/src/mozilla-central/security/nss/lib/util/secport.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* This Source Code Form is subject to the terms of the Mozilla Public |
2 | | * License, v. 2.0. If a copy of the MPL was not distributed with this |
3 | | * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
4 | | |
5 | | /* |
6 | | * secport.c - portability interfaces for security libraries |
7 | | * |
8 | | * This file abstracts out libc functionality that libsec depends on |
9 | | * |
10 | | * NOTE - These are not public interfaces |
11 | | */ |
12 | | |
13 | | #include "seccomon.h" |
14 | | #include "prmem.h" |
15 | | #include "prerror.h" |
16 | | #include "plarena.h" |
17 | | #include "secerr.h" |
18 | | #include "prmon.h" |
19 | | #include "nssilock.h" |
20 | | #include "secport.h" |
21 | | #include "prenv.h" |
22 | | #include "prinit.h" |
23 | | |
24 | | #include <stdint.h> |
25 | | |
26 | | #ifdef DEBUG |
27 | | #define THREADMARK |
28 | | #endif /* DEBUG */ |
29 | | |
30 | | #ifdef THREADMARK |
31 | | #include "prthread.h" |
32 | | #endif /* THREADMARK */ |
33 | | |
34 | | #if defined(XP_UNIX) || defined(XP_OS2) || defined(XP_BEOS) |
35 | | #include <stdlib.h> |
36 | | #else |
37 | | #include "wtypes.h" |
38 | | #endif |
39 | | |
40 | | #define SET_ERROR_CODE /* place holder for code to set PR error code. */ |
41 | | |
42 | | #ifdef THREADMARK |
43 | | typedef struct threadmark_mark_str { |
44 | | struct threadmark_mark_str *next; |
45 | | void *mark; |
46 | | } threadmark_mark; |
47 | | |
48 | | #endif /* THREADMARK */ |
49 | | |
50 | | /* The value of this magic must change each time PORTArenaPool changes. */ |
51 | 0 | #define ARENAPOOL_MAGIC 0xB8AC9BDF |
52 | | |
53 | 0 | #define CHEAP_ARENAPOOL_MAGIC 0x3F16BB09 |
54 | | |
55 | | typedef struct PORTArenaPool_str { |
56 | | PLArenaPool arena; |
57 | | PRUint32 magic; |
58 | | PRLock *lock; |
59 | | #ifdef THREADMARK |
60 | | PRThread *marking_thread; |
61 | | threadmark_mark *first_mark; |
62 | | #endif |
63 | | } PORTArenaPool; |
64 | | |
65 | | /* locations for registering Unicode conversion functions. |
66 | | * XXX is this the appropriate location? or should they be |
67 | | * moved to client/server specific locations? |
68 | | */ |
69 | | PORTCharConversionFunc ucs4Utf8ConvertFunc; |
70 | | PORTCharConversionFunc ucs2Utf8ConvertFunc; |
71 | | PORTCharConversionWSwapFunc ucs2AsciiConvertFunc; |
72 | | |
73 | | /* NSPR memory allocation functions (PR_Malloc, PR_Calloc, and PR_Realloc) |
74 | | * use the PRUint32 type for the size parameter. Before we pass a size_t or |
75 | | * unsigned long size to these functions, we need to ensure it is <= half of |
76 | | * the maximum PRUint32 value to avoid truncation and catch a negative size. |
77 | | */ |
78 | 0 | #define MAX_SIZE (PR_UINT32_MAX >> 1) |
79 | | |
80 | | void * |
81 | | PORT_Alloc(size_t bytes) |
82 | 0 | { |
83 | 0 | void *rv = NULL; |
84 | 0 |
|
85 | 0 | if (bytes <= MAX_SIZE) { |
86 | 0 | /* Always allocate a non-zero amount of bytes */ |
87 | 0 | rv = PR_Malloc(bytes ? bytes : 1); |
88 | 0 | } |
89 | 0 | if (!rv) { |
90 | 0 | PORT_SetError(SEC_ERROR_NO_MEMORY); |
91 | 0 | } |
92 | 0 | return rv; |
93 | 0 | } |
94 | | |
95 | | void * |
96 | | PORT_Realloc(void *oldptr, size_t bytes) |
97 | 0 | { |
98 | 0 | void *rv = NULL; |
99 | 0 |
|
100 | 0 | if (bytes <= MAX_SIZE) { |
