	void CRYPTO_mem_debug_realloc(void addr1, void addr2, size_t num, int flag,
	303	const char *file, int line)
	304	{
	305	(void)addr1; (void)addr2; (void)num; (void)flag; (void)file; (void)line;
	306	}
	307
	308	void CRYPTO_mem_debug_free(void *addr, int flag,
	309	const char *file, int line)
	310	{
	311	(void)addr; (void)flag; (void)file; (void)line;
	312	}
	313
742ccab3 RS	314	int CRYPTO_mem_leaks(BIO *b)
	315	{
	316	(void)b;
	317	return -1;
	318	}
	319
	320	# ifndef OPENSSL_NO_STDIO
	321	int CRYPTO_mem_leaks_fp(FILE *fp)
	322	{
	323	(void)fp;
	324	return -1;
	325	}
	326	# endif
	327
	328	int CRYPTO_mem_leaks_cb(int (cb)(const char str, size_t len, void *u),
	329	void *u)
	330	{
	331	(void)cb; (void)u;
	332	return -1;
	333	}
	334
	335	# endif
	336
	337	#endif