/src/openssl/crypto/err/err.c
Line | Count | Source |
1 | | /* |
2 | | * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | #include <stdio.h> |
11 | | #include <stdarg.h> |
12 | | #include <string.h> |
13 | | #include "crypto/cryptlib.h" |
14 | | #include "internal/err.h" |
15 | | #include "crypto/err.h" |
16 | | #include <openssl/err.h> |
17 | | #include <openssl/crypto.h> |
18 | | #include <openssl/buffer.h> |
19 | | #include <openssl/bio.h> |
20 | | #include <openssl/opensslconf.h> |
21 | | #include "internal/thread_once.h" |
22 | | #include "internal/threads_common.h" |
23 | | #include "crypto/ctype.h" |
24 | | #include "internal/constant_time.h" |
25 | | #include "internal/e_os.h" |
26 | | #include "err_local.h" |
27 | | |
28 | | #ifndef OPENSSL_NO_ERR |
29 | | static int err_load_strings(const ERR_STRING_DATA *str); |
30 | | #endif |
31 | | |
32 | | #ifndef OPENSSL_NO_ERR |
33 | | static const ERR_STRING_DATA ERR_str_libraries[] = { |
34 | | { ERR_PACK(ERR_LIB_NONE, 0, 0), "unknown library" }, |
35 | | { ERR_PACK(ERR_LIB_SYS, 0, 0), "system library" }, |
36 | | { ERR_PACK(ERR_LIB_BN, 0, 0), "bignum routines" }, |
37 | | { ERR_PACK(ERR_LIB_RSA, 0, 0), "rsa routines" }, |
38 | | { ERR_PACK(ERR_LIB_DH, 0, 0), "Diffie-Hellman routines" }, |
39 | | { ERR_PACK(ERR_LIB_EVP, 0, 0), "digital envelope routines" }, |
40 | | { ERR_PACK(ERR_LIB_BUF, 0, 0), "memory buffer routines" }, |
41 | | { ERR_PACK(ERR_LIB_OBJ, 0, 0), "object identifier routines" }, |
42 | | { ERR_PACK(ERR_LIB_PEM, 0, 0), "PEM routines" }, |
43 | | { ERR_PACK(ERR_LIB_DSA, 0, 0), "dsa routines" }, |
44 | | { ERR_PACK(ERR_LIB_X509, 0, 0), "x509 certificate routines" }, |
45 | | { ERR_PACK(ERR_LIB_ASN1, 0, 0), "asn1 encoding routines" }, |
46 | | { ERR_PACK