101 | 0 | rv = PR_Realloc(oldptr, bytes); |
102 | 0 | } |
103 | 0 | if (!rv) { |
104 | 0 | PORT_SetError(SEC_ERROR_NO_MEMORY); |
105 | 0 | } |
106 | 0 | return rv; |
107 | 0 | } |
108 | | |
109 | | void * |
110 | | PORT_ZAlloc(size_t bytes) |
111 | 0 | { |
112 | 0 | void *rv = NULL; |
113 | 0 |
|
114 | 0 | if (bytes <= MAX_SIZE) { |
115 | 0 | /* Always allocate a non-zero amount of bytes */ |
116 | 0 | rv = PR_Calloc(1, bytes ? bytes : 1); |
117 | 0 | } |
118 | 0 | if (!rv) { |
119 | 0 | PORT_SetError(SEC_ERROR_NO_MEMORY); |
120 | 0 | } |
121 | 0 | return rv; |
122 | 0 | } |
123 | | |
124 | | /* aligned_alloc is C11. This is an alternative to get aligned memory. */ |
125 | | void * |
126 | | PORT_ZAllocAligned(size_t bytes, size_t alignment, void **mem) |
127 | 0 | { |
128 | 0 | size_t x = alignment - 1; |
129 | 0 |
|
130 | 0 | /* This only works if alignment is a power of 2. */ |
131 | 0 | if ((alignment == 0) || (alignment & (alignment - 1))) { |
132 | 0 | PORT_SetError(SEC_ERROR_INVALID_ARGS); |
133 | 0 | return NULL; |
134 | 0 | } |
135 | 0 |
|
136 | 0 | if (!mem) { |
137 | 0 | return NULL; |
138 | 0 | } |
139 | 0 | |
140 | 0 | /* Always allocate a non-zero amount of bytes */ |
141 | 0 | *mem = PORT_ZAlloc((bytes ? bytes : 1) + x); |
142 | 0 | if (!*mem) { |
143 | 0 | PORT_SetError(SEC_ERROR_NO_MEMORY); |
144 | 0 | return NULL; |
145 | 0 | } |
146 | 0 |
|
147 | 0 | return (void *)(((uintptr_t)*mem + x) & ~(uintptr_t)x); |
148 | 0 | } |
149 | | |
150 | | void * |
151 | | PORT_ZAllocAlignedOffset(size_t size, size_t alignment, size_t offset) |
152 | 0 | { |
153 | 0 | PORT_Assert(offset < size); |
154 | 0 | if (offset > size) { |
155 | 0 | return NULL; |
156 | 0 | } |
157 | 0 | |
158 | 0 | void *mem = NULL; |
159 | 0 | void *v = PORT_ZAllocAligned(size, alignment, &mem); |
160 | 0 | if (!v) { |
161 | 0 | return NULL; |
162 | 0 | } |
163 | 0 | |
164 | 0 | PORT_Assert(mem); |
165 | 0 | *((void **)((uintptr_t)v + offset)) = mem; |
166 | 0 | return v; |
167 | 0 | } |
168 | | |
169 | | void |
170 | | PORT_Free(void *ptr) |
171 | 0 | { |
172 | 0 | if (ptr) { |
173 | 0 | PR_Free(ptr); |
174 | 0 | } |
175 | 0 | } |
176 | | |
177 | | void |
178 | | PORT_ZFree(void *ptr, size_t len) |
179 | 0 | { |
180 | 0 | if (ptr) { |
181 | 0 | memset(ptr, 0, len); |
182 | 0 | PR_Free(ptr); |
183 | 0 | } |
184 | 0 | } |
185 | | |
186 | | char * |
187 | | PORT_Strdup(const char *str) |
188 | 0 | { |
189 | 0 | size_t len = PORT_Strlen(str) + 1; |
190 | 0 | char *newstr; |
191 | 0 |
|
192 | 0 | newstr = (char *)PORT_Alloc(len); |
193 | 0 | if (newstr) { |
194 | 0 | PORT_Memcpy(newstr, str, len); |
195 | 0 | } |
196 | 0 | return newstr; |
197 | 0 | } |
198 | | |
199 | | void |
200 | | PORT_SetError(int value) |
201 | 0 | { |
202 | 0 | PR_SetError(value, 0); |
203 | 0 | return; |
204 | 0 | } |
205 | | |
206 | | int |
207 | | PORT_GetError(void) |
208 | 0 | { |
209 | 0 | return (PR_GetError()); |
210 | 0 | } |
211 | | |
212 | | /********************* Arena code follows ***************************** |
213 | | * ArenaPools are like heaps. The memory in them consists of large blocks, |
214 | | * called arenas, which are allocated from the/a system heap. Inside an |
215 | | * ArenaPool, the arenas are organized as if they were in a stack. Newly |
216 | | * allocated arenas are "pushed" on that stack. When you attempt to |
217 | | * allocate memory from an ArenaPool, the code first looks to see if there |
