2016-05-17 18:51:04 +00:00
|
|
|
/*
|
2018-01-19 09:49:22 +00:00
|
|
|
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
|
1998-12-21 10:52:47 +00:00
|
|
|
*
|
2018-12-06 13:03:01 +00:00
|
|
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
2016-05-17 18:51:04 +00:00
|
|
|
* this file except in compliance with the License. You can obtain a copy
|
|
|
|
* in the file LICENSE in the source distribution or at
|
|
|
|
* https://www.openssl.org/source/license.html
|
1998-12-21 10:52:47 +00:00
|
|
|
*/
|
|
|
|
|
2017-08-23 23:05:07 +00:00
|
|
|
#include "e_os.h"
|
|
|
|
#include "internal/cryptlib.h"
|
|
|
|
#include "internal/cryptlib_int.h"
|
1998-12-21 10:52:47 +00:00
|
|
|
#include <stdio.h>
|
|
|
|
#include <stdlib.h>
|
2016-01-07 20:06:38 +00:00
|
|
|
#include <limits.h>
|
1999-07-19 09:25:35 +00:00
|
|
|
#include <openssl/crypto.h>
|
2019-03-20 14:27:52 +00:00
|
|
|
#if !defined(OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE) && !defined(FIPS_MODE)
|
2016-07-08 17:40:08 +00:00
|
|
|
# include <execinfo.h>
|
|
|
|
#endif
|
1998-12-21 10:52:47 +00:00
|
|
|
|
2015-01-22 03:40:55 +00:00
|
|
|
/*
|
|
|
|
* the following pointers may be changed as long as 'allow_customize' is set
|
|
|
|
*/
|
2016-01-07 20:06:38 +00:00
|
|
|
static int allow_customize = 1;
|
2001-01-10 18:09:57 +00:00
|
|
|
|
2016-02-17 01:24:25 +00:00
|
|
|
static void *(*malloc_impl)(size_t, const char *, int)
|
2016-01-07 20:06:38 +00:00
|
|
|
= CRYPTO_malloc;
|
2016-02-17 01:24:25 +00:00
|
|
|
static void *(*realloc_impl)(void *, size_t, const char *, int)
|
2016-01-07 20:06:38 +00:00
|
|
|
= CRYPTO_realloc;
|
2016-02-17 01:24:25 +00:00
|
|
|
static void (*free_impl)(void *, const char *, int)
|
2016-01-07 20:06:38 +00:00
|
|
|
= CRYPTO_free;
|
2015-04-24 20:39:40 +00:00
|
|
|
|
2019-03-20 14:27:52 +00:00
|
|
|
#if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODE)
|
2018-08-03 08:46:03 +00:00
|
|
|
# include "internal/tsan_assist.h"
|
2017-10-05 01:17:58 +00:00
|
|
|
|
2018-08-03 08:46:03 +00:00
|
|
|
static TSAN_QUALIFIER int malloc_count;
|
|
|
|
static TSAN_QUALIFIER int realloc_count;
|
|
|
|
static TSAN_QUALIFIER int free_count;
|
|
|
|
|
|
|
|
# define INCREMENT(x) tsan_counter(&(x))
|
2017-10-05 01:17:58 +00:00
|
|
|
|
2016-07-08 17:40:08 +00:00
|
|
|
static char *md_failstring;
|
|
|
|
static long md_count;
|
2017-01-13 16:00:26 +00:00
|
|
|
static int md_fail_percent = 0;
|
2016-07-08 17:40:08 +00:00
|
|
|
static int md_tracefd = -1;
|
2016-01-07 20:06:38 +00:00
|
|
|
static int call_malloc_debug = 1;
|
2016-07-08 17:40:08 +00:00
|
|
|
|
|
|
|
static void parseit(void);
|
|
|
|
static int shouldfail(void);
|
|
|
|
|
|
|
|
# define FAILTEST() if (shouldfail()) return NULL
|
|
|
|
|
1999-12-18 02:34:37 +00:00
|
|
|
#else
|
2016-01-07 20:06:38 +00:00
|
|
|
static int call_malloc_debug = 0;
|
2016-07-08 17:40:08 +00:00
|
|
|
|
2017-10-05 01:17:58 +00:00
