]>
Commit | Line | Data |
---|---|---|
4f22f405 | 1 | /* |
fecb3aae | 2 | * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. |
d02b48c6 | 3 | * |
0e9725bc | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
4f22f405 RS |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
d02b48c6 RE |
8 | */ |
9 | ||
d5f9166b | 10 | #include "internal/e_os.h" |
07016a8a | 11 | #include "internal/cryptlib.h" |
25f2138b | 12 | #include "crypto/cryptlib.h" |
d02b48c6 RE |
13 | #include <stdio.h> |
14 | #include <stdlib.h> | |
bbd86bf5 | 15 | #include <limits.h> |
458cddc1 | 16 | #include <openssl/crypto.h> |
d02b48c6 | 17 | |
0f113f3e MC |
18 | /* |
19 | * the following pointers may be changed as long as 'allow_customize' is set | |
20 | */ | |
bbd86bf5 | 21 | static int allow_customize = 1; |
f4dcc09b DG |
22 | static CRYPTO_malloc_fn malloc_impl = CRYPTO_malloc; |
23 | static CRYPTO_realloc_fn realloc_impl = CRYPTO_realloc; | |
24 | static CRYPTO_free_fn free_impl = CRYPTO_free; | |
74924dcb | 25 | |
f844f9eb | 26 | #if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODULE) |
8f154985 | 27 | # include "internal/tsan_assist.h" |
0e598a3d | 28 | |
5c41cee2 P |
29 | # ifdef TSAN_REQUIRES_LOCKING |
30 | # define INCREMENT(x) /* empty */ | |
31 | # define LOAD(x) 0 | |
32 | # else /* TSAN_REQUIRES_LOCKING */ | |
8f154985 AP |
33 | static TSAN_QUALIFIER int malloc_count; |
34 | static TSAN_QUALIFIER int realloc_count; | |
35 | static TSAN_QUALIFIER int free_count; | |
36 | ||
5c41cee2 P |
37 | # define INCREMENT(x) tsan_counter(&(x)) |
38 | # define LOAD(x) tsan_load(&x) | |
39 | # endif /* TSAN_REQUIRES_LOCKING */ | |
0e598a3d | 40 | |
f7edeced RS |
41 | static char *md_failstring; |
42 | static long md_count; | |
50718243 | 43 | static int md_fail_percent = 0; |
f7edeced | 44 | static int md_tracefd = -1; |
f7edeced RS |
45 | |
46 | static void parseit(void); | |
47 | static int shouldfail(void); | |
48 | ||
49 | # define FAILTEST() if (shouldfail()) return NULL | |
50 | ||
f3a2a044 | 51 | #else |
f7edeced | 52 | |
0e598a3d | 53 | # define INCREMENT(x) /* empty */ |
f7edeced | 54 | # define FAILTEST() /* empty */ |
f3a2a044 | 55 | #endif |
9ac42ed8 | 56 | |
f4dcc09b DG |
57 | int CRYPTO_set_mem_functions(CRYPTO_malloc_fn malloc_fn, |
58 | CRYPTO_realloc_fn realloc_fn, | |
59 | CRYPTO_free_fn free_fn) | |
74924dcb | 60 | { |
74924dcb RS |
61 | if (!allow_customize) |
62 | return 0; | |
f4dcc09b DG |
63 | if (malloc_fn != NULL) |
64 | malloc_impl = malloc_fn; | |
65 | if (realloc_fn != NULL) | |
66 | realloc_impl = realloc_fn; | |
67 | if (free_fn != NULL) | |
68 | free_impl = free_fn; | |
74924dcb RS |
69 | return 1; |
70 | } | |
71 | ||
f4dcc09b DG |
72 | void CRYPTO_get_mem_functions(CRYPTO_malloc_fn *malloc_fn, |
73 | CRYPTO_realloc_fn *realloc_fn, | |
74 | CRYPTO_free_fn *free_fn) | |
0f113f3e | 75 | { |
f4dcc09b DG |
76 | if (malloc_fn != NULL) |