218 | | * is enough unused space in the top arena on the stack to satisfy your |
219 | | * request, and if so, your request is satisfied from that arena. |
220 | | * Otherwise, a new arena is allocated (or taken from NSPR's list of freed |
221 | | * arenas) and pushed on to the stack. The new arena is always big enough |
222 | | * to satisfy the request, and is also at least a minimum size that is |
223 | | * established at the time that the ArenaPool is created. |
224 | | * |
225 | | * The ArenaMark function returns the address of a marker in the arena at |
226 | | * the top of the arena stack. It is the address of the place in the arena |
227 | | * on the top of the arena stack from which the next block of memory will |
228 | | * be allocated. Each ArenaPool has its own separate stack, and hence |
229 | | * marks are only relevant to the ArenaPool from which they are gotten. |
230 | | * Marks may be nested. That is, a thread can get a mark, and then get |
231 | | * another mark. |
232 | | * |
233 | | * It is intended that all the marks in an ArenaPool may only be owned by a |
234 | | * single thread. In DEBUG builds, this is enforced. In non-DEBUG builds, |
235 | | * it is not. In DEBUG builds, when a thread gets a mark from an |
236 | | * ArenaPool, no other thread may acquire a mark in that ArenaPool while |
237 | | * that mark exists, that is, until that mark is unmarked or released. |
238 | | * Therefore, it is important that every mark be unmarked or released when |
239 | | * the creating thread has no further need for exclusive ownership of the |
240 | | * right to manage the ArenaPool. |
241 | | * |
242 | | * The ArenaUnmark function discards the ArenaMark at the address given, |
243 | | * and all marks nested inside that mark (that is, acquired from that same |
244 | | * ArenaPool while that mark existed). It is an error for a thread other |
245 | | * than the mark's creator to try to unmark it. When a thread has unmarked |
246 | | * all its marks from an ArenaPool, then another thread is able to set |
247 | | * marks in that ArenaPool. ArenaUnmark does not deallocate (or "pop") any |
248 | | * memory allocated from the ArenaPool since the mark was created. |
249 | | * |
250 | | * ArenaRelease "pops" the stack back to the mark, deallocating all the |
251 | | * memory allocated from the arenas in the ArenaPool since that mark was |
252 | | * created, and removing any arenas from the ArenaPool that have no |
253 | | * remaining active allocations when that is done. It implicitly releases |
254 | | * any marks nested inside the mark being explicitly released. It is the |
255 | | * only operation, other than destroying the arenapool, that potentially |
256 | | * reduces the number of arenas on the stack. Otherwise, the stack grows |
257 | | * until the arenapool is destroyed, at which point all the arenas are |
258 | | * freed or returned to a "free arena list", depending on their sizes. |
259 | | */ |
260 | | PLArenaPool * |
261 | | PORT_NewArena(unsigned long chunksize) |
262 | 0 | { |
263 | 0 | PORTArenaPool *pool; |
264 | 0 |
|
265 | 0 | if (chunksize > MAX_SIZE) { |
266 | 0 | PORT_SetError(SEC_ERROR_NO_MEMORY); |
267 | 0 | return NULL; |
268 | 0 | } |
269 | 0 | pool = PORT_ZNew(PORTArenaPool); |
270 | 0 | if (!pool) { |
271 | 0 | return NULL; |
272 | 0 | } |
