2 * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include "internal/e_os.h"
11 #include "internal/cryptlib.h"
12 #include "crypto/cryptlib.h"
16 #include <openssl/crypto.h>
19 * the following pointers may be changed as long as 'allow_customize' is set
21 static int allow_customize
= 1;
22 static CRYPTO_malloc_fn malloc_impl
= CRYPTO_malloc
;
23 static CRYPTO_realloc_fn realloc_impl
= CRYPTO_realloc
;
24 static CRYPTO_free_fn free_impl
= CRYPTO_free
;
26 #if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODULE)
27 # include "internal/tsan_assist.h"
29 # ifdef TSAN_REQUIRES_LOCKING
30 # define INCREMENT(x) /* empty */
32 # else /* TSAN_REQUIRES_LOCKING */
33 static TSAN_QUALIFIER
int malloc_count
;
34 static TSAN_QUALIFIER
int realloc_count
;
35 static TSAN_QUALIFIER
int free_count
;
37 # define INCREMENT(x) tsan_counter(&(x))
38 # define LOAD(x) tsan_load(&x)
39 # endif /* TSAN_REQUIRES_LOCKING */
41 static char *md_failstring
;
43 static int md_fail_percent
= 0;
44 static int md_tracefd
= -1;
46 static void parseit(void);
47 static int shouldfail(void);
49 # define FAILTEST() if (shouldfail()) return NULL
53 # define INCREMENT(x) /* empty */
54 # define FAILTEST() /* empty */
57 int CRYPTO_set_mem_functions(CRYPTO_malloc_fn malloc_fn
,
58 CRYPTO_realloc_fn realloc_fn
,
59 CRYPTO_free_fn free_fn
)
63 if (malloc_fn
!= NULL
)
64 malloc_impl
= malloc_fn
;
65 if (realloc_fn
!= NULL
)
66 realloc_impl
= realloc_fn
;
72 void CRYPTO_get_mem_functions(CRYPTO_malloc_fn
*malloc_fn
,
73 CRYPTO_realloc_fn
*realloc_fn
,
74 CRYPTO_free_fn
*free_fn
)
76 if (malloc_fn
!= NULL
)
77 *malloc_fn
= malloc_impl
;
78 if (realloc_fn
!= NULL
)
79 *realloc_fn
= realloc_impl
;
84 #if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODULE)
85 void CRYPTO_get_alloc_counts(int *mcount
, int *rcount
, int *fcount
)
88 *mcount
= LOAD(malloc_count
);
90 *rcount
= LOAD(realloc_count
);
92 *fcount
= LOAD(free_count
);
96 * Parse a "malloc failure spec" string. This likes like a set of fields
97 * separated by semicolons. Each field has a count and an optional failure
98 * percentage. For example:
101 * This means 100 mallocs succeed, then next 100 fail 25% of the time, and
102 * all remaining (count is zero) succeed.
103 * The failure percentge can have 2 digits after the comma. For example:
105 * This means 0.01% of all allocations will fail.
107 static void parseit(void)
109 char *semi
= strchr(md_failstring
, ';');
115 /* Get the count (atol will stop at the @ if there), and percentage */
116 md_count
= atol(md_failstring
);
117 atsign
= strchr(md_failstring
, '@');
118 md_fail_percent
= atsign
== NULL
? 0 : (int)(atof(atsign
+ 1) * 100 + 0.5);
121 md_failstring
= semi
;
125 * Windows doesn't have random() and srandom(), but it has rand() and srand().
126 * Some rand() implementations aren't good, but we're not
127 * dealing with secure randomness here.
130 # define random() rand()
131 # define srandom(seed) srand(seed)
134 * See if the current malloc should fail.
136 static int shouldfail(void)
138 int roll
= (int)(random() % 10000);
139 int shoulditfail
= roll
< md_fail_percent
;
141 /* suppressed on Windows as POSIX-like file descriptors are non-inheritable */
145 if (md_tracefd
> 0) {
146 BIO_snprintf(buff
, sizeof(buff
),
147 "%c C%ld %%%d R%d\n",
148 shoulditfail
? '-' : '+', md_count
, md_fail_percent
, roll
);
150 if (write(md_tracefd
, buff
, len
) != len
)
151 perror("shouldfail write failed");
156 /* If we used up this one, go to the next. */
164 void ossl_malloc_setup_failures(void)
166 const char *cp
= getenv("OPENSSL_MALLOC_FAILURES");
168 if (cp
!= NULL
&& (md_failstring
= strdup(cp
)) != NULL
)
170 if ((cp
= getenv("OPENSSL_MALLOC_FD")) != NULL
)
171 md_tracefd
= atoi(cp
);
172 if ((cp
= getenv("OPENSSL_MALLOC_SEED")) != NULL
)
177 void *CRYPTO_malloc(size_t num
, const char *file
, int line
)
181 INCREMENT(malloc_count
);
182 if (malloc_impl
!= CRYPTO_malloc
) {
183 ptr
= malloc_impl(num
, file
, line
);
184 if (ptr
!= NULL
|| num
== 0)
193 if (allow_customize
) {
195 * Disallow customization after the first allocation. We only set this
196 * if necessary to avoid a store to the same cache line on every
207 * ossl_err_get_state_int() in err.c uses CRYPTO_zalloc(num, NULL, 0) for
208 * ERR_STATE allocation. Prevent mem alloc error loop while reporting error.
