/src/open62541/tests/fuzz/custom_memory_manager.c

Source (jump to first uncovered line)
/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
 *
 *    Copyright 2018 (c) Stefan Profanter, fortiss GmbH
 */

/**
 * This memory manager allows to manually reduce the available RAM.
 *
 * It keeps track of malloc and free calls and counts the available RAM.
 * If the requested memory allocation results in hitting the limit,
 * it will return NULL and prevent the new allocation.
 */

#include "custom_memory_manager.h"
#include <stdlib.h>
#include <stdio.h>
#include <stdint.h>
#include <limits.h>

#include <pthread.h>

pthread_mutex_t mutex;

struct UA_mm_entry {
    size_t size;
    void* address;
    struct UA_mm_entry *next;
    struct UA_mm_entry *prev;
};

unsigned long long totalMemorySize = 0;
unsigned long long memoryLimit = ULONG_MAX;

/* Head and Tail of the double linked list */
struct UA_mm_entry *address_map_first = NULL;
struct UA_mm_entry *address_map_last = NULL;

/**
 * Add address entry to the linked list after it was allocated.
 *
 * @param size Size of the allocated memory block
 * @param addr Address of the allocated memory block
 * @return 1 on success, 0 if it failed
 */
static int addToMap(size_t size, void *addr) {
    struct UA_mm_entry *newEntry = (struct UA_mm_entry*)malloc(sizeof(struct UA_mm_entry));
    if(!newEntry) {
        //printf("MemoryManager: Could not allocate memory");
        return 0;
    }
    newEntry->size = size;
    newEntry->address = addr;
    newEntry->next = NULL;
    pthread_mutex_lock(&mutex);
    newEntry->prev = address_map_last;
    if(address_map_last)
        address_map_last->next = newEntry;
    address_map_last = newEntry;
    totalMemorySize += size;
    if(address_map_first == NULL)
        address_map_first = newEntry;
    pthread_mutex_unlock(&mutex);
    //printf("Total size (malloc): %lld And new address: %p Entry %p\n", totalMemorySize, addr, (void*)newEntry);

    return 1;
}

/**
 * Remove entry from the list before the memory block is freed.
 *
 * @param addr Address of the memory block which is freed.
 *
 * @return 1 on success, 0 if the memory block was not found in the list.
 */
static int removeFromMap(void *addr) {
    if(addr == NULL)
        return 1;

    pthread_mutex_lock(&mutex);

    struct UA_mm_entry *e = address_map_last;

    while (e) {
        if(e->address == addr) {
            if(e == address_map_first)
                address_map_first = e->next;
            if(e == address_map_last)
                address_map_last = e->prev;
            if(e->prev)
                e->prev->next = e->next;
            if(e->next)
                e->next->prev = e->prev;
            totalMemorySize -= e->size;

            //printf("Total size (free): %lld after addr %p and deleting %p\n", totalMemorySize, addr, (void*)e);
            free(e);
            pthread_mutex_unlock(&mutex);
            return 1;
        }
        e = e->prev;
    }
    pthread_mutex_unlock(&mutex);
    //printf("MemoryManager: Entry with address %p not found", addr);
    return 0;
}

static void *UA_memoryManager_malloc(size_t size) {
    if(totalMemorySize + size > memoryLimit)
        return NULL;
    void *addr = malloc(size);
    if(!addr)
        return NULL;
    addToMap(size, addr);
    return addr;
}

static void *UA_memoryManager_calloc(size_t num, size_t size) {
    if(totalMemorySize + (size * num) > memoryLimit)
        return NULL;
    void *addr = calloc(num, size);
    if(!addr)
        return NULL;
    addToMap(size*num, addr);
    return addr;
}

static void *UA_memoryManager_realloc(void *ptr, size_t new_size) {
    removeFromMap(ptr);
    if(totalMemorySize + new_size > memoryLimit)
        return NULL;
    void *addr = realloc(ptr, new_size);
    if(!addr)
        return NULL;
    addToMap(new_size, addr);
    return addr;