77 | *malloc_fn = malloc_impl; | |
78 | if (realloc_fn != NULL) | |
79 | *realloc_fn = realloc_impl; | |
80 | if (free_fn != NULL) | |
81 | *free_fn = free_impl; | |
0f113f3e | 82 | } |
d02b48c6 | 83 | |
f844f9eb | 84 | #if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODULE) |
0e598a3d RS |
85 | void CRYPTO_get_alloc_counts(int *mcount, int *rcount, int *fcount) |
86 | { | |
87 | if (mcount != NULL) | |
5c41cee2 | 88 | *mcount = LOAD(malloc_count); |
0e598a3d | 89 | if (rcount != NULL) |
5c41cee2 | 90 | *rcount = LOAD(realloc_count); |
0e598a3d | 91 | if (fcount != NULL) |
5c41cee2 | 92 | *fcount = LOAD(free_count); |
0e598a3d RS |
93 | } |
94 | ||
f7edeced RS |
95 | /* |
96 | * Parse a "malloc failure spec" string. This likes like a set of fields | |
97 | * separated by semicolons. Each field has a count and an optional failure | |
98 | * percentage. For example: | |
50718243 RS |
99 | * 100@0;100@25;0@0 |
100 | * or 100;100@25;0 | |
f7edeced RS |
101 | * This means 100 mallocs succeed, then next 100 fail 25% of the time, and |
102 | * all remaining (count is zero) succeed. | |
103 | */ | |
104 | static void parseit(void) | |
105 | { | |
106 | char *semi = strchr(md_failstring, ';'); | |
107 | char *atsign; | |
108 | ||
109 | if (semi != NULL) | |
110 | *semi++ = '\0'; | |
111 | ||
112 | /* Get the count (atol will stop at the @ if there), and percentage */ | |
113 | md_count = atol(md_failstring); | |
114 | atsign = strchr(md_failstring, '@'); | |
50718243 | 115 | md_fail_percent = atsign == NULL ? 0 : atoi(atsign + 1); |
f7edeced RS |
116 | |
117 | if (semi != NULL) | |
118 | md_failstring = semi; | |
119 | } | |
120 | ||
afe9bba7 RL |
121 | /* |
122 | * Windows doesn't have random(), but it has rand() | |
123 | * Some rand() implementations aren't good, but we're not | |
124 | * dealing with secure randomness here. | |
125 | */ | |
ab307dc6 DO |
126 | # ifdef _WIN32 |
127 | # define random() rand() | |
128 | # endif | |
f7edeced RS |
129 | /* |
130 | * See if the current malloc should fail. | |
131 | */ | |
132 | static int shouldfail(void) | |
133 | { | |
134 | int roll = (int)(random() % 100); | |
d2b53fcd | 135 | int shoulditfail = roll < md_fail_percent; |
ab307dc6 DO |
136 | # ifndef _WIN32 |
137 | /* suppressed on Windows as POSIX-like file descriptors are non-inheritable */ | |
43a0449f | 138 | int len; |
f7edeced RS |
139 | char buff[80]; |
140 | ||
141 | if (md_tracefd > 0) { | |
142 | BIO_snprintf(buff, sizeof(buff), | |
143 | "%c C%ld %%%d R%d\n", | |
d2b53fcd | 144 | shoulditfail ? '-' : '+', md_count, md_fail_percent, roll); |
43a0449f P |
145 | len = strlen(buff); |
146 | if (write(md_tracefd, buff, len) != len) | |
147 | perror("shouldfail write failed"); | |
f7edeced | 148 | } |
ab307dc6 | 149 | # endif |
f7edeced RS |
150 | |
151 | if (md_count) { | |
152 | /* If we used up this one, go to the next. */ | |
