/src/openssl32/crypto/mem.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | #include "internal/e_os.h" |
11 | | #include "internal/cryptlib.h" |
12 | | #include "crypto/cryptlib.h" |
13 | | #include <stdio.h> |
14 | | #include <stdlib.h> |
15 | | #include <limits.h> |
16 | | #include <openssl/crypto.h> |
17 | | |
18 | | /* |
19 | | * the following pointers may be changed as long as 'allow_customize' is set |
20 | | */ |
21 | | static int allow_customize = 1; |
22 | | static CRYPTO_malloc_fn malloc_impl = CRYPTO_malloc; |
23 | | static CRYPTO_realloc_fn realloc_impl = CRYPTO_realloc; |
24 | | static CRYPTO_free_fn free_impl = CRYPTO_free; |
25 | | |
26 | | #if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODULE) |
27 | | # include "internal/tsan_assist.h" |
28 | | |
29 | | # ifdef TSAN_REQUIRES_LOCKING |
30 | | # define INCREMENT(x) /* empty */ |
31 | | # define LOAD(x) 0 |
32 | | # else /* TSAN_REQUIRES_LOCKING */ |
33 | | static TSAN_QUALIFIER int malloc_count; |
34 | | static TSAN_QUALIFIER int realloc_count; |
35 | | static TSAN_QUALIFIER int free_count; |
36 | | |
37 | | # define INCREMENT(x) tsan_counter(&(x)) |
38 | | # define LOAD(x) tsan_load(&x) |
39 | | # endif /* TSAN_REQUIRES_LOCKING */ |
40 | | |
41 | | static char *md_failstring; |
42 | | static long md_count; |
43 | | static int md_fail_percent = 0; |
44 | | static int md_tracefd = -1; |
45 | | |
46 | | static void parseit(void); |
47 | | static int shouldfail(void); |
48 | | |
49 | | # define FAILTEST() if (shouldfail()) return NULL |
50 | | |
51 | | #else |
52 | | |
53 | | # define INCREMENT(x) /* empty */ |
54 | | # define FAILTEST() /* empty */ |
55 | | #endif |
56 | | |
57 | | int CRYPTO_set_mem_functions(CRYPTO_malloc_fn malloc_fn, |
58 | | CRYPTO_realloc_fn realloc_fn, |
59 | | CRYPTO_free_fn free_fn) |
60 | 0 | { |
61 | 0 | if (!allow_customize) |
62 | 0 | return 0; |
63 | 0 | if (malloc_fn != NULL) |
64 | 0 | malloc_impl = malloc_fn; |
65 | 0 | if (realloc_fn != NULL) |
66 | 0 | realloc_impl = realloc_fn; |
67 | 0 | if (free_fn != NULL) |
68 | 0 | free_impl = free_fn; |
69 | 0 | return 1; |
70 | 0 | } |
71 | | |
72 | | void CRYPTO_get_mem_functions(CRYPTO_malloc_fn *malloc_fn, |
73 | | CRYPTO_realloc_fn *realloc_fn, |
74 | | CRYPTO_free_fn *free_fn) |
75 | 0 | { |
76 | 0 | if (malloc_fn != NULL) |
77 | 0 | *malloc_fn = malloc_impl; |
78 | 0 | if (realloc_fn != NULL) |
79 | 0 | *realloc_fn = realloc_impl; |
80 | 0 | if (free_fn != NULL) |
81 | 0 | *free_fn = free_impl; |
82 | 0 | } |
83 | | |
84 | | #if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODULE) |
85 | | void CRYPTO_get_alloc_counts(int *mcount, int *rcount, int *fcount) |
86 | | { |
87 | | if (mcount != NULL) |
88 | | *mcount = LOAD(malloc_count); |
89 | | if (rcount != NULL) |
90 | | *rcount = LOAD(realloc_count); |
91 | | if (fcount != NULL) |
92 | | *fcount = LOAD(free_count); |
93 | | } |
94 | | |
95 | | /* |
96 | | * Parse a "malloc failure spec" string. This likes like a set of fields |
97 | | * separated by semicolons. Each field has a count and an optional failure |
98 | | * percentage. For example: |
99 | | * 100@0;100@25;0@0 |
100 | | * or 100;100@25;0 |
101 | | * This means 100 mallocs succeed, then next 100 fail 25% of the time, and |
102 | | * all remaining (count is zero) succeed. |
103 | | * The failure percentge can have 2 digits after the comma. For example: |
104 | | * 0@0.01 |
105 | | * This means 0.01% of all allocations will fail. |
106 | | */ |
107 | | static void parseit(void) |
108 | | { |
109 | | char *semi = strchr(md_failstring, ';'); |
110 | | char *atsign; |
111 | | |
112 | | if (semi != NULL) |
113 | | *semi++ = '\0'; |
114 | | |
115 | | /* Get the count (atol will stop at the @ if there), and percentage */ |