273 | 0 | pool->magic = ARENAPOOL_MAGIC; |
274 | 0 | pool->lock = PZ_NewLock(nssILockArena); |
275 | 0 | if (!pool->lock) { |
276 | 0 | PORT_Free(pool); |
277 | 0 | return NULL; |
278 | 0 | } |
279 | 0 | PL_InitArenaPool(&pool->arena, "security", chunksize, sizeof(double)); |
280 | 0 | return (&pool->arena); |
281 | 0 | } |
282 | | |
283 | | void |
284 | | PORT_InitCheapArena(PORTCheapArenaPool *pool, unsigned long chunksize) |
285 | 0 | { |
286 | 0 | pool->magic = CHEAP_ARENAPOOL_MAGIC; |
287 | 0 | PL_InitArenaPool(&pool->arena, "security", chunksize, sizeof(double)); |
288 | 0 | } |
289 | | |
290 | | void * |
291 | | PORT_ArenaAlloc(PLArenaPool *arena, size_t size) |
292 | 0 | { |
293 | 0 | void *p = NULL; |
294 | 0 |
|
295 | 0 | PORTArenaPool *pool = (PORTArenaPool *)arena; |
296 | 0 |
|
297 | 0 | if (size <= 0) { |
298 | 0 | size = 1; |
299 | 0 | } |
300 | 0 |
|
301 | 0 | if (size > MAX_SIZE) { |
302 | 0 | /* you lose. */ |
303 | 0 | } else |
304 | 0 | /* Is it one of ours? Assume so and check the magic */ |
305 | 0 | if (ARENAPOOL_MAGIC == pool->magic) { |
306 | 0 | PZ_Lock(pool->lock); |
307 | | #ifdef THREADMARK |
308 | | /* Most likely one of ours. Is there a thread id? */ |
309 | | if (pool->marking_thread && |
310 | | pool->marking_thread != PR_GetCurrentThread()) { |
311 | | /* Another thread holds a mark in this arena */ |
312 | | PZ_Unlock(pool->lock); |
313 | | PORT_SetError(SEC_ERROR_NO_MEMORY); |
314 | | PORT_Assert(0); |
315 | | return NULL; |
316 | | } /* tid != null */ |
317 | | #endif /* THREADMARK */ |
318 | 0 | PL_ARENA_ALLOCATE(p, arena, size); |
319 | 0 | PZ_Unlock(pool->lock); |
320 | 0 | } else { |
321 | 0 | PL_ARENA_ALLOCATE(p, arena, size); |
322 | 0 | } |
323 | 0 |
|
324 | 0 | if (!p) { |
325 | 0 | PORT_SetError(SEC_ERROR_NO_MEMORY); |
326 | 0 | } |
327 | 0 |
|
328 | 0 | return (p); |
329 | 0 | } |
330 | | |
331 | | void * |
332 | | PORT_ArenaZAlloc(PLArenaPool *arena, size_t size) |
333 | 0 | { |
334 | 0 | void *p; |
335 | 0 |
|
336 | 0 | if (size <= 0) |
337 | 0 | size = 1; |
338 | 0 |
|
339 | 0 | p = PORT_ArenaAlloc(arena, size); |
340 | 0 |
|
341 | 0 | if (p) { |
342 | 0 | PORT_Memset(p, 0, size); |
343 | 0 | } |
344 | 0 |
|
345 | 0 | return (p); |
346 | 0 | } |
347 | | |
348 | | static PRCallOnceType setupUseFreeListOnce; |
349 | | static PRBool useFreeList; |
350 | | |
351 | | static PRStatus |
352 | | SetupUseFreeList(void) |
353 | 0 | { |
354 | 0 | useFreeList = (PR_GetEnvSecure("NSS_DISABLE_ARENA_FREE_LIST") == NULL); |
355 | 0 | return PR_SUCCESS; |
356 | 0 | } |
357 | | |
358 | | /* |
359 | | * If zero is true, zeroize the arena memory before freeing it. |
360 | | */ |
361 | | void |
362 | | PORT_FreeArena(PLArenaPool *arena, PRBool zero) |
363 | 0 | { |
364 | 0 | PORTArenaPool *pool = (PORTArenaPool *)arena; |
365 | 0 | PRLock *lock = (PRLock *)0; |
366 | 0 | size_t len = sizeof *arena; |
367 | 0 |
|
368 | 0 | if (!pool) |
369 | 0 | return; |
370 | 0 | if (ARENAPOOL_MAGIC == pool->magic) { |
371 | 0 | len = sizeof *pool; |
372 | 0 | lock = pool->lock; |
373 | 0 | PZ_Lock(lock); |
374 | 0 | } |
375 | 0 | if (zero) { |
376 | 0 | PL_ClearArenaPool(arena, 0); |
377 | 0 | } |
378 | 0 | (void)PR_CallOnce(&setupUseFreeListOnce, &SetupUseFreeList); |
379 | 0 | if (useFreeList) { |
380 | 0 | PL_FreeArenaPool(arena); |
381 | 0 | } else { |
382 | 0 | PL_FinishArenaPool(arena); |
383 | 0 | } |
384 | 0 | PORT_ZFree(arena, len); |
