crypto/mem.c

   1 /*
   2  * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
   3  *
   4  * Licensed under the Apache License 2.0 (the "License").  You may not use
   5  * this file except in compliance with the License.  You can obtain a copy
   6  * in the file LICENSE in the source distribution or at
   7  * https://www.openssl.org/source/license.html
   8  */
   9
  10 #include "e_os.h"
  11 #include "internal/cryptlib.h"
  12 #include "crypto/cryptlib.h"
  13 #include <stdio.h>
  14 #include <stdlib.h>
  15 #include <limits.h>
  16 #include <openssl/crypto.h>
  17
  18 /*
  19  * the following pointers may be changed as long as 'allow_customize' is set
  20  */
  21 static int allow_customize = 1;
  22 static CRYPTO_malloc_fn malloc_impl = CRYPTO_malloc;
  23 static CRYPTO_realloc_fn realloc_impl = CRYPTO_realloc;
  24 static CRYPTO_free_fn free_impl = CRYPTO_free;
  25
  26 #if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODULE)
  27 # include "internal/tsan_assist.h"
  28
  29 static TSAN_QUALIFIER int malloc_count;
  30 static TSAN_QUALIFIER int realloc_count;
  31 static TSAN_QUALIFIER int free_count;
  32
  33 # define INCREMENT(x) tsan_counter(&(x))
  34
  35 static char *md_failstring;
  36 static long md_count;
  37 static int md_fail_percent = 0;
  38 static int md_tracefd = -1;
  39
  40 static void parseit(void);
  41 static int shouldfail(void);
  42
  43 # define FAILTEST() if (shouldfail()) return NULL
  44
  45 #else
  46
  47 # define INCREMENT(x) /* empty */
  48 # define FAILTEST() /* empty */
  49 #endif
  50
  51 int CRYPTO_set_mem_functions(CRYPTO_malloc_fn malloc_fn,
  52                              CRYPTO_realloc_fn realloc_fn,
  53                              CRYPTO_free_fn free_fn)
  54 {
  55     if (!allow_customize)
  56         return 0;
  57     if (malloc_fn != NULL)
  58         malloc_impl = malloc_fn;
  59     if (realloc_fn != NULL)
  60         realloc_impl = realloc_fn;
  61     if (free_fn != NULL)
  62         free_impl = free_fn;
  63     return 1;
  64 }
  65
  66 void CRYPTO_get_mem_functions(CRYPTO_malloc_fn *malloc_fn,
  67                               CRYPTO_realloc_fn *realloc_fn,
  68                               CRYPTO_free_fn *free_fn)
  69 {
  70     if (malloc_fn != NULL)
  71         *malloc_fn = malloc_impl;
  72     if (realloc_fn != NULL)
  73         *realloc_fn = realloc_impl;
  74     if (free_fn != NULL)
  75         *free_fn = free_impl;
  76 }
  77
  78 #if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODULE)
  79 void CRYPTO_get_alloc_counts(int *mcount, int *rcount, int *fcount)
  80 {
  81     if (mcount != NULL)
  82         *mcount = tsan_load(&malloc_count);
  83     if (rcount != NULL)
  84         *rcount = tsan_load(&realloc_count);
  85     if (fcount != NULL)
  86         *fcount = tsan_load(&free_count);
  87 }
  88
  89 /*
  90  * Parse a "malloc failure spec" string.  This likes like a set of fields
  91  * separated by semicolons.  Each field has a count and an optional failure
  92  * percentage.  For example:
  93  *          100@0;100@25;0@0
  94  *    or    100;100@25;0
  95  * This means 100 mallocs succeed, then next 100 fail 25% of the time, and
  96  * all remaining (count is zero) succeed.
  97  */
  98 static void parseit(void)
  99 {
 100     char *semi = strchr(md_failstring, ';');
 101     char *atsign;
 102
 103     if (semi != NULL)
 104         *semi++ = '\0';
 105
 106     /* Get the count (atol will stop at the @ if there), and percentage */
 107     md_count = atol(md_failstring);
 108     atsign = strchr(md_failstring, '@');
 109     md_fail_percent = atsign == NULL ? 0 : atoi(atsign + 1);
 110
 111     if (semi != NULL)
 112         md_failstring = semi;
 113 }
 114
 115 /*
 116  * Windows doesn't have random(), but it has rand()
 117  * Some rand() implementations aren't good, but we're not
 118  * dealing with secure randomness here.
 119  */
 120 # ifdef _WIN32
 121 #  define random() rand()
 122 # endif
 123 /*
 124  * See if the current malloc should fail.