}

static void UA_memoryManager_free(void* ptr) {
    removeFromMap(ptr);
    free(ptr);
}

void UA_memoryManager_setLimit(unsigned long long newLimit) {
    memoryLimit = newLimit;
    //printf("MemoryManager: Setting memory limit to %lld\n", newLimit);

    UA_mallocSingleton = UA_memoryManager_malloc;
    UA_freeSingleton = UA_memoryManager_free;
    UA_callocSingleton = UA_memoryManager_calloc;
    UA_reallocSingleton = UA_memoryManager_realloc;
}

int UA_memoryManager_setLimitFromLast4Bytes(const uint8_t *data, size_t size) {
    UA_mallocSingleton = UA_memoryManager_malloc;
    UA_freeSingleton = UA_memoryManager_free;
    UA_callocSingleton = UA_memoryManager_calloc;
    UA_reallocSingleton = UA_memoryManager_realloc;
    if(size <4)
        return 0;
    // just cast the last 4 bytes to uint32
    const uint32_t *newLimit = (const uint32_t*)(uintptr_t)&(data[size-4]);
    uint32_t limit;
    // use memcopy to avoid asan complaining on misaligned memory
    memcpy(&limit, newLimit, sizeof(uint32_t));
    memoryLimit = limit;
    return 1;
}

