/src/boringssl/crypto/mem.cc
Line | Count | Source |
1 | | // Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. |
2 | | // |
3 | | // Licensed under the Apache License, Version 2.0 (the "License"); |
4 | | // you may not use this file except in compliance with the License. |
5 | | // You may obtain a copy of the License at |
6 | | // |
7 | | // https://www.apache.org/licenses/LICENSE-2.0 |
8 | | // |
9 | | // Unless required by applicable law or agreed to in writing, software |
10 | | // distributed under the License is distributed on an "AS IS" BASIS, |
11 | | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
12 | | // See the License for the specific language governing permissions and |
13 | | // limitations under the License. |
14 | | |
15 | | #include <openssl/mem.h> |
16 | | |
17 | | #include <assert.h> |
18 | | #include <errno.h> |
19 | | #include <limits.h> |
20 | | #include <stdarg.h> |
21 | | #include <stdio.h> |
22 | | #include <stdlib.h> |
23 | | |
24 | | #include <openssl/err.h> |
25 | | |
26 | | #if defined(OPENSSL_WINDOWS) |
27 | | #include <windows.h> |
28 | | #endif |
29 | | |
30 | | #if defined(BORINGSSL_MALLOC_FAILURE_TESTING) |
31 | | #include <errno.h> |
32 | | #include <signal.h> |
33 | | #include <unistd.h> |
34 | | #endif |
35 | | |
36 | | #include "internal.h" |
37 | | |
38 | | |
39 | | using namespace bssl; |
40 | | |
41 | 196M | #define OPENSSL_MALLOC_PREFIX 8 |
42 | | static_assert(OPENSSL_MALLOC_PREFIX >= sizeof(size_t), "size_t too large"); |
43 | | |
44 | | #if defined(OPENSSL_ASAN) |
45 | | extern "C" { |
46 | | void __asan_poison_memory_region(const volatile void *addr, size_t size); |
47 | | void __asan_unpoison_memory_region(const volatile void *addr, size_t size); |
48 | | } |
49 | | #else |
50 | 29.7M | static void __asan_poison_memory_region(const void *addr, size_t size) {} |
51 | 29.7M | static void __asan_unpoison_memory_region(const void *addr, size_t size) {} |
52 | | #endif |
53 | | |
54 | | // Windows doesn't really support weak symbols as of May 2019, and Clang on |
55 | | // Windows will emit strong symbols instead. See |
56 | | // https://bugs.llvm.org/show_bug.cgi?id=37598 |
57 | | // |
58 | | // EDK2 targets UEFI but builds as ELF and then translates the binary to |
59 | | // COFF(!). Thus it builds with __ELF__ defined but cannot actually cope with |
60 | | // weak symbols. |
61 | | #if !defined(__EDK2_BORINGSSL__) && defined(__ELF__) && defined(__GNUC__) |
62 | | #define WEAK_SYMBOL_FUNC(rettype, name, args) \ |
63 | | extern "C" { \ |
64 | | rettype name args __attribute__((weak)); \ |
65 | | } |
66 | | #else |
67 | | #define WEAK_SYMBOL_FUNC(rettype, name, args) \ |
68 | | static rettype(*const name) args = nullptr; |
69 | | #endif |
70 | | |
71 | | #if defined(BORINGSSL_DETECT_SDALLOCX) |
72 | | // sdallocx is a sized |free| function. By passing the size (which we happen to |
73 | | // always know in BoringSSL), the malloc implementation can save work. We cannot |
74 | | // depend on |sdallocx| being available, however, so it's a weak symbol. |
75 | | // |
76 | | // This mechanism is kept opt-in because it assumes that, when |sdallocx| is |