|
|
|
# define INCREMENT(x) /* empty */
|
2016-07-08 17:40:08 +00:00
|
|
|
# define FAILTEST() /* empty */
|
1999-12-18 02:34:37 +00:00
|
|
|
#endif
|
1999-12-17 12:56:24 +00:00
|
|
|
|
2016-01-07 20:06:38 +00:00
|
|
|
int CRYPTO_set_mem_functions(
|
|
|
|
void *(*m)(size_t, const char *, int),
|
|
|
|
void *(*r)(void *, size_t, const char *, int),
|
2016-02-17 01:24:25 +00:00
|
|
|
void (*f)(void *, const char *, int))
|
2015-04-24 20:39:40 +00:00
|
|
|
{
|
|
|
|
if (!allow_customize)
|
|
|
|
return 0;
|
2016-01-07 20:06:38 +00:00
|
|
|
if (m)
|
2016-02-17 01:24:25 +00:00
|
|
|
malloc_impl = m;
|
2016-01-07 20:06:38 +00:00
|
|
|
if (r)
|
2016-02-17 01:24:25 +00:00
|
|
|
realloc_impl = r;
|
2016-01-07 20:06:38 +00:00
|
|
|
if (f)
|
2016-02-17 01:24:25 +00:00
|
|
|
free_impl = f;
|
2015-04-24 20:39:40 +00:00
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
2016-01-07 20:06:38 +00:00
|
|
|
int CRYPTO_set_mem_debug(int flag)
|
2015-04-24 20:39:40 +00:00
|
|
|
{
|
|
|
|
if (!allow_customize)
|
|
|
|
return 0;
|
2016-01-07 20:06:38 +00:00
|
|
|
call_malloc_debug = flag;
|
2015-01-22 03:40:55 +00:00
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
2016-01-07 20:06:38 +00:00
|
|
|
void CRYPTO_get_mem_functions(
|
|
|
|
void *(**m)(size_t, const char *, int),
|
|
|
|
void *(**r)(void *, size_t, const char *, int),
|
2016-02-17 01:24:25 +00:00
|
|
|
void (**f)(void *, const char *, int))
|
2015-01-22 03:40:55 +00:00
|
|
|
{
|
|
|
|
if (m != NULL)
|
2016-02-17 01:24:25 +00:00
|
|
|
*m = malloc_impl;
|
2015-01-22 03:40:55 +00:00
|
|
|
if (r != NULL)
|
2016-02-17 01:24:25 +00:00
|
|
|
*r = realloc_impl;
|
2015-04-24 20:39:40 +00:00
|
|
|
if (f != NULL)
|
2016-02-17 01:24:25 +00:00
|
|
|
*f = free_impl;
|
2015-01-22 03:40:55 +00:00
|
|
|
}
|
1998-12-21 10:52:47 +00:00
|
|
|
|
2019-03-20 14:27:52 +00:00
|
|
|
#if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODE)
|
2017-10-05 01:17:58 +00:00
|
|
|
void CRYPTO_get_alloc_counts(int *mcount, int *rcount, int *fcount)
|
|
|
|
{
|
|
|
|
if (mcount != NULL)
|
2018-08-03 08:46:03 +00:00
|
|
|
*mcount = tsan_load(&malloc_count);
|
2017-10-05 01:17:58 +00:00
|
|
|
if (rcount != NULL)
|
2018-08-03 08:46:03 +00:00
|
|
|
*rcount = tsan_load(&realloc_count);
|
2017-10-05 01:17:58 +00:00
|
|
|
if (fcount != NULL)
|
2018-08-03 08:46:03 +00:00
|
|
|
*fcount = tsan_load(&free_count);
|
2017-10-05 01:17:58 +00:00
|
|
|
}
|
|
|
|
|
2016-07-08 17:40:08 +00:00
|
|
|
/*
|
|
|
|
* Parse a "malloc failure spec" string. This likes like a set of fields
|
|
|
|
* separated by semicolons. Each field has a count and an optional failure
|
|
|
|
* percentage. For example:
|
2017-01-13 16:00:26 +00:00
|
|
|
* 100@0;100@25;0@0
|
|
|
|
* or 100;100@25;0
|
2016-07-08 17:40:08 +00:00
|
|
|
* This means 100 mallocs succeed, then next 100 fail 25% of the time, and
|
|
|
|
* all remaining (count is zero) succeed.