116 | | md_count = atol(md_failstring); |
117 | | atsign = strchr(md_failstring, '@'); |
118 | | md_fail_percent = atsign == NULL ? 0 : (int)(atof(atsign + 1) * 100 + 0.5); |
119 | | |
120 | | if (semi != NULL) |
121 | | md_failstring = semi; |
122 | | } |
123 | | |
124 | | /* |
125 | | * Windows doesn't have random() and srandom(), but it has rand() and srand(). |
126 | | * Some rand() implementations aren't good, but we're not |
127 | | * dealing with secure randomness here. |
128 | | */ |
129 | | # ifdef _WIN32 |
130 | | # define random() rand() |
131 | | # define srandom(seed) srand(seed) |
132 | | # endif |
133 | | /* |
134 | | * See if the current malloc should fail. |
135 | | */ |
136 | | static int shouldfail(void) |
137 | | { |
138 | | int roll = (int)(random() % 10000); |
139 | | int shoulditfail = roll < md_fail_percent; |
140 | | # ifndef _WIN32 |
141 | | /* suppressed on Windows as POSIX-like file descriptors are non-inheritable */ |
142 | | int len; |
143 | | char buff[80]; |
144 | | |
145 | | if (md_tracefd > 0) { |
146 | | BIO_snprintf(buff, sizeof(buff), |
147 | | "%c C%ld %%%d R%d\n", |
148 | | shoulditfail ? '-' : '+', md_count, md_fail_percent, roll); |
149 | | len = strlen(buff); |
150 | | if (write(md_tracefd, buff, len) != len) |
151 | | perror("shouldfail write failed"); |
152 | | } |
153 | | # endif |
154 | | |
155 | | if (md_count) { |
156 | | /* If we used up this one, go to the next. */ |
157 | | if (--md_count == 0) |
158 | | parseit(); |
159 | | } |
160 | | |
161 | | return shoulditfail; |
162 | | } |
163 | | |
164 | | void ossl_malloc_setup_failures(void) |
165 | | { |
166 | | const char *cp = getenv("OPENSSL_MALLOC_FAILURES"); |
167 | | |
168 | | if (cp != NULL && (md_failstring = strdup(cp)) != NULL) |
169 | | parseit(); |
170 | | if ((cp = getenv("OPENSSL_MALLOC_FD")) != NULL) |
171 | | md_tracefd = atoi(cp); |
172 | | if ((cp = getenv("OPENSSL_MALLOC_SEED")) != NULL) |
173 | | srandom(atoi(cp)); |
174 | | } |
175 | | #endif |
176 | | |
177 | | void *CRYPTO_malloc(size_t num, const char *file, int line) |
178 | 633M | { |
179 | 633M | void *ptr; |
180 | | |
181 | 633M | INCREMENT(malloc_count); |
182 | 633M | if (malloc_impl != CRYPTO_malloc) { |
183 | 0 | ptr = malloc_impl(num, file, line); |
184 | 0 | if (ptr != NULL || num == 0) |
185 | 0 | return ptr; |
186 | 0 | goto err; |
187 | 0 | } |
188 | | |
189 | 633M | if (num == 0) |
190 | 43 | return NULL; |
191 | | |
192 | 633M | FAILTEST(); |
193 | 633M | if (allow_customize) { |
194 | | /* |
195 | | * Disallow customization after the first allocation. We only set this |
196 | | * if necessary to avoid a store to the same cache line on every |
197 | | * allocation. |
198 | | */ |
199 | 87 | allow_customize = 0; |
200 | 87 | } |
201 | | |
202 | 633M | ptr = malloc(num); |
203 | 633M | if (ptr != NULL) |
204 | 633M | return ptr; |
205 | 0 | err: |
206 | | /* |
207 | | * ossl_err_get_state_int() in err.c uses CRYPTO_zalloc(num, NULL, 0) for |
208 | | * ERR_STATE allocation. Prevent mem alloc error loop while reporting error. |
209 | | */ |
210 | 0 | if (file != NULL || line != 0) { |
211 | 0 | ERR_new(); |
212 | 0 | ERR_set_debug(file, line, NULL); |
213 | 0 | ERR_set_error(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE, NULL); |
214 | 0 | } |
215 | 0 | return NULL; |
216 | 633M | } |
217 | | |
218 | | void *CRYPTO_zalloc(size_t num, const char *file, int line) |
219 | 505M | { |
220 | 505M | void *ret; |
221 | | |
222 | 505M | ret = CRYPTO_malloc(num, file, line); |
223 | 505M | if (ret != NULL) |
224 | 505M | memset(ret, 0, num); |
225 | | |
226 | 505M | return ret; |
227 | 505M | } |
228 | | |
229 | | void *CRYPTO_realloc(void *str, size_t num, const char *file, int line) |
230 | 64.2M | { |