77 | | // defined, it is part of the same allocator as |malloc|. This is usually true |
78 | | // but may break if |malloc| does not implement |sdallocx|, but some other |
79 | | // allocator with |sdallocx| is imported which does. |
80 | | WEAK_SYMBOL_FUNC(void, sdallocx, (void *ptr, size_t size, int flags)) |
81 | | #else |
82 | | static void (*const sdallocx)(void *ptr, size_t size, int flags) = nullptr; |
83 | | #endif |
84 | | |
85 | | // The following three functions can be defined to override default heap |
86 | | // allocation and freeing. If defined, it is the responsibility of |
87 | | // |OPENSSL_memory_free| to zero out the memory before returning it to the |
88 | | // system. |OPENSSL_memory_free| will not be passed NULL pointers. |
89 | | // |
90 | | // WARNING: These functions are called on every allocation and free in |
91 | | // BoringSSL across the entire process. They may be called by any code in the |
92 | | // process which calls BoringSSL, including in process initializers and thread |
93 | | // destructors. When called, BoringSSL may hold pthreads locks. Any other code |
94 | | // in the process which, directly or indirectly, calls BoringSSL may be on the |
95 | | // call stack and may itself be using arbitrary synchronization primitives. |
96 | | // |
97 | | // As a result, these functions may not have the usual programming environment |
98 | | // available to most C or C++ code. In particular, they may not call into |
99 | | // BoringSSL, or any library which depends on BoringSSL. Any synchronization |
100 | | // primitives used must tolerate every other synchronization primitive linked |
101 | | // into the process, including pthreads locks. Failing to meet these constraints |
102 | | // may result in deadlocks, crashes, or memory corruption. |
103 | | WEAK_SYMBOL_FUNC(void *, OPENSSL_memory_alloc, (size_t size)) |
104 | | WEAK_SYMBOL_FUNC(void, OPENSSL_memory_free, (void *ptr)) |
105 | | WEAK_SYMBOL_FUNC(size_t, OPENSSL_memory_get_size, (void *ptr)) |
106 | | |
107 | | #if defined(BORINGSSL_MALLOC_FAILURE_TESTING) |
108 | | static StaticMutex malloc_failure_lock; |
109 | | static uint64_t current_malloc_count = 0; |
110 | | static uint64_t malloc_number_to_fail = 0; |
111 | | static int malloc_failure_enabled = 0, break_on_malloc_fail = 0, |
112 | | any_malloc_failed = 0, disable_malloc_failures = 0; |
113 | | |
114 | | static void malloc_exit_handler() { |
115 | | MutexReadLock lock(&malloc_failure_lock); |
116 | | if (any_malloc_failed) { |
117 | | // Signal to the test driver that some allocation failed, so it knows to |
118 | | // increment the counter and continue. |
119 | | _exit(88); |
120 | | } |
121 | | } |
122 | | |
123 | | static void init_malloc_failure() { |
124 | | const char *env = getenv("MALLOC_NUMBER_TO_FAIL"); |
125 | | if (env != nullptr && env[0] != 0) { |
126 | | char *endptr; |
127 | | malloc_number_to_fail = strtoull(env, &endptr, 10); |
128 | | if (*endptr == 0) { |
129 | | malloc_failure_enabled = 1; |
130 | | atexit(malloc_exit_handler); |
131 | | } |
132 | | } |
133 | | break_on_malloc_fail = getenv("MALLOC_BREAK_ON_FAIL") != nullptr; |