385 | 0 | if (lock) { |
386 | 0 | PZ_Unlock(lock); |
387 | 0 | PZ_DestroyLock(lock); |
388 | 0 | } |
389 | 0 | } |
390 | | |
391 | | void |
392 | | PORT_DestroyCheapArena(PORTCheapArenaPool *pool) |
393 | 0 | { |
394 | 0 | (void)PR_CallOnce(&setupUseFreeListOnce, &SetupUseFreeList); |
395 | 0 | if (useFreeList) { |
396 | 0 | PL_FreeArenaPool(&pool->arena); |
397 | 0 | } else { |
398 | 0 | PL_FinishArenaPool(&pool->arena); |
399 | 0 | } |
400 | 0 | } |
401 | | |
402 | | void * |
403 | | PORT_ArenaGrow(PLArenaPool *arena, void *ptr, size_t oldsize, size_t newsize) |
404 | 0 | { |
405 | 0 | PORTArenaPool *pool = (PORTArenaPool *)arena; |
406 | 0 | PORT_Assert(newsize >= oldsize); |
407 | 0 |
|
408 | 0 | if (newsize > MAX_SIZE) { |
409 | 0 | PORT_SetError(SEC_ERROR_NO_MEMORY); |
410 | 0 | return NULL; |
411 | 0 | } |
412 | 0 |
|
413 | 0 | if (ARENAPOOL_MAGIC == pool->magic) { |
414 | 0 | PZ_Lock(pool->lock); |
415 | 0 | /* Do we do a THREADMARK check here? */ |
416 | 0 | PL_ARENA_GROW(ptr, arena, oldsize, (newsize - oldsize)); |
417 | 0 | PZ_Unlock(pool->lock); |
418 | 0 | } else { |
419 | 0 | PL_ARENA_GROW(ptr, arena, oldsize, (newsize - oldsize)); |
420 | 0 | } |
421 | 0 |
|
422 | 0 | return (ptr); |
423 | 0 | } |
424 | | |
425 | | void * |
426 | | PORT_ArenaMark(PLArenaPool *arena) |
427 | 0 | { |
428 | 0 | void *result; |
429 | 0 |
|
430 | 0 | PORTArenaPool *pool = (PORTArenaPool *)arena; |
431 | 0 | if (ARENAPOOL_MAGIC == pool->magic) { |
432 | 0 | PZ_Lock(pool->lock); |
433 | | #ifdef THREADMARK |
434 | | { |
435 | | threadmark_mark *tm, **pw; |
436 | | PRThread *currentThread = PR_GetCurrentThread(); |
437 | | |
438 | | if (!pool->marking_thread) { |
439 | | /* First mark */ |
440 | | pool->marking_thread = currentThread; |
441 | | } else if (currentThread != pool->marking_thread) { |
442 | | PZ_Unlock(pool->lock); |
443 | | PORT_SetError(SEC_ERROR_NO_MEMORY); |
444 | | PORT_Assert(0); |
445 | | return NULL; |
446 | | } |
447 | | |
448 | | result = PL_ARENA_MARK(arena); |
449 | | PL_ARENA_ALLOCATE(tm, arena, sizeof(threadmark_mark)); |
450 | | if (!tm) { |
451 | | PZ_Unlock(pool->lock); |
452 | | PORT_SetError(SEC_ERROR_NO_MEMORY); |
453 | | return NULL; |
454 | | } |
455 | | |
456 | | tm->mark = result; |
457 | | tm->next = (threadmark_mark *)NULL; |
458 | | |
459 | | pw = &pool->first_mark; |
460 | | while (*pw) { |
461 | | pw = &(*pw)->next; |
462 | | } |
463 | | |
464 | | *pw = tm; |
465 | | } |
466 | | #else /* THREADMARK */ |
467 | 0 | result = PL_ARENA_MARK(arena); |
468 | 0 | #endif /* THREADMARK */ |
469 | 0 | PZ_Unlock(pool->lock); |
470 | 0 | } else { |
471 | 0 | /* a "pure" NSPR arena */ |
472 | 0 | result = PL_ARENA_MARK(arena); |
473 | 0 | } |
474 | 0 | return result; |
475 | 0 | } |
476 | | |
477 | | /* |
478 | | * This function accesses the internals of PLArena, which is why it needs |
479 | | * to use the NSPR internal macro PL_MAKE_MEM_UNDEFINED before the memset |
480 | | * calls. |
481 | | * |
482 | | * We should move this function to NSPR as PL_ClearArenaAfterMark or add |
483 | | * a PL_ARENA_CLEAR_AND_RELEASE macro. |
484 | | * |
485 | | * TODO: remove the #ifdef PL_MAKE_MEM_UNDEFINED tests when NSPR 4.10+ is |
486 | | * widely available. |
487 | | */ |
488 | | static void |
489 | | port_ArenaZeroAfterMark(PLArenaPool *arena, void *mark) |
490 | 0 | { |
491 | 0 | PLArena *a = arena->current; |
