openssl/ms/uplink.c

136 lines
4 KiB
C
Raw Normal View History

/*
* Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
2005-05-17 00:08:28 +00:00
#if (defined(_WIN64) || defined(_WIN32_WCE)) && !defined(UNICODE)
# define UNICODE
#endif
#if defined(UNICODE) && !defined(_UNICODE)
# define _UNICODE
#endif
#if defined(_UNICODE) && !defined(UNICODE)
# define UNICODE
#endif
#include <windows.h>
#include <tchar.h>
#include <stdio.h>
#include "uplink.h"
void OPENSSL_showfatal(const char *, ...);
static TCHAR msg[128];
static void unimplemented(void)
{
OPENSSL_showfatal(sizeof(TCHAR) == sizeof(char) ? "%s\n" : "%S\n", msg);
Windows: Call TerminateProcess, not ExitProcess Ty Baen-Price explains: > Problem and Resolution: > The following lines of code make use of the Microsoft API ExitProcess: > > ``` > Apps\Speed.c line 335: ExitProcess(ret); > Ms\uplink.c line 22: ExitProcess(1); > ``` > > These function calls are made after fatal errors are detected and > program termination is desired. ExitProcess(), however causes > _orderly_ shutdown of a process and all its threads, i.e. it unloads > all dlls and runs all destructors. See MSDN for details of exactly > what happens > (https://msdn.microsoft.com/en-us/library/windows/desktop/ms682658(v=vs.85).aspx). > The MSDN page states that ExitProcess should never be called unless > it is _known to be safe_ to call it. These calls should simply be > replaced with calls to TerminateProcess(), which is what should be > called for _disorderly_ shutdown. > > An example of usage: > > ``` > TerminateProcess(GetCurrentProcess(), exitcode); > ``` > > Effect of Problem: > Because of a compilation error (wrong c++ runtime), my program > executed the uplink.c ExitProcess() call. This caused the single > OpenSSL thread to start executing the destructors of all my dlls, > and their objects. Unfortunately, about 30 other threads were > happily using those objects at that time, eventually causing a > 0xC0000005 ACCESS_VIOLATION. Obviously an ACCESS_VIOLATION is the > best case scenario, as I'm sure you can imagine at the consequences > of undiscovered memory corruption, even in a terminating process. And on the subject of `TerminateProcess()` being asynchronous: > That is technically true, but I think it's probably synchronous > "enough" for your purposes, since a call to TerminateProcess > suspends execution of all threads in the target process. This means > it's really only asynchronous if you're calling TerminateProcess one > some _other_ process. If you're calling TerminateProcess on your own > process, you'll never return from the TerminateProcess call. Fixes #2489 Was originally RT-4526 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8301)
2019-02-21 17:25:50 +00:00
TerminateProcess(GetCurrentProcess(), 1);
}
void OPENSSL_Uplink(volatile void **table, int index)
{
static HMODULE volatile apphandle = NULL;
static void **volatile applinktable = NULL;
int len;
void (*func) (void) = unimplemented;
HANDLE h;
void **p;
2005-05-17 00:08:28 +00:00
/*
* Note that the below code is not MT-safe in respect to msg buffer, but
* what's the worst thing that can happen? Error message might be
* misleading or corrupted. As error condition is fatal and should never
* be risen, I accept the risk...
*/
/*
* One can argue that I should have used InterlockedExchangePointer or
* something to update static variables and table[]. Well, store
* instructions are as atomic as they can get and assigned values are
* effectively constant... So that volatile qualifier should be
* sufficient [it prohibits compiler to reorder memory access
* instructions].
*/
2005-05-17 00:08:28 +00:00
do {
len = _sntprintf(msg, sizeof(msg) / sizeof(TCHAR),
_T("OPENSSL_Uplink(%p,%02X): "), table, index);
_tcscpy(msg + len, _T("unimplemented function"));
2005-05-17 00:08:28 +00:00
if ((h = apphandle) == NULL) {
if ((h = GetModuleHandle(NULL)) == NULL) {
apphandle = (HMODULE) - 1;
_tcscpy(msg + len, _T("no host application"));
break;
}
apphandle = h;
}
if ((h = apphandle) == (HMODULE) - 1) /* revalidate */
break;
2005-05-17 00:08:28 +00:00
if (applinktable == NULL) {
void **(*applink) ();
2005-05-17 00:08:28 +00:00
applink = (void **(*)())GetProcAddress(h, "OPENSSL_Applink");
if (applink == NULL) {
apphandle = (HMODULE) - 1;
_tcscpy(msg + len, _T("no OPENSSL_Applink"));
break;
}
p = (*applink) ();
if (p == NULL) {
apphandle = (HMODULE) - 1;
_tcscpy(msg + len, _T("no ApplinkTable"));
break;
}
applinktable = p;
} else
p = applinktable;
if (index > (int)p[0])
break;
2005-05-17 00:08:28 +00:00
if (p[index])
func = p[index];
2005-05-17 00:08:28 +00:00
} while (0);
2005-05-17 00:08:28 +00:00
table[index] = func;
}
#if defined(_MSC_VER) && defined(_M_IX86)
# define LAZY(i) \
__declspec(naked) static void lazy##i (void) { \
_asm push i \
_asm push OFFSET OPENSSL_UplinkTable \
_asm call OPENSSL_Uplink \
_asm add esp,8 \
_asm jmp OPENSSL_UplinkTable+4*i }
# if APPLINK_MAX>25
# error "Add more stubs..."
# endif
/* make some in advance... */
LAZY(1) LAZY(2) LAZY(3) LAZY(4) LAZY(5)
LAZY(6) LAZY(7) LAZY(8) LAZY(9) LAZY(10)
LAZY(11) LAZY(12) LAZY(13) LAZY(14) LAZY(15)
LAZY(16) LAZY(17) LAZY(18) LAZY(19) LAZY(20)
LAZY(21) LAZY(22) LAZY(23) LAZY(24) LAZY(25)
void *OPENSSL_UplinkTable[] = {
(void *)APPLINK_MAX,
lazy1, lazy2, lazy3, lazy4, lazy5,
lazy6, lazy7, lazy8, lazy9, lazy10,
lazy11, lazy12, lazy13, lazy14, lazy15,
lazy16, lazy17, lazy18, lazy19, lazy20,
lazy21, lazy22, lazy23, lazy24, lazy25,
};
#endif
#ifdef SELFTEST
main()
{
UP_fprintf(UP_stdout, "hello, world!\n");
}
#endif