134 | | } |
135 | | |
136 | | // should_fail_allocation returns one if the current allocation should fail and |
137 | | // zero otherwise. |
138 | | static int should_fail_allocation() { |
139 | | static CRYPTO_once_t once = CRYPTO_ONCE_INIT; |
140 | | CRYPTO_once(&once, init_malloc_failure); |
141 | | if (!malloc_failure_enabled || disable_malloc_failures) { |
142 | | return 0; |
143 | | } |
144 | | |
145 | | // We lock just so multi-threaded tests are still correct, but we won't test |
146 | | // every malloc exhaustively. |
147 | | malloc_failure_lock.LockWrite(); |
148 | | int should_fail = current_malloc_count == malloc_number_to_fail; |
149 | | current_malloc_count++; |
150 | | any_malloc_failed = any_malloc_failed || should_fail; |
151 | | malloc_failure_lock.UnlockWrite(); |
152 | | |
153 | | if (should_fail && break_on_malloc_fail) { |
154 | | raise(SIGTRAP); |
155 | | } |
156 | | if (should_fail) { |
157 | | errno = ENOMEM; |
158 | | } |
159 | | return should_fail; |
160 | | } |
161 | | |
162 | | void bssl::OPENSSL_reset_malloc_counter_for_testing() { |
163 | | MutexWriteLock lock(&malloc_failure_lock); |
164 | | current_malloc_count = 0; |
165 | | } |
166 | | |
167 | | void bssl::OPENSSL_disable_malloc_failures_for_testing() { |
168 | | MutexWriteLock lock(&malloc_failure_lock); |
169 | | BSSL_CHECK(!disable_malloc_failures); |
170 | | disable_malloc_failures = 1; |
171 | | } |
172 | | |
173 | | void bssl::OPENSSL_enable_malloc_failures_for_testing() { |
174 | | MutexWriteLock lock(&malloc_failure_lock); |
175 | | BSSL_CHECK(disable_malloc_failures); |
176 | | disable_malloc_failures = 0; |
177 | | } |
178 | | |
179 | | #else |
180 | 26.7M | static int should_fail_allocation() { return 0; } |
181 | | #endif |
182 | | |
183 | 26.7M | void *OPENSSL_malloc(size_t size) { |
184 | 26.7M | void *ptr = nullptr; |
185 | 26.7M | if (should_fail_allocation()) { |
186 | 0 | goto err; |
187 | 0 | } |
188 | | |
189 | 26.7M | if (OPENSSL_memory_alloc != nullptr) { |
190 | 0 | assert(OPENSSL_memory_free != nullptr); |
191 | 0 | assert(OPENSSL_memory_get_size != nullptr); |
192 | 0 | void *ptr2 = OPENSSL_memory_alloc(size); |
193 | 0 | if (ptr2 == nullptr && size != 0) { |
194 | 0 | goto err; |
195 | 0 | } |
196 | 0 | return ptr2; |
197 | 0 | } |
198 | | |
199 | 26.7M | if (size + OPENSSL_MALLOC_PREFIX < size) { |
200 | 0 | goto err; |
201 | 0 | } |
202 | | |
203 | 26.7M | ptr = malloc(size + OPENSSL_MALLOC_PREFIX); |
204 | 26.7M | if (ptr == nullptr) { |
205 | 0 | goto err; |
206 | 0 | } |
207 | | |
208 | 26.7M | *(size_t *)ptr = size; |
209 | | |
210 | 26.7M | __asan_poison_memory_region(ptr, OPENSSL_MALLOC_PREFIX); |
211 | 26.7M | return ((uint8_t *)ptr) + OPENSSL_MALLOC_PREFIX; |
212 | | |
213 | 0 | err: |
214 | | // This only works because ERR does not call OPENSSL_malloc. |
215 | 0 | OPENSSL_PUT_ERROR(CRYPTO, ERR_R_MALLOC_FAILURE); |
216 | 0 | return nullptr; |
217 | 26.7M | } |
218 | | |
219 | 3.17M | void *OPENSSL_zalloc(size_t size) { |
220 | 3.17M | void *ret = OPENSSL_malloc(size); |
221 | 3.17M | if (ret != nullptr) { |
222 | 3.17M | OPENSSL_memset(ret, 0, size); |