231 | 64.2M | INCREMENT(realloc_count); |
232 | 64.2M | if (realloc_impl != CRYPTO_realloc) |
233 | 0 | return realloc_impl(str, num, file, line); |
234 | | |
235 | 64.2M | if (str == NULL) |
236 | 51.5M | return CRYPTO_malloc(num, file, line); |
237 | | |
238 | 12.6M | if (num == 0) { |
239 | 0 | CRYPTO_free(str, file, line); |
240 | 0 | return NULL; |
241 | 0 | } |
242 | | |
243 | 12.6M | FAILTEST(); |
244 | 12.6M | return realloc(str, num); |
245 | 12.6M | } |
246 | | |
247 | | void *CRYPTO_clear_realloc(void *str, size_t old_len, size_t num, |
248 | | const char *file, int line) |
249 | 23.7M | { |
250 | 23.7M | void *ret = NULL; |
251 | | |
252 | 23.7M | if (str == NULL) |
253 | 11.0M | return CRYPTO_malloc(num, file, line); |
254 | | |
255 | 12.6M | if (num == 0) { |
256 | 0 | CRYPTO_clear_free(str, old_len, file, line); |
257 | 0 | return NULL; |
258 | 0 | } |
259 | | |
260 | | /* Can't shrink the buffer since memcpy below copies |old_len| bytes. */ |
261 | 12.6M | if (num < old_len) { |
262 | 0 | OPENSSL_cleanse((char*)str + num, old_len - num); |
263 | 0 | return str; |
264 | 0 | } |
265 | | |
266 | 12.6M | ret = CRYPTO_malloc(num, file, line); |
267 | 12.6M | if (ret != NULL) { |
268 | 12.6M | memcpy(ret, str, old_len); |
269 | 12.6M | CRYPTO_clear_free(str, old_len, file, line); |
270 | 12.6M | } |
271 | 12.6M | return ret; |
272 | 12.6M | } |
273 | | |
274 | | void CRYPTO_free(void *str, const char *file, int line) |
275 | 3.00G | { |
276 | 3.00G | INCREMENT(free_count); |
277 | 3.00G | if (free_impl != CRYPTO_free) { |
278 | 0 | free_impl(str, file, line); |
279 | 0 | return; |
280 | 0 | } |
281 | | |
282 | 3.00G | free(str); |
283 | 3.00G | } |
284 | | |
285 | | void CRYPTO_clear_free(void *str, size_t num, const char *file, int line) |
286 | 58.0M | { |
287 | 58.0M | if (str == NULL) |
288 | 5.75M | return; |
289 | 52.2M | if (num) |
290 | 52.2M | OPENSSL_cleanse(str, num); |
291 | 52.2M | CRYPTO_free(str, file, line); |
292 | 52.2M | } |
293 | | |
294 | | #if !defined(OPENSSL_NO_CRYPTO_MDEBUG) |
295 | | |
296 | | # ifndef OPENSSL_NO_DEPRECATED_3_0 |
297 | | int CRYPTO_mem_ctrl(int mode) |
298 | | { |
299 | | (void)mode; |
300 | | return -1; |
301 | | } |
302 | | |
303 | | int CRYPTO_set_mem_debug(int flag) |
304 | | { |
305 | | (void)flag; |
306 | | return -1; |
307 | | } |
308 | | |
309 | | int CRYPTO_mem_debug_push(const char *info, const char *file, int line) |
310 | | { |
311 | | (void)info; (void)file; (void)line; |
312 | | return 0; |
313 | | } |
314 | | |
315 | | int CRYPTO_mem_debug_pop(void) |
316 | | { |
317 | | return 0; |
318 | | } |
319 | | |
320 | | void CRYPTO_mem_debug_malloc(void *addr, size_t num, int flag, |
321 | | const char *file, int line) |
322 | | { |
323 | | (void)addr; (void)num; (void)flag; (void)file; (void)line; |
324 | | } |
325 | | |
326 | | void CRYPTO_mem_debug_realloc(void *addr1, void *addr2, size_t num, int flag, |
327 | | const char *file, int line) |
328 | | { |
329 | | (void)addr1; (void)addr2; (void)num; (void)flag; (void)file; (void)line; |
330 | | } |
331 | | |
332 | | void CRYPTO_mem_debug_free(void *addr, int flag, |
333 | | const char *file, int line) |
334 | | { |
335 | | (void)addr; (void)flag; (void)file; (void)line; |
336 | | } |
337 | | |
338 | | int CRYPTO_mem_leaks(BIO *b) |
339 | | { |
340 | | (void)b; |
341 | | return -1; |
342 | | } |
343 | | |
344 | | # ifndef OPENSSL_NO_STDIO |
345 | | int CRYPTO_mem_leaks_fp(FILE *fp) |
346 | | { |
347 | | (void)fp; |
348 | | return -1; |
349 | | } |
350 | | # endif |
351 | | |
352 | | int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u), |
353 | | void *u) |
354 | | { |
355 | | (void)cb; (void)u; |
356 | | return -1; |
357 | | } |
358 | | |
359 | | # endif |
360 | | |
361 | | #endif |