|
|
|
|
*/
|
|
|
|
static void parseit(void)
|
|
|
|
{
|
|
|
|
char *semi = strchr(md_failstring, ';');
|
|
|
|
char *atsign;
|
|
|
|
|
|
|
|
if (semi != NULL)
|
|
|
|
*semi++ = '\0';
|
|
|
|
|
|
|
|
/* Get the count (atol will stop at the @ if there), and percentage */
|
|
|
|
md_count = atol(md_failstring);
|
|
|
|
atsign = strchr(md_failstring, '@');
|
2017-01-13 16:00:26 +00:00
|
|
|
md_fail_percent = atsign == NULL ? 0 : atoi(atsign + 1);
|
2016-07-08 17:40:08 +00:00
|
|
|
|
|
|
|
if (semi != NULL)
|
|
|
|
md_failstring = semi;
|
|
|
|
}
|
|
|
|
|
2017-06-27 09:25:03 +00:00
|
|
|
/*
|
|
|
|
* Windows doesn't have random(), but it has rand()
|
|
|
|
* Some rand() implementations aren't good, but we're not
|
|
|
|
* dealing with secure randomness here.
|
|
|
|
*/
|
2018-01-08 13:13:51 +00:00
|
|
|
# ifdef _WIN32
|
|
|
|
# define random() rand()
|
|
|
|
# endif
|
2016-07-08 17:40:08 +00:00
|
|
|
/*
|
|
|
|
* See if the current malloc should fail.
|
|
|
|
*/
|
|
|
|
static int shouldfail(void)
|
|
|
|
{
|
|
|
|
int roll = (int)(random() % 100);
|
2017-02-17 13:31:51 +00:00
|
|
|
int shoulditfail = roll < md_fail_percent;
|
2018-01-08 13:13:51 +00:00
|
|
|
# ifndef _WIN32
|
|
|
|
/* suppressed on Windows as POSIX-like file descriptors are non-inheritable */
|
2017-07-03 23:56:05 +00:00
|
|
|
int len;
|
2016-07-08 17:40:08 +00:00
|
|
|
char buff[80];
|
|
|
|
|
|
|
|
if (md_tracefd > 0) {
|
|
|
|
BIO_snprintf(buff, sizeof(buff),
|
|
|
|
"%c C%ld %%%d R%d\n",
|
2017-02-17 13:31:51 +00:00
|
|
|
shoulditfail ? '-' : '+', md_count, md_fail_percent, roll);
|
2017-07-03 23:56:05 +00:00
|
|
|
len = strlen(buff);
|
|
|
|
if (write(md_tracefd, buff, len) != len)
|
|
|
|
perror("shouldfail write failed");
|
2018-01-08 13:13:51 +00:00
|
|
|
# ifndef OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
|
2017-02-17 13:31:51 +00:00
|
|
|
if (shoulditfail) {
|
2016-07-08 17:40:08 +00:00
|
|
|
void *addrs[30];
|
|
|
|
int num = backtrace(addrs, OSSL_NELEM(addrs));
|
|
|
|
|
|
|
|
backtrace_symbols_fd(addrs, num, md_tracefd);
|
|
|
|
}
|
2018-01-08 13:13:51 +00:00
|
|
|
# endif
|
2016-07-08 17:40:08 +00:00
|
|
|
}
|
2018-01-08 13:13:51 +00:00
|
|
|
# endif
|
2016-07-08 17:40:08 +00:00
|
|
|
|
|
|
|
if (md_count) {
|
|
|
|
/* If we used up this one, go to the next. */
|
|
|
|
if (--md_count == 0)
|
|
|
|
parseit();
|
|
|
|
}
|
|
|
|
|
2017-02-17 13:31:51 +00:00
|
|
|
return shoulditfail;
|
2016-07-08 17:40:08 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
void ossl_malloc_setup_failures(void)
|
|
|
|
{
|
|
|
|
const char *cp = getenv("OPENSSL_MALLOC_FAILURES");
|
|
|
|
|
|
|
|
if (cp != NULL && (md_failstring = strdup(cp)) != NULL)
|
|
|
|
parseit();
|
|
|
|
if ((cp = getenv("OPENSSL_MALLOC_FD")) != NULL)
|
|
|
|
md_tracefd = atoi(cp);
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
2015-12-17 07:24:26 +00:00
|
|
|
void *CRYPTO_malloc(size_t num, const char *file, int line)
|
2015-01-22 03:40:55 +00:00
|
|
|
{
|
|
|
|
void *ret = NULL;
|
|
|
|
|
2017-10-05 01:17:58 +00:00
|
|
|
INCREMENT(malloc_count);
|
2016-02-17 01:24:25 +00:00
|
|
|
if (malloc_impl != NULL && malloc_impl != CRYPTO_malloc)
|
|
|
|
return malloc_impl(num, file, line);
|
|
|
|
|
2017-02-18 07:44:49 +00:00
|
|
|
if (num == 0)
|
2015-01-22 03:40:55 +00:00
|
|
|
return NULL;
|
|
|
|
|
2016-07-08 17:40:08 +00:00
|
|
|
FAILTEST();
|
2018-03-06 18:21:49 +00:00
|
|
|
if (allow_customize) {
|
|
|
|
/*
|
|
|
|
* Disallow customization after the first allocation. We only set this
|
|
|
|
* if necessary to avoid a store to the same cache line on every
|
|
|
|
* allocation.