223 | 3.17M | } |
224 | 3.17M | return ret; |
225 | 3.17M | } |
226 | | |
227 | 2.12M | void *OPENSSL_calloc(size_t num, size_t size) { |
228 | 2.12M | if (size != 0 && num > SIZE_MAX / size) { |
229 | 0 | OPENSSL_PUT_ERROR(CRYPTO, ERR_R_OVERFLOW); |
230 | 0 | return nullptr; |
231 | 0 | } |
232 | | |
233 | 2.12M | return OPENSSL_zalloc(num * size); |
234 | 2.12M | } |
235 | | |
236 | 47.8M | void OPENSSL_free(void *orig_ptr) { |
237 | 47.8M | if (orig_ptr == nullptr) { |
238 | 21.1M | return; |
239 | 21.1M | } |
240 | | |
241 | 26.7M | if (OPENSSL_memory_free != nullptr) { |
242 | 0 | OPENSSL_memory_free(orig_ptr); |
243 | 0 | return; |
244 | 0 | } |
245 | | |
246 | 26.7M | void *ptr = ((uint8_t *)orig_ptr) - OPENSSL_MALLOC_PREFIX; |
247 | 26.7M | __asan_unpoison_memory_region(ptr, OPENSSL_MALLOC_PREFIX); |
248 | | |
249 | 26.7M | size_t size = *(size_t *)ptr; |
250 | 26.7M | OPENSSL_cleanse(ptr, size + OPENSSL_MALLOC_PREFIX); |
251 | | |
252 | | // ASan knows to intercept malloc and free, but not sdallocx. |
253 | | #if defined(OPENSSL_ASAN) |
254 | | (void)sdallocx; |
255 | | free(ptr); |
256 | | #else |
257 | 26.7M | if (sdallocx) { |
258 | 0 | sdallocx(ptr, size + OPENSSL_MALLOC_PREFIX, 0 /* flags */); |
259 | 26.7M | } else { |
260 | 26.7M | free(ptr); |
261 | 26.7M | } |
262 | 26.7M | #endif |
263 | 26.7M | } |
264 | | |
265 | 3.39M | void *OPENSSL_realloc(void *orig_ptr, size_t new_size) { |
266 | 3.39M | if (orig_ptr == nullptr) { |
267 | 395k | return OPENSSL_malloc(new_size); |
268 | 395k | } |
269 | | |
270 | 3.00M | size_t old_size; |
271 | 3.00M | if (OPENSSL_memory_get_size != nullptr) { |
272 | 0 | old_size = OPENSSL_memory_get_size(orig_ptr); |
273 | 3.00M | } else { |
274 | 3.00M | void *ptr = ((uint8_t *)orig_ptr) - OPENSSL_MALLOC_PREFIX; |
275 | 3.00M | __asan_unpoison_memory_region(ptr, OPENSSL_MALLOC_PREFIX); |
276 | 3.00M | old_size = *(size_t *)ptr; |
277 | 3.00M | __asan_poison_memory_region(ptr, OPENSSL_MALLOC_PREFIX); |
278 | 3.00M | } |
279 | | |
280 | 3.00M | void *ret = OPENSSL_malloc(new_size); |
281 | 3.00M | if (ret == nullptr) { |
282 | 0 | return nullptr; |
283 | 0 | } |
284 | | |
285 | 3.00M | size_t to_copy = new_size; |
286 | 3.00M | if (old_size < to_copy) { |
287 | 3.00M | to_copy = old_size; |
288 | 3.00M | } |
289 | | |
290 | 3.00M | memcpy(ret, orig_ptr, to_copy); |
291 | 3.00M | OPENSSL_free(orig_ptr); |
292 | | |
293 | 3.00M | return ret; |
294 | 3.00M | } |
295 | | |
296 | 29.9M | void OPENSSL_cleanse(void *ptr, size_t len) { |
297 | | #if defined(OPENSSL_WINDOWS) |
298 | | SecureZeroMemory(ptr, len); |
299 | | #else |
300 | 29.9M | OPENSSL_memset(ptr, 0, len); |
301 | | |
302 | 29.9M | #if !defined(OPENSSL_NO_ASM) |
303 | | /* As best as we can tell, this is sufficient to break any optimisations that |
304 | | might try to eliminate "superfluous" memsets. If there's an easy way to |
305 | | detect memset_s, it would be better to use that. */ |
306 | 29.9M | __asm__ __volatile__("" : : "r"(ptr) : "memory"); |
307 | 29.9M | #endif |
308 | 29.9M | #endif // !OPENSSL_NO_ASM |
309 | 29.9M | } |
310 | | |