492 | 0 | if (a->base <= (PRUword)mark && (PRUword)mark <= a->avail) { |
493 | 0 | /* fast path: mark falls in the current arena */ |
494 | 0 | #ifdef PL_MAKE_MEM_UNDEFINED |
495 | 0 | PL_MAKE_MEM_UNDEFINED(mark, a->avail - (PRUword)mark); |
496 | 0 | #endif |
497 | 0 | memset(mark, 0, a->avail - (PRUword)mark); |
498 | 0 | } else { |
499 | 0 | /* slow path: need to find the arena that mark falls in */ |
500 | 0 | for (a = arena->first.next; a; a = a->next) { |
501 | 0 | PR_ASSERT(a->base <= a->avail && a->avail <= a->limit); |
502 | 0 | if (a->base <= (PRUword)mark && (PRUword)mark <= a->avail) { |
503 | 0 | #ifdef PL_MAKE_MEM_UNDEFINED |
504 | 0 | PL_MAKE_MEM_UNDEFINED(mark, a->avail - (PRUword)mark); |
505 | 0 | #endif |
506 | 0 | memset(mark, 0, a->avail - (PRUword)mark); |
507 | 0 | a = a->next; |
508 | 0 | break; |
509 | 0 | } |
510 | 0 | } |
511 | 0 | for (; a; a = a->next) { |
512 | 0 | PR_ASSERT(a->base <= a->avail && a->avail <= a->limit); |
513 | 0 | #ifdef PL_MAKE_MEM_UNDEFINED |
514 | 0 | PL_MAKE_MEM_UNDEFINED((void *)a->base, a->avail - a->base); |
515 | 0 | #endif |
516 | 0 | memset((void *)a->base, 0, a->avail - a->base); |
517 | 0 | } |
518 | 0 | } |
519 | 0 | } |
520 | | |
521 | | static void |
522 | | port_ArenaRelease(PLArenaPool *arena, void *mark, PRBool zero) |
523 | 0 | { |
524 | 0 | PORTArenaPool *pool = (PORTArenaPool *)arena; |
525 | 0 | if (ARENAPOOL_MAGIC == pool->magic) { |
526 | 0 | PZ_Lock(pool->lock); |
527 | | #ifdef THREADMARK |
528 | | { |
529 | | threadmark_mark **pw; |
530 | | |
531 | | if (PR_GetCurrentThread() != pool->marking_thread) { |
532 | | PZ_Unlock(pool->lock); |
533 | | PORT_SetError(SEC_ERROR_NO_MEMORY); |
534 | | PORT_Assert(0); |
535 | | return /* no error indication available */; |
536 | | } |
537 | | |
538 | | pw = &pool->first_mark; |
539 | | while (*pw && (mark != (*pw)->mark)) { |
540 | | pw = &(*pw)->next; |
541 | | } |
542 | | |
543 | | if (!*pw) { |
544 | | /* bad mark */ |
545 | | PZ_Unlock(pool->lock); |
546 | | PORT_SetError(SEC_ERROR_NO_MEMORY); |
547 | | PORT_Assert(0); |
548 | | return /* no error indication available */; |
549 | | } |
550 | | |
551 | | *pw = (threadmark_mark *)NULL; |
552 | | |
553 | | if (zero) { |
554 | | port_ArenaZeroAfterMark(arena, mark); |
555 | | } |
556 | | PL_ARENA_RELEASE(arena, mark); |
557 | | |
558 | | if (!pool->first_mark) { |
559 | | pool->marking_thread = (PRThread *)NULL; |
560 | | } |
561 | | } |
562 | | #else /* THREADMARK */ |
563 | 0 | if (zero) { |
564 | 0 | port_ArenaZeroAfterMark(arena, mark); |
565 | 0 | } |
566 | 0 | PL_ARENA_RELEASE(arena, mark); |
567 | 0 | #endif /* THREADMARK */ |
568 | 0 | PZ_Unlock(pool->lock); |
569 | 0 | } else { |
570 | 0 | if (zero) { |
571 | 0 | port_ArenaZeroAfterMark(arena, mark); |
572 | 0 | } |
573 | 0 | PL_ARENA_RELEASE(arena, mark); |
574 | 0 | } |
575 | 0 | } |
576 | | |
577 | | void |
578 | | PORT_ArenaRelease(PLArenaPool *arena, void *mark) |
579 | 0 | { |
580 | 0 | port_ArenaRelease(arena, mark, PR_FALSE); |
581 | 0 | } |
582 | | |
583 | | /* |
584 | | * Zeroize the arena memory before releasing it. |
585 | | */ |
586 | | void |
587 | | PORT_ArenaZRelease(PLArenaPool *arena, void *mark) |
588 | 0 | { |
589 | 0 | port_ArenaRelease(arena, mark, PR_TRUE); |
590 | 0 | } |
591 | | |
592 | | void |
593 | | PORT_ArenaUnmark(PLArenaPool *arena, void *mark) |
594 | 0 | { |