153 | if (--md_count == 0) | |
154 | parseit(); | |
155 | } | |
156 | ||
d2b53fcd | 157 | return shoulditfail; |
f7edeced RS |
158 | } |
159 | ||
160 | void ossl_malloc_setup_failures(void) | |
161 | { | |
162 | const char *cp = getenv("OPENSSL_MALLOC_FAILURES"); | |
163 | ||
164 | if (cp != NULL && (md_failstring = strdup(cp)) != NULL) | |
165 | parseit(); | |
166 | if ((cp = getenv("OPENSSL_MALLOC_FD")) != NULL) | |
167 | md_tracefd = atoi(cp); | |
168 | } | |
169 | #endif | |
170 | ||
ff842856 | 171 | void *CRYPTO_malloc(size_t num, const char *file, int line) |
0f113f3e | 172 | { |
0e598a3d | 173 | INCREMENT(malloc_count); |
f4dcc09b | 174 | if (malloc_impl != CRYPTO_malloc) |
05c7b163 RL |
175 | return malloc_impl(num, file, line); |
176 | ||
5e1f879a | 177 | if (num == 0) |
0f113f3e MC |
178 | return NULL; |
179 | ||
f7edeced | 180 | FAILTEST(); |
41aede86 | 181 | if (allow_customize) { |
182 | /* | |
183 | * Disallow customization after the first allocation. We only set this | |
184 | * if necessary to avoid a store to the same cache line on every | |
185 | * allocation. | |
186 | */ | |
187 | allow_customize = 0; | |
188 | } | |
d02b48c6 | 189 | |
f4dcc09b | 190 | return malloc(num); |
0f113f3e MC |
191 | } |
192 | ||
ff842856 | 193 | void *CRYPTO_zalloc(size_t num, const char *file, int line) |
b51bce94 | 194 | { |
f4dcc09b | 195 | void *ret; |
b51bce94 | 196 | |
f4dcc09b | 197 | ret = CRYPTO_malloc(num, file, line); |
f7edeced | 198 | FAILTEST(); |
b51bce94 RS |
199 | if (ret != NULL) |
200 | memset(ret, 0, num); | |
f4dcc09b | 201 | |
b51bce94 RS |
202 | return ret; |
203 | } | |
204 | ||
ff842856 | 205 | void *CRYPTO_realloc(void *str, size_t num, const char *file, int line) |
0f113f3e | 206 | { |
0e598a3d | 207 | INCREMENT(realloc_count); |
f4dcc09b | 208 | if (realloc_impl != CRYPTO_realloc) |
05c7b163 RL |
209 | return realloc_impl(str, num, file, line); |
210 | ||
f7edeced | 211 | FAILTEST(); |
0f113f3e MC |
212 | if (str == NULL) |
213 | return CRYPTO_malloc(num, file, line); | |
d5234c7b | 214 | |
bbd86bf5 | 215 | if (num == 0) { |
05c7b163 | 216 | CRYPTO_free(str, file, line); |
0f113f3e | 217 | return NULL; |
bbd86bf5 | 218 | } |
d5234c7b | 219 | |
bbd86bf5 | 220 | return realloc(str, num); |
0f113f3e | 221 | } |
d02b48c6 | 222 | |
c99de053 | 223 | void *CRYPTO_clear_realloc(void *str, size_t old_len, size_t num, |
ff842856 | 224 | const char *file, int line) |
0f113f3e MC |
225 | { |
226 | void *ret = NULL; | |
227 | ||
228 | if (str == NULL) | |
229 | return CRYPTO_malloc(num, file, line); | |
230 | ||
bbd86bf5 | 231 | if (num == 0) { |
05c7b163 | 232 | CRYPTO_clear_free(str, old_len, file, line); |
0f113f3e | 233 | return NULL; |
bbd86bf5 | 234 | } |
0f113f3e | 235 | |
bbd86bf5 RS |
236 | /* Can't shrink the buffer since memcpy below copies |old_len| bytes. */ |
237 | if (num < old_len) { | |