311 | 0 | void OPENSSL_clear_free(void *ptr, size_t unused) { OPENSSL_free(ptr); } |
312 | | |
313 | 0 | int CRYPTO_secure_malloc_init(size_t size, size_t min_size) { return 0; } |
314 | | |
315 | 0 | int CRYPTO_secure_malloc_initialized() { return 0; } |
316 | | |
317 | 0 | size_t CRYPTO_secure_used() { return 0; } |
318 | | |
319 | 0 | void *OPENSSL_secure_malloc(size_t size) { return OPENSSL_malloc(size); } |
320 | | |
321 | 0 | void OPENSSL_secure_clear_free(void *ptr, size_t len) { |
322 | 0 | OPENSSL_clear_free(ptr, len); |
323 | 0 | } |
324 | | |
325 | 168k | int CRYPTO_memcmp(const void *in_a, const void *in_b, size_t len) { |
326 | 168k | const uint8_t *a = reinterpret_cast<const uint8_t *>(in_a); |
327 | 168k | const uint8_t *b = reinterpret_cast<const uint8_t *>(in_b); |
328 | 168k | uint8_t x = 0; |
329 | | |
330 | 4.43M | for (size_t i = 0; i < len; i++) { |
331 | 4.26M | x |= a[i] ^ b[i]; |
332 | 4.26M | } |
333 | | |
334 | 168k | return x; |
335 | 168k | } |
336 | | |
337 | 369k | uint32_t OPENSSL_hash32(const void *ptr, size_t len) { |
338 | | // These are the FNV-1a parameters for 32 bits. |
339 | 369k | static const uint32_t kPrime = 16777619u; |
340 | 369k | static const uint32_t kOffsetBasis = 2166136261u; |
341 | | |
342 | 369k | const uint8_t *in = reinterpret_cast<const uint8_t *>(ptr); |
343 | 369k | uint32_t h = kOffsetBasis; |
344 | | |
345 | 1.24M | for (size_t i = 0; i < len; i++) { |
346 | 875k | h ^= in[i]; |
347 | 875k | h *= kPrime; |
348 | 875k | } |
349 | | |
350 | 369k | return h; |
351 | 369k | } |
352 | | |
353 | 369k | uint32_t OPENSSL_strhash(const char *s) { return OPENSSL_hash32(s, strlen(s)); } |
354 | | |
355 | 149k | size_t OPENSSL_strnlen(const char *s, size_t len) { |
356 | 1.67M | for (size_t i = 0; i < len; i++) { |
357 | 1.52M | if (s[i] == 0) { |
358 | 0 | return i; |
359 | 0 | } |
360 | 1.52M | } |
361 | | |
362 | 149k | return len; |
363 | 149k | } |
364 | | |
365 | 399k | char *OPENSSL_strdup(const char *s) { |
366 | 399k | if (s == nullptr) { |
367 | 3 | return nullptr; |
368 | 3 | } |
369 | | // Copy the NUL terminator. |
370 | 399k | return reinterpret_cast<char *>(OPENSSL_memdup(s, strlen(s) + 1)); |
371 | 399k | } |
372 | | |
373 | 597k | int OPENSSL_isalpha(int c) { |
374 | 597k | return (c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z'); |
375 | 597k | } |
376 | | |
377 | 5.46M | int OPENSSL_isdigit(int c) { return c >= '0' && c <= '9'; } |
378 | | |
379 | 176k | int OPENSSL_isxdigit(int c) { |
380 | 176k | return OPENSSL_isdigit(c) || (c >= 'a' && c <= 'f') || (c >= 'A' && c <= 'F'); |
381 | 176k | } |
382 | | |
383 | 185k | int OPENSSL_fromxdigit(uint8_t *out, int c) { |
384 | 185k | if (OPENSSL_isdigit(c)) { |
385 | 143k | *out = c - '0'; |
386 | 143k | return 1; |
387 | 143k | } |
388 | 41.6k | if ('a' <= c && c <= 'f') { |
389 | 34.8k | *out = c - 'a' + 10; |
390 | 34.8k | return 1; |
391 | 34.8k | } |
392 | 6.76k | if ('A' <= c && c <= 'F') { |
393 | 6.60k | *out = c - 'A' + 10; |
394 | 6.60k | return 1; |
395 | 6.60k | } |
396 | 159 | return 0; |
397 | 6.76k | } |
398 | | |
399 | 597k | int OPENSSL_isalnum(int c) { return OPENSSL_isalpha(c) || OPENSSL_isdigit(c); } |