|
|
|
|
*/
|
|
|
|
allow_customize = 0;
|
|
|
|
}
|
2019-03-20 14:27:52 +00:00
|
|
|
#if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODE)
|
2016-01-07 20:06:38 +00:00
|
|
|
if (call_malloc_debug) {
|
|
|
|
CRYPTO_mem_debug_malloc(NULL, num, 0, file, line);
|
|
|
|
ret = malloc(num);
|
|
|
|
CRYPTO_mem_debug_malloc(ret, num, 1, file, line);
|
|
|
|
} else {
|
|
|
|
ret = malloc(num);
|
2015-01-22 03:40:55 +00:00
|
|
|
}
|
2016-01-07 20:06:38 +00:00
|
|
|
#else
|
2017-08-21 21:22:19 +00:00
|
|
|
(void)(file); (void)(line);
|
2016-01-07 20:06:38 +00:00
|
|
|
ret = malloc(num);
|
|
|
|
#endif
|
1998-12-21 10:52:47 +00:00
|
|
|
|
2015-01-22 03:40:55 +00:00
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2015-12-17 07:24:26 +00:00
|
|
|
void *CRYPTO_zalloc(size_t num, const char *file, int line)
|
2015-08-25 17:25:58 +00:00
|
|
|
{
|
|
|
|
void *ret = CRYPTO_malloc(num, file, line);
|
|
|
|
|
2016-07-08 17:40:08 +00:00
|
|
|
FAILTEST();
|
2015-08-25 17:25:58 +00:00
|
|
|
if (ret != NULL)
|
|
|
|
memset(ret, 0, num);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2015-12-17 07:24:26 +00:00
|
|
|
void *CRYPTO_realloc(void *str, size_t num, const char *file, int line)
|
2015-01-22 03:40:55 +00:00
|
|
|
{
|
2017-10-05 01:17:58 +00:00
|
|
|
INCREMENT(realloc_count);
|
2016-02-17 01:24:25 +00:00
|
|
|
if (realloc_impl != NULL && realloc_impl != &CRYPTO_realloc)
|
|
|
|
return realloc_impl(str, num, file, line);
|
|
|
|
|
2016-07-08 17:40:08 +00:00
|
|
|
FAILTEST();
|
2015-01-22 03:40:55 +00:00
|
|
|
if (str == NULL)
|
|
|
|
return CRYPTO_malloc(num, file, line);
|
2003-02-19 11:54:42 +00:00
|
|
|
|
2016-01-07 20:06:38 +00:00
|
|
|
if (num == 0) {
|
2016-02-17 01:24:25 +00:00
|
|
|
CRYPTO_free(str, file, line);
|
2015-01-22 03:40:55 +00:00
|
|
|
return NULL;
|
2016-01-07 20:06:38 +00:00
|
|
|
}
|
2003-02-19 11:54:42 +00:00
|
|
|
|
2019-03-20 14:27:52 +00:00
|
|
|
#if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODE)
|
2016-01-07 20:06:38 +00:00
|
|
|
if (call_malloc_debug) {
|
|
|
|
void *ret;
|
|
|
|
CRYPTO_mem_debug_realloc(str, NULL, num, 0, file, line);
|
|
|
|
ret = realloc(str, num);
|
|
|
|
CRYPTO_mem_debug_realloc(str, ret, num, 1, file, line);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
#else
|
2017-08-21 21:22:19 +00:00
|
|
|
(void)(file); (void)(line);
|
2016-01-07 20:06:38 +00:00
|
|
|
#endif
|
|
|
|
return realloc(str, num);
|
1999-12-17 12:56:24 +00:00
|
|
|
|
2015-01-22 03:40:55 +00:00
|
|
|
}
|
1998-12-21 10:52:47 +00:00
|
|
|
|
2015-12-16 21:51:12 +00:00
