Tweak sec_mem tests

Remove assertion when mmap() fails.
Only run the 1<<31 limit test on Linux

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3455)
This commit is contained in:
Todd Short 2017-05-12 16:46:39 -04:00 committed by Rich Salz
parent 2117a737f3
commit c8e89d58a5
2 changed files with 22 additions and 4 deletions

View file

@ -425,7 +425,6 @@ static int sh_init(size_t size, int minsize)
close(fd);
}
}
OPENSSL_assert(sh.map_result != MAP_FAILED);
if (sh.map_result == MAP_FAILED)
goto err;
sh.arena = (char *)(sh.map_result + pgsize);

View file

@ -75,12 +75,31 @@ static int test_sec_mem(void)
TEST_ptr_null(OPENSSL_secure_malloc((size_t)-1));
TEST_true(CRYPTO_secure_malloc_done());
/*-
* There was also a possible infinite loop when the number of
* elements was 1<<31, as |int i| was set to that, which is a
* negative number. However, it requires minimum input values:
*
* CRYPTO_secure_malloc_init((size_t)1<<34, (size_t)1<<4);
*
* Which really only works on 64-bit systems, and even then the
* code attempts to allocate 16 GB secure memory arena. Linux
* can deal with this better than other Unixy OS's (e.g. MacOS)
* but we don't want to push the system too hard during a unit
* test. In addition, trying to allocate 16GB will cause the
* mlock() call to fail, so that was at least changed to no
* longer be an assert. If the reader of this comment really
* wants to make sure that infinite loop is fixed, they can
* enable the code below.
*/
# if 0
/* This test should only be run under Linux... runner beware */
if (sizeof(size_t) > 4) {
TEST_info("Possible infinite loop: 1<<31 limit");
if (!TEST_true(CRYPTO_secure_malloc_init((size_t)1<<34, (size_t)1<<4) != 0))
goto end;
if (TEST_true(CRYPTO_secure_malloc_init((size_t)1<<34, (size_t)1<<4) != 0))
TEST_true(CRYPTO_secure_malloc_done());
}
# endif
/* this can complete - it was not really secure */
testresult = 1;