400 | | |
401 | 5.43M | int OPENSSL_tolower(int c) { |
402 | 5.43M | if (c >= 'A' && c <= 'Z') { |
403 | 1.29M | return c + ('a' - 'A'); |
404 | 1.29M | } |
405 | 4.14M | return c; |
406 | 5.43M | } |
407 | | |
408 | 12.5M | int OPENSSL_isspace(int c) { |
409 | 12.5M | return c == '\t' || c == '\n' || c == '\v' || c == '\f' || c == '\r' || |
410 | 11.9M | c == ' '; |
411 | 12.5M | } |
412 | | |
413 | 0 | int OPENSSL_strcasecmp(const char *a, const char *b) { |
414 | 0 | for (size_t i = 0;; i++) { |
415 | 0 | const int aa = OPENSSL_tolower(a[i]); |
416 | 0 | const int bb = OPENSSL_tolower(b[i]); |
417 | |
|
418 | 0 | if (aa < bb) { |
419 | 0 | return -1; |
420 | 0 | } else if (aa > bb) { |
421 | 0 | return 1; |
422 | 0 | } else if (aa == 0) { |
423 | 0 | return 0; |
424 | 0 | } |
425 | 0 | } |
426 | 0 | } |
427 | | |
428 | 0 | int OPENSSL_strncasecmp(const char *a, const char *b, size_t n) { |
429 | 0 | for (size_t i = 0; i < n; i++) { |
430 | 0 | const int aa = OPENSSL_tolower(a[i]); |
431 | 0 | const int bb = OPENSSL_tolower(b[i]); |
432 | |
|
433 | 0 | if (aa < bb) { |
434 | 0 | return -1; |
435 | 0 | } else if (aa > bb) { |
436 | 0 | return 1; |
437 | 0 | } else if (aa == 0) { |
438 | 0 | return 0; |
439 | 0 | } |
440 | 0 | } |
441 | | |
442 | 0 | return 0; |
443 | 0 | } |
444 | | |
445 | 0 | int BIO_snprintf(char *buf, size_t n, const char *format, ...) { |
446 | 0 | va_list args; |
447 | 0 | va_start(args, format); |
448 | 0 | int ret = BIO_vsnprintf(buf, n, format, args); |
449 | 0 | va_end(args); |
450 | 0 | return ret; |
451 | 0 | } |
452 | | |
453 | 0 | int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args) { |
454 | 0 | return vsnprintf(buf, n, format, args); |
455 | 0 | } |
456 | | |
457 | | int bssl::OPENSSL_vasprintf_internal(char **str, const char *format, |
458 | 12.5k | va_list args, int system_malloc) { |
459 | 12.5k | void *(*allocate)(size_t) = system_malloc ? malloc : OPENSSL_malloc; |
460 | 12.5k | void (*deallocate)(void *) = system_malloc ? free : OPENSSL_free; |
461 | 12.5k | void *(*reallocate)(void *, size_t) = |
462 | 12.5k | system_malloc ? realloc : OPENSSL_realloc; |
463 | 12.5k | char *candidate = nullptr; |
464 | 12.5k | size_t candidate_len = 64; // TODO(bbe) what's the best initial size? |
465 | 12.5k | int ret; |
466 | | |
467 | 12.5k | if ((candidate = reinterpret_cast<char *>(allocate(candidate_len))) == |
468 | 12.5k | nullptr) { |
469 | 0 | goto err; |
470 | 0 | } |
471 | 12.5k | va_list args_copy; |
472 | 12.5k | va_copy(args_copy, args); |
473 | 12.5k | ret = vsnprintf(candidate, candidate_len, format, args_copy); |
474 | 12.5k | va_end(args_copy); |
475 | 12.5k | if (ret < 0) { |
476 | 0 | goto err; |
477 | 0 | } |
478 | 12.5k | if ((size_t)ret >= candidate_len) { |
479 | | // Too big to fit in allocation. |
480 | 59 | char *tmp; |
481 | | |
482 | 59 | candidate_len = (size_t)ret + 1; |
483 | 59 | if ((tmp = reinterpret_cast<char *>( |
484 | 59 | reallocate(candidate, candidate_len))) == nullptr) { |
485 | 0 | goto err; |
486 | 0 | } |
487 | 59 | candidate = tmp; |