|
|
|
void *CRYPTO_clear_realloc(void *str, size_t old_len, size_t num,
|
2015-12-17 07:24:26 +00:00
|
|
|
const char *file, int line)
|
2015-01-22 03:40:55 +00:00
|
|
|
{
|
|
|
|
void *ret = NULL;
|
|
|
|
|
|
|
|
if (str == NULL)
|
|
|
|
return CRYPTO_malloc(num, file, line);
|
|
|
|
|
2016-01-07 20:06:38 +00:00
|
|
|
if (num == 0) {
|
2016-02-17 01:24:25 +00:00
|
|
|
CRYPTO_clear_free(str, old_len, file, line);
|
2015-01-22 03:40:55 +00:00
|
|
|
return NULL;
|
2016-01-07 20:06:38 +00:00
|
|
|
}
|
2015-01-22 03:40:55 +00:00
|
|
|
|
2016-01-07 20:06:38 +00:00
|
|
|
/* Can't shrink the buffer since memcpy below copies |old_len| bytes. */
|
|
|
|
if (num < old_len) {
|
2016-06-24 22:37:27 +00:00
|
|
|
OPENSSL_cleanse((char*)str + num, old_len - num);
|
2016-01-07 20:06:38 +00:00
|
|
|
return str;
|
|
|
|
}
|
2015-01-22 03:40:55 +00:00
|
|
|
|
2016-02-17 01:24:25 +00:00
|
|
|
ret = CRYPTO_malloc(num, file, line);
|
2016-04-21 14:30:17 +00:00
|
|
|
if (ret != NULL) {
|
2016-01-07 20:06:38 +00:00
|
|
|
memcpy(ret, str, old_len);
|
2016-04-21 14:30:17 +00:00
|
|
|
CRYPTO_clear_free(str, old_len, file, line);
|
|
|
|
}
|
2015-01-22 03:40:55 +00:00
|
|
|
return ret;
|
|
|
|
}
|
2002-11-13 15:43:43 +00:00
|
|
|
|
2016-02-17 01:24:25 +00:00
|
|
|
void CRYPTO_free(void *str, const char *file, int line)
|
2015-01-22 03:40:55 +00:00
|
|
|
{
|
2017-10-05 01:17:58 +00:00
|
|
|
INCREMENT(free_count);
|
2016-02-17 01:24:25 +00:00
|
|
|
if (free_impl != NULL && free_impl != &CRYPTO_free) {
|
|
|
|
free_impl(str, file, line);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2019-03-20 14:27:52 +00:00
|
|
|
#if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODE)
|
2016-01-07 20:06:38 +00:00
|
|
|
if (call_malloc_debug) {
|
2016-02-17 01:24:25 +00:00
|
|
|
CRYPTO_mem_debug_free(str, 0, file, line);
|
2016-01-07 20:06:38 +00:00
|
|
|
free(str);
|
2016-02-17 01:24:25 +00:00
|
|
|
CRYPTO_mem_debug_free(str, 1, file, line);
|
2016-01-07 20:06:38 +00:00
|
|
|
} else {
|
|
|
|
free(str);
|
|
|
|
}
|
|
|
|
#else
|
|
|
|
free(str);
|
|
|
|
#endif
|
2015-01-22 03:40:55 +00:00
|
|
|
}
|
1998-12-21 10:52:47 +00:00
|
|
|
|
2016-02-17 01:24:25 +00:00
|
|
|
void CRYPTO_clear_free(void *str, size_t num, const char *file, int line)
|
2015-04-30 21:57:32 +00:00
|
|
|
{
|
2016-01-07 20:06:38 +00:00
|
|
|
if (str == NULL)
|
2015-04-30 21:57:32 +00:00
|
|
|
return;
|
|
|
|
if (num)
|
|
|
|
OPENSSL_cleanse(str, num);
|
2016-02-17 01:24:25 +00:00
|
|
|
CRYPTO_free(str, file, line);
|
2015-04-30 21:57:32 +00:00
|
|
|
}
|