210 if (file
!= NULL
|| line
!= 0) {
212 ERR_set_debug(file
, line
, NULL
);
213 ERR_set_error(ERR_LIB_CRYPTO
, ERR_R_MALLOC_FAILURE
, NULL
);
218 void *CRYPTO_zalloc(size_t num
, const char *file
, int line
)
222 ret
= CRYPTO_malloc(num
, file
, line
);
229 void *CRYPTO_aligned_alloc(size_t num
, size_t alignment
, void **freeptr
,
230 const char *file
, int line
)
236 #if defined(OPENSSL_SMALL_FOOTPRINT)
237 ret
= freeptr
= NULL
;
241 #if defined (_BSD_SOURCE) || (defined(_POSIX_C_SOURCE) && _POSIX_C_SOURCE >= 200112L)
242 if (posix_memalign(&ret
, alignment
, num
))
246 #elif defined(_ISOC11_SOURCE)
247 ret
= *freeptr
= aligned_alloc(alignment
, num
);
250 /* we have to do this the hard way */
253 * Note: Windows supports an _aligned_malloc call, but we choose
254 * not to use it here, because allocations from that function
255 * require that they be freed via _aligned_free. Given that
256 * we can't differentiate plain malloc blocks from blocks obtained
257 * via _aligned_malloc, just avoid its use entirely
261 * Step 1: Allocate an amount of memory that is <alignment>
262 * bytes bigger than requested
264 *freeptr
= malloc(num
+ alignment
);
265 if (*freeptr
== NULL
)
269 * Step 2: Add <alignment - 1> bytes to the pointer
270 * This will cross the alignment boundary that is
273 ret
= (void *)((char *)*freeptr
+ (alignment
- 1));
276 * Step 3: Use the alignment as a mask to translate the
277 * least significant bits of the allocation at the alignment
278 * boundary to 0. ret now holds a pointer to the memory
279 * buffer at the requested alignment
280 * NOTE: It is a documented requirement that alignment be a
281 * power of 2, which is what allows this to work
283 ret
= (void *)((uintptr_t)ret
& (uintptr_t)(~(alignment
- 1)));
288 void *CRYPTO_realloc(void *str
, size_t num
, const char *file
, int line
)
290 INCREMENT(realloc_count
);
291 if (realloc_impl
!= CRYPTO_realloc
)
292 return realloc_impl(str
, num
, file
, line
);
295 return CRYPTO_malloc(num
, file
, line
);
298 CRYPTO_free(str
, file
, line
);
303 return realloc(str
, num
);
306 void *CRYPTO_clear_realloc(void *str
, size_t old_len
, size_t num
,
307 const char *file
, int line
)
312 return CRYPTO_malloc(num
, file
, line
);
315 CRYPTO_clear_free(str
, old_len
, file
, line
);
319 /* Can't shrink the buffer since memcpy below copies |old_len| bytes. */
321 OPENSSL_cleanse((char*)str
+ num
, old_len
- num
);
325 ret
= CRYPTO_malloc(num
, file
, line
);
327 memcpy(ret
, str
, old_len
);
328 CRYPTO_clear_free(str
, old_len
, file
, line
);
333 void CRYPTO_free(void *str
, const char *file
, int line
)
335 INCREMENT(free_count
);
336 if (free_impl
!= CRYPTO_free
) {
337 free_impl(str
, file
, line
);
344 void CRYPTO_clear_free(void *str
, size_t num
, const char *file
, int line
)
349 OPENSSL_cleanse(str
, num
);
350 CRYPTO_free(str
, file
, line
);
353 #if !defined(OPENSSL_NO_CRYPTO_MDEBUG)
355 # ifndef OPENSSL_NO_DEPRECATED_3_0
356 int CRYPTO_mem_ctrl(int mode
)
362 int CRYPTO_set_mem_debug(int flag
)
368 int CRYPTO_mem_debug_push(const char *info
, const char *file
, int line
)
370 (void)info
; (void)file
; (void)line
;
374 int CRYPTO_mem_debug_pop(void)
379 void CRYPTO_mem_debug_malloc(void *addr
, size_t num
, int flag
,
380 const char *file
, int line
)
382 (void)addr
; (void)num
; (void)flag
; (void)file
; (void)line
;
385 void CRYPTO_mem_debug_realloc(void *addr1
, void *addr2
, size_t num
, int flag
,
386 const char *file
, int line
)
388 (void)addr1
; (void)addr2
; (void)num
; (void)flag
; (void)file
; (void)line
;
391 void CRYPTO_mem_debug_free(void *addr
, int flag
,
392 const char *file
, int line
)
394 (void)addr
; (void)flag
; (void)file
; (void)line
;
397 int CRYPTO_mem_leaks(BIO
*b
)
403 # ifndef OPENSSL_NO_STDIO
404 int CRYPTO_mem_leaks_fp(FILE *fp
)
411 int CRYPTO_mem_leaks_cb(int (*cb
)(const char *str
, size_t len
, void *u
),