595 | | #ifdef THREADMARK |
596 | | PORTArenaPool *pool = (PORTArenaPool *)arena; |
597 | | if (ARENAPOOL_MAGIC == pool->magic) { |
598 | | threadmark_mark **pw; |
599 | | |
600 | | PZ_Lock(pool->lock); |
601 | | |
602 | | if (PR_GetCurrentThread() != pool->marking_thread) { |
603 | | PZ_Unlock(pool->lock); |
604 | | PORT_SetError(SEC_ERROR_NO_MEMORY); |
605 | | PORT_Assert(0); |
606 | | return /* no error indication available */; |
607 | | } |
608 | | |
609 | | pw = &pool->first_mark; |
610 | | while (((threadmark_mark *)NULL != *pw) && (mark != (*pw)->mark)) { |
611 | | pw = &(*pw)->next; |
612 | | } |
613 | | |
614 | | if ((threadmark_mark *)NULL == *pw) { |
615 | | /* bad mark */ |
616 | | PZ_Unlock(pool->lock); |
617 | | PORT_SetError(SEC_ERROR_NO_MEMORY); |
618 | | PORT_Assert(0); |
619 | | return /* no error indication available */; |
620 | | } |
621 | | |
622 | | *pw = (threadmark_mark *)NULL; |
623 | | |
624 | | if (!pool->first_mark) { |
625 | | pool->marking_thread = (PRThread *)NULL; |
626 | | } |
627 | | |
628 | | PZ_Unlock(pool->lock); |
629 | | } |
630 | | #endif /* THREADMARK */ |
631 | | } |
632 | | |
633 | | char * |
634 | | PORT_ArenaStrdup(PLArenaPool *arena, const char *str) |
635 | 0 | { |
636 | 0 | int len = PORT_Strlen(str) + 1; |
637 | 0 | char *newstr; |
638 | 0 |
|
639 | 0 | newstr = (char *)PORT_ArenaAlloc(arena, len); |
640 | 0 | if (newstr) { |
641 | 0 | PORT_Memcpy(newstr, str, len); |
642 | 0 | } |
643 | 0 | return newstr; |
644 | 0 | } |
645 | | |
646 | | /********************** end of arena functions ***********************/ |
647 | | |
648 | | /****************** unicode conversion functions ***********************/ |
649 | | /* |
650 | | * NOTE: These conversion functions all assume that the multibyte |
651 | | * characters are going to be in NETWORK BYTE ORDER, not host byte |
652 | | * order. This is because the only time we deal with UCS-2 and UCS-4 |
653 | | * are when the data was received from or is going to be sent out |
654 | | * over the wire (in, e.g. certificates). |
655 | | */ |
656 | | |
657 | | void |
658 | | PORT_SetUCS4_UTF8ConversionFunction(PORTCharConversionFunc convFunc) |
659 | 0 | { |
660 | 0 | ucs4Utf8ConvertFunc = convFunc; |
661 | 0 | } |
662 | | |
663 | | void |
664 | | PORT_SetUCS2_ASCIIConversionFunction(PORTCharConversionWSwapFunc convFunc) |
665 | 0 | { |
666 | 0 | ucs2AsciiConvertFunc = convFunc; |
667 | 0 | } |
668 | | |
669 | | void |
670 | | PORT_SetUCS2_UTF8ConversionFunction(PORTCharConversionFunc convFunc) |
671 | 0 | { |
672 | 0 | ucs2Utf8ConvertFunc = convFunc; |
673 | 0 | } |
674 | | |
675 | | PRBool |
676 | | PORT_UCS4_UTF8Conversion(PRBool toUnicode, unsigned char *inBuf, |
677 | | unsigned int inBufLen, unsigned char *outBuf, |
678 | | unsigned int maxOutBufLen, unsigned int *outBufLen) |
679 | 0 | { |
680 | 0 | if (!ucs4Utf8ConvertFunc) { |
681 | 0 | return sec_port_ucs4_utf8_conversion_function(toUnicode, |
682 | 0 | inBuf, inBufLen, outBuf, maxOutBufLen, outBufLen); |
683 | 0 | } |
684 | 0 | |
685 | 0 | return (*ucs4Utf8ConvertFunc)(toUnicode, inBuf, inBufLen, outBuf, |
686 | 0 | maxOutBufLen, outBufLen); |
687 | 0 | } |
688 | | |
689 | | PRBool |
690 | | PORT_UCS2_UTF8Conversion(PRBool toUnicode, unsigned char *inBuf, |
691 | | unsigned int inBufLen, unsigned char *outBuf, |
692 | | unsigned int maxOutBufLen, unsigned int *outBufLen) |