Line	Count	Source (jump to first uncovered line)
1		/* This Source Code Form is subject to the terms of the Mozilla Public
2		* License, v. 2.0. If a copy of the MPL was not distributed with this
3		* file, You can obtain one at http://mozilla.org/MPL/2.0/.
4		*
5		* Copyright 2018 (c) Stefan Profanter, fortiss GmbH
6		*/
7
8		/**
9		* This memory manager allows to manually reduce the available RAM.
10		*
11		* It keeps track of malloc and free calls and counts the available RAM.
12		* If the requested memory allocation results in hitting the limit,
13		* it will return NULL and prevent the new allocation.
14		*/
15
16		#include "custom_memory_manager.h"
17		#include <stdlib.h>
18		#include <stdio.h>
19		#include <stdint.h>
20		#include <limits.h>
21
22		#include <pthread.h>
23
24		pthread_mutex_t mutex;
25
26		struct UA_mm_entry {
27		size_t size;
28		void* address;
29		struct UA_mm_entry *next;
30		struct UA_mm_entry *prev;
31		};
32
33		unsigned long long totalMemorySize = 0;
34		unsigned long long memoryLimit = ULONG_MAX;
35
36		/* Head and Tail of the double linked list */
37		struct UA_mm_entry *address_map_first = NULL;
38		struct UA_mm_entry *address_map_last = NULL;
39
40		/**
41		* Add address entry to the linked list after it was allocated.
42		*
43		* @param size Size of the allocated memory block
44		* @param addr Address of the allocated memory block
45		* @return 1 on success, 0 if it failed
46		*/
47	8.87M	static int addToMap(size_t size, void *addr) {
48	8.87M	struct UA_mm_entry newEntry = (struct UA_mm_entry)malloc(sizeof(struct UA_mm_entry));
49	8.87M	if(!newEntry) {
50		//printf("MemoryManager: Could not allocate memory");
51	0	return 0;
52	0	}
53	8.87M	newEntry->size = size;
54	8.87M	newEntry->address = addr;
55	8.87M	newEntry->next = NULL;
56	8.87M	pthread_mutex_lock(&mutex);
57	8.87M	newEntry->prev = address_map_last;
58	8.87M	if(address_map_last)
59	8.86M	address_map_last->next = newEntry;
60	8.87M	address_map_last = newEntry;
61	8.87M	totalMemorySize += size;
62	8.87M	if(address_map_first == NULL)
63	3.24k	address_map_first = newEntry;
64	8.87M	pthread_mutex_unlock(&mutex);
65		//printf("Total size (malloc): %lld And new address: %p Entry %p\n", totalMemorySize, addr, (void*)newEntry);
66
67	8.87M	return 1;
68	8.87M	}
69
70		/**
71		* Remove entry from the list before the memory block is freed.
72		*
73		* @param addr Address of the memory block which is freed.
74		*
75		* @return 1 on success, 0 if the memory block was not found in the list.
76		*/
77	28.2M	static int removeFromMap(void *addr) {
78	28.2M	if(addr == NULL)
79	19.3M	return 1;
80
81	8.87M	pthread_mutex_lock(&mutex);
82
83	8.87M	struct UA_mm_entry *e = address_map_last;
84
85	4.56G	while (e) {
86	4.56G	if(e->address == addr) {
87	8.87M	if(e == address_map_first)
88	4.76k	address_map_first = e->next;
89	8.87M	if(e == address_map_last)
90	1.54M	address_map_last = e->prev;
91	8.87M	if(e->prev)
92	8.86M	e->prev->next = e->next;
93	8.87M	if(e->next)
94	7.32M	e->next->prev = e->prev;
95	8.87M	totalMemorySize -= e->size;
96
97		//printf("Total size (free): %lld after addr %p and deleting %p\n", totalMemorySize, addr, (void*)e);
98	8.87M	free(e);
99	8.87M	pthread_mutex_unlock(&mutex);
100	8.87M	return 1;
101	8.87M	}
102	4.55G	e = e->prev;
103	4.55G	}
104	3.32k	pthread_mutex_unlock(&mutex);
105		//printf("MemoryManager: Entry with address %p not found", addr);
106	3.32k	return 0;
107	8.87M	}
108
109	1.62M	static void *UA_memoryManager_malloc(size_t size) {
110	1.62M	if(totalMemorySize + size > memoryLimit)
111	141k	return NULL;
112	1.48M	void *addr = malloc(size);
113	1.48M	if(!addr)
114	0	return NULL;
115	1.48M	addToMap(size, addr);
116	1.48M	return addr;
117	1.48M	}
118
119	5.55M	static void *UA_memoryManager_calloc(size_t num, size_t size) {
120	5.55M	if(totalMemorySize + (size * num) > memoryLimit)
121	103k	return NULL;
122	5.45M	void *addr = calloc(num, size);
123	5.45M	if(!addr)
124	0	return NULL;
125	5.45M	addToMap(size*num, addr);
126	5.45M	return addr;
127	5.45M	}
128
129	1.93M	static void UA_memoryManager_realloc(void ptr, size_t new_size) {
130	1.93M	removeFromMap(ptr);
131	1.93M	if(totalMemorySize + new_size > memoryLimit)
132	3.19k	return NULL;
133	1.93M	void *addr = realloc(ptr, new_size);
134	1.93M	if(!addr)
135	0	return NULL;
136	1.93M	addToMap(new_size, addr);
137	1.93M	return addr;
138
139	1.93M	}
140
141	26.2M	static void UA_memoryManager_free(void* ptr) {
142	26.2M	removeFromMap(ptr);
143	26.2M	free(ptr);
144	26.2M	}
145
146	251	void UA_memoryManager_setLimit(unsigned long long newLimit) {
147	251	memoryLimit = newLimit;
148		//printf("MemoryManager: Setting memory limit to %lld\n", newLimit);
149
150	251	UA_mallocSingleton = UA_memoryManager_malloc;
151	251	UA_freeSingleton = UA_memoryManager_free;
152	251	UA_callocSingleton = UA_memoryManager_calloc;
153	251	UA_reallocSingleton = UA_memoryManager_realloc;
154	251	}
155
156	4.15k	int UA_memoryManager_setLimitFromLast4Bytes(const uint8_t *data, size_t size) {
157	4.15k	UA_mallocSingleton = UA_memoryManager_malloc;
158	4.15k	UA_freeSingleton = UA_memoryManager_free;
159	4.15k	UA_callocSingleton = UA_memoryManager_calloc;
160	4.15k	UA_reallocSingleton = UA_memoryManager_realloc;
161	4.15k	if(size <4)
162	109	return 0;
163		// just cast the last 4 bytes to uint32
164	4.04k	const uint32_t newLimit = (const uint32_t)(uintptr_t)&(data[size-4]);
165	4.04k	uint32_t limit;
166		// use memcopy to avoid asan complaining on misaligned memory
167	4.04k	memcpy(&limit, newLimit, sizeof(uint32_t));
168	4.04k	memoryLimit = limit;
169	4.04k	return 1;
170	4.15k	}

Coverage Report

Created: 2024-02-16 06:13