488 | 59 | ret = vsnprintf(candidate, candidate_len, format, args); |
489 | 59 | } |
490 | | // At this point this should not happen unless vsnprintf is insane. |
491 | 12.5k | if (ret < 0 || (size_t)ret >= candidate_len) { |
492 | 0 | goto err; |
493 | 0 | } |
494 | 12.5k | *str = candidate; |
495 | 12.5k | return ret; |
496 | | |
497 | 0 | err: |
498 | 0 | deallocate(candidate); |
499 | 0 | *str = nullptr; |
500 | 0 | errno = ENOMEM; |
501 | 0 | return -1; |
502 | 12.5k | } |
503 | | |
504 | 1.13k | int OPENSSL_vasprintf(char **str, const char *format, va_list args) { |
505 | 1.13k | return OPENSSL_vasprintf_internal(str, format, args, /*system_malloc=*/0); |
506 | 1.13k | } |
507 | | |
508 | 1.13k | int OPENSSL_asprintf(char **str, const char *format, ...) { |
509 | 1.13k | va_list args; |
510 | 1.13k | va_start(args, format); |
511 | 1.13k | int ret = OPENSSL_vasprintf(str, format, args); |
512 | 1.13k | va_end(args); |
513 | 1.13k | return ret; |
514 | 1.13k | } |
515 | | |
516 | 149k | char *OPENSSL_strndup(const char *str, size_t size) { |
517 | 149k | size = OPENSSL_strnlen(str, size); |
518 | | |
519 | 149k | size_t alloc_size = size + 1; |
520 | 149k | if (alloc_size < size) { |
521 | | // overflow |
522 | 0 | OPENSSL_PUT_ERROR(CRYPTO, ERR_R_MALLOC_FAILURE); |
523 | 0 | return nullptr; |
524 | 0 | } |
525 | 149k | char *ret = reinterpret_cast<char *>(OPENSSL_malloc(alloc_size)); |
526 | 149k | if (ret == nullptr) { |
527 | 0 | return nullptr; |
528 | 0 | } |
529 | | |
530 | 149k | OPENSSL_memcpy(ret, str, size); |
531 | 149k | ret[size] = '\0'; |
532 | 149k | return ret; |
533 | 149k | } |
534 | | |
535 | 149k | size_t OPENSSL_strlcpy(char *dst, const char *src, size_t dst_size) { |
536 | 149k | size_t l = 0; |
537 | | |
538 | 2.96M | for (; dst_size > 1 && *src; dst_size--) { |
539 | 2.81M | *dst++ = *src++; |
540 | 2.81M | l++; |
541 | 2.81M | } |
542 | | |
543 | 149k | if (dst_size) { |
544 | 149k | *dst = 0; |
545 | 149k | } |
546 | | |
547 | 149k | return l + strlen(src); |
548 | 149k | } |
549 | | |
550 | 102k | size_t OPENSSL_strlcat(char *dst, const char *src, size_t dst_size) { |
551 | 102k | size_t l = 0; |
552 | 1.15M | for (; dst_size > 0 && *dst; dst_size--, dst++) { |
553 | 1.05M | l++; |
554 | 1.05M | } |
555 | 102k | return l + OPENSSL_strlcpy(dst, src, dst_size); |
556 | 102k | } |
557 | | |
558 | 2.96M | void *OPENSSL_memdup(const void *data, size_t size) { |
559 | 2.96M | if (size == 0) { |
560 | 8.88k | return nullptr; |
561 | 8.88k | } |
562 | | |
563 | 2.96M | void *ret = OPENSSL_malloc(size); |
564 | 2.96M | if (ret == nullptr) { |
565 | 0 | return nullptr; |
566 | 0 | } |
567 | | |
568 | 2.96M | OPENSSL_memcpy(ret, data, size); |
569 | 2.96M | return ret; |
570 | 2.96M | } |
571 | | |
572 | 0 | void *CRYPTO_malloc(size_t size, const char *file, int line) { |
573 | 0 | return OPENSSL_malloc(size); |
574 | 0 | } |
575 | | |
576 | 0 | void *CRYPTO_realloc(void *ptr, size_t new_size, const char *file, int line) { |
577 | 0 | return OPENSSL_realloc(ptr, new_size); |
578 | 0 | } |
579 | | |
580 | 0 | void CRYPTO_free(void *ptr, const char *file, int line) { OPENSSL_free(ptr); } |