 125  */
 126 static int shouldfail(void)
 127 {
 128     int roll = (int)(random() % 100);
 129     int shoulditfail = roll < md_fail_percent;
 130 # ifndef _WIN32
 131 /* suppressed on Windows as POSIX-like file descriptors are non-inheritable */
 132     int len;
 133     char buff[80];
 134
 135     if (md_tracefd > 0) {
 136         BIO_snprintf(buff, sizeof(buff),
 137                      "%c C%ld %%%d R%d\n",
 138                      shoulditfail ? '-' : '+', md_count, md_fail_percent, roll);
 139         len = strlen(buff);
 140         if (write(md_tracefd, buff, len) != len)
 141             perror("shouldfail write failed");
 142     }
 143 # endif
 144
 145     if (md_count) {
 146         /* If we used up this one, go to the next. */
 147         if (--md_count == 0)
 148             parseit();
 149     }
 150
 151     return shoulditfail;
 152 }
 153
 154 void ossl_malloc_setup_failures(void)
 155 {
 156     const char *cp = getenv("OPENSSL_MALLOC_FAILURES");
 157
 158     if (cp != NULL && (md_failstring = strdup(cp)) != NULL)
 159         parseit();
 160     if ((cp = getenv("OPENSSL_MALLOC_FD")) != NULL)
 161         md_tracefd = atoi(cp);
 162 }
 163 #endif
 164
 165 void *CRYPTO_malloc(size_t num, const char *file, int line)
 166 {
 167     INCREMENT(malloc_count);
 168     if (malloc_impl != CRYPTO_malloc)
 169         return malloc_impl(num, file, line);
 170
 171     if (num == 0)
 172         return NULL;
 173
 174     FAILTEST();
 175     if (allow_customize) {
 176         /*
 177          * Disallow customization after the first allocation. We only set this
 178          * if necessary to avoid a store to the same cache line on every
 179          * allocation.
 180          */
 181         allow_customize = 0;
 182     }
 183
 184     return malloc(num);
 185 }
 186
 187 void *CRYPTO_zalloc(size_t num, const char *file, int line)
 188 {
 189     void *ret;
 190
 191     ret = CRYPTO_malloc(num, file, line);
 192     FAILTEST();
 193     if (ret != NULL)
 194         memset(ret, 0, num);
 195
 196     return ret;
 197 }
 198
 199 void *CRYPTO_realloc(void *str, size_t num, const char *file, int line)
 200 {
 201     INCREMENT(realloc_count);
 202     if (realloc_impl != CRYPTO_realloc)
 203         return realloc_impl(str, num, file, line);
 204
 205     FAILTEST();
 206     if (str == NULL)
 207         return CRYPTO_malloc(num, file, line);
 208
 209     if (num == 0) {
 210         CRYPTO_free(str, file, line);
 211         return NULL;
 212     }
 213
 214     return realloc(str, num);
 215 }
 216
 217 void *CRYPTO_clear_realloc(void *str, size_t old_len, size_t num,
 218                            const char *file, int line)
 219 {
 220     void *ret = NULL;
 221
 222     if (str == NULL)
 223         return CRYPTO_malloc(num, file, line);
 224
 225     if (num == 0) {
 226         CRYPTO_clear_free(str, old_len, file, line);
 227         return NULL;
 228     }
 229
 230     /* Can't shrink the buffer since memcpy below copies |old_len| bytes. */
 231     if (num < old_len) {
 232         OPENSSL_cleanse((char*)str + num, old_len - num);
 233         return str;
 234     }
 235
 236     ret = CRYPTO_malloc(num, file, line);
 237     if (ret != NULL) {
 238         memcpy(ret, str, old_len);
 239         CRYPTO_clear_free(str, old_len, file, line);
 240     }
 241     return ret;
 242 }
 243
 244 void CRYPTO_free(void *str, const char *file, int line)
 245 {
 246     INCREMENT(free_count);
 247     if (free_impl != CRYPTO_free) {
 248         free_impl(str, file, line);
 249         return;
 250     }
 251
 252     free(str);
 253 }
 254
 255 void CRYPTO_clear_free(void *str, size_t num, const char *file, int line)
 256 {
 257     if (str == NULL)
 258         return;
 259     if (num)
 260         OPENSSL_cleanse(str, num);
 261     CRYPTO_free(str, file, line);
 262 }
 263
 264 #if !defined(OPENSSL_NO_CRYPTO_MDEBUG)
 265
 266 # ifndef OPENSSL_NO_DEPRECATED_3_0
 267 int CRYPTO_mem_ctrl(int mode)
 268 {
 269     (void)mode;
 270     return -1;
 271 }
 272
 273 int CRYPTO_set_mem_debug(int flag)
 274 {
 275     (void)flag;
 276     return -1;
 277 }
 278
 279 int CRYPTO_mem_debug_push(const char *info, const char *file, int line)
 280 {
 281     (void)info; (void)file; (void)line;
 282     return -1;
 283 }
 284
 285 int CRYPTO_mem_debug_pop(void)
 286 {
 287     return -1;
 288 }
 289
 290 void CRYPTO_mem_debug_malloc(void *addr, size_t num, int flag,
 291                              const char *file, int line)
 292 {
 293     (void)addr; (void)num; (void)flag; (void)file; (void)line;
 294 }
 295
 296 void CRYPTO_mem_debug_realloc(void *addr1, void *addr2, size_t num, int flag,
 297                               const char *file, int line)
 298 {
 299     (void)addr1; (void)addr2; (void)num; (void)flag; (void)file; (void)line;
 300 }
 301
 302 void CRYPTO_mem_debug_free(void *addr, int flag,
 303                            const char *file, int line)
 304 {
 305     (void)addr; (void)flag; (void)file; (void)line;
 306 }
 307
 308 int CRYPTO_mem_leaks(BIO *b)
 309 {
 310     (void)b;
 311     return -1;
 312 }
 313
 314 #  ifndef OPENSSL_NO_STDIO
 315 int CRYPTO_mem_leaks_fp(FILE *fp)
 316 {
 317     (void)fp;
 318     return -1;
 319 }
 320 #  endif
 321
 322 int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
 323                         void *u)
 324 {
 325     (void)cb; (void)u;
 326     return -1;
 327 }
 328
 329 # endif
 330
 331 #endif