3ce2fdab | 238 | OPENSSL_cleanse((char*)str + num, old_len - num); |
bbd86bf5 RS |
239 | return str; |
240 | } | |
0f113f3e | 241 | |
05c7b163 | 242 | ret = CRYPTO_malloc(num, file, line); |
2ac7753c | 243 | if (ret != NULL) { |
bbd86bf5 | 244 | memcpy(ret, str, old_len); |
2ac7753c DSH |
245 | CRYPTO_clear_free(str, old_len, file, line); |
246 | } | |
0f113f3e MC |
247 | return ret; |
248 | } | |
54a656ef | 249 | |
05c7b163 | 250 | void CRYPTO_free(void *str, const char *file, int line) |
0f113f3e | 251 | { |
0e598a3d | 252 | INCREMENT(free_count); |
f4dcc09b | 253 | if (free_impl != CRYPTO_free) { |
05c7b163 RL |
254 | free_impl(str, file, line); |
255 | return; | |
256 | } | |
257 | ||
bbd86bf5 | 258 | free(str); |
0f113f3e | 259 | } |
d02b48c6 | 260 | |
05c7b163 | 261 | void CRYPTO_clear_free(void *str, size_t num, const char *file, int line) |
4b45c6e5 | 262 | { |
bbd86bf5 | 263 | if (str == NULL) |
4b45c6e5 RS |
264 | return; |
265 | if (num) | |
266 | OPENSSL_cleanse(str, num); | |
05c7b163 | 267 | CRYPTO_free(str, file, line); |
4b45c6e5 | 268 | } |
742ccab3 RS |
269 | |
270 | #if !defined(OPENSSL_NO_CRYPTO_MDEBUG) | |
271 | ||
272 | # ifndef OPENSSL_NO_DEPRECATED_3_0 | |
273 | int CRYPTO_mem_ctrl(int mode) | |
274 | { | |
275 | (void)mode; | |
276 | return -1; | |
277 | } | |
278 | ||
279 | int CRYPTO_set_mem_debug(int flag) | |
280 | { | |
281 | (void)flag; | |
282 | return -1; | |
283 | } | |
284 | ||
285 | int CRYPTO_mem_debug_push(const char *info, const char *file, int line) | |
286 | { | |
287 | (void)info; (void)file; (void)line; | |
288 | return -1; | |
289 | } | |
290 | ||
291 | int CRYPTO_mem_debug_pop(void) | |
292 | { | |
293 | return -1; | |
294 | } | |
295 | ||
f64f2622 RS |
296 | void CRYPTO_mem_debug_malloc(void *addr, size_t num, int flag, |
297 | const char *file, int line) | |
298 | { | |
299 | (void)addr; (void)num; (void)flag; (void)file; (void)line; | |
300 | } | |
301 | ||
302 | void CRYPTO_mem_debug_realloc(void *addr1, void *addr2, size_t num, int flag, | |
303 | const char *file, int line) | |
304 | { | |
305 | (void)addr1; (void)addr2; (void)num; (void)flag; (void)file; (void)line; | |
306 | } | |
307 | ||
308 | void CRYPTO_mem_debug_free(void *addr, int flag, | |
309 | const char *file, int line) | |
310 | { | |
311 | (void)addr; (void)flag; (void)file; (void)line; | |
312 | } | |
313 | ||
742ccab3 RS |
314 | int CRYPTO_mem_leaks(BIO *b) |
315 | { | |
316 | (void)b; | |
317 | return -1; | |
318 | } | |
319 | ||
320 | # ifndef OPENSSL_NO_STDIO | |
321 | int CRYPTO_mem_leaks_fp(FILE *fp) | |
322 | { | |
323 | (void)fp; | |
324 | return -1; | |
325 | } | |
326 | # endif | |
327 | ||
328 | int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u), | |
329 | void *u) | |
330 | { | |
331 | (void)cb; (void)u; | |
332 | return -1; | |
333 | } | |
334 | ||
335 | # endif | |
336 | ||
337 | #endif |