693 | 0 | { |
694 | 0 | if (!ucs2Utf8ConvertFunc) { |
695 | 0 | return sec_port_ucs2_utf8_conversion_function(toUnicode, |
696 | 0 | inBuf, inBufLen, outBuf, maxOutBufLen, outBufLen); |
697 | 0 | } |
698 | 0 | |
699 | 0 | return (*ucs2Utf8ConvertFunc)(toUnicode, inBuf, inBufLen, outBuf, |
700 | 0 | maxOutBufLen, outBufLen); |
701 | 0 | } |
702 | | |
703 | | PRBool |
704 | | PORT_ISO88591_UTF8Conversion(const unsigned char *inBuf, |
705 | | unsigned int inBufLen, unsigned char *outBuf, |
706 | | unsigned int maxOutBufLen, unsigned int *outBufLen) |
707 | 0 | { |
708 | 0 | return sec_port_iso88591_utf8_conversion_function(inBuf, inBufLen, |
709 | 0 | outBuf, maxOutBufLen, outBufLen); |
710 | 0 | } |
711 | | |
712 | | PRBool |
713 | | PORT_UCS2_ASCIIConversion(PRBool toUnicode, unsigned char *inBuf, |
714 | | unsigned int inBufLen, unsigned char *outBuf, |
715 | | unsigned int maxOutBufLen, unsigned int *outBufLen, |
716 | | PRBool swapBytes) |
717 | 0 | { |
718 | 0 | if (!ucs2AsciiConvertFunc) { |
719 | 0 | return PR_FALSE; |
720 | 0 | } |
721 | 0 |
|
722 | 0 | return (*ucs2AsciiConvertFunc)(toUnicode, inBuf, inBufLen, outBuf, |
723 | 0 | maxOutBufLen, outBufLen, swapBytes); |
724 | 0 | } |
725 | | |
726 | | /* Portable putenv. Creates/replaces an environment variable of the form |
727 | | * envVarName=envValue |
728 | | */ |
729 | | int |
730 | | NSS_PutEnv(const char *envVarName, const char *envValue) |
731 | 0 | { |
732 | 0 | SECStatus result = SECSuccess; |
733 | 0 | char *encoded; |
734 | 0 | int putEnvFailed; |
735 | | #ifdef _WIN32 |
736 | | PRBool setOK; |
737 | | |
738 | | setOK = SetEnvironmentVariable(envVarName, envValue); |
739 | | if (!setOK) { |
740 | | SET_ERROR_CODE |
741 | | return SECFailure; |
742 | | } |
743 | | #endif |
744 | |
|
745 | 0 | encoded = (char *)PORT_ZAlloc(strlen(envVarName) + 2 + strlen(envValue)); |
746 | 0 | if (!encoded) { |
747 | 0 | return SECFailure; |
748 | 0 | } |
749 | 0 | strcpy(encoded, envVarName); |
750 | 0 | strcat(encoded, "="); |
751 | 0 | strcat(encoded, envValue); |
752 | 0 |
|
753 | 0 | putEnvFailed = putenv(encoded); /* adopt. */ |
754 | 0 | if (putEnvFailed) { |
755 | 0 | SET_ERROR_CODE |
756 | 0 | result = SECFailure; |
757 | 0 | PORT_Free(encoded); |
758 | 0 | } |
759 | 0 | return result; |
760 | 0 | } |
761 | | |
762 | | /* |
763 | | * Perform a constant-time compare of two memory regions. The return value is |
764 | | * 0 if the memory regions are equal and non-zero otherwise. |
765 | | */ |
766 | | int |
767 | | NSS_SecureMemcmp(const void *ia, const void *ib, size_t n) |
768 | 0 | { |
769 | 0 | const unsigned char *a = (const unsigned char *)ia; |
770 | 0 | const unsigned char *b = (const unsigned char *)ib; |
771 | 0 | size_t i; |
772 | 0 | unsigned char r = 0; |
773 | 0 |
|
774 | 0 | for (i = 0; i < n; ++i) { |
775 | 0 | r |= *a++ ^ *b++; |
776 | 0 | } |
777 | 0 |
|
778 | 0 | return r; |
779 | 0 | } |
780 | | |
781 | | /* |
782 | | * Perform a constant-time check if a memory region is all 0. The return value |
783 | | * is 0 if the memory region is all zero. |
784 | | */ |
785 | | unsigned int |
786 | | NSS_SecureMemcmpZero(const void *mem, size_t n) |
787 | 0 | { |
788 | 0 | PRUint8 zero = 0; |
789 | 0 | size_t i; |
790 | 0 | for (i = 0; i < n; ++i) { |
791 | 0 | zero |= *(PRUint8 *)((uintptr_t)mem + i); |
792 | 0 | } |
793 | 0 | return zero; |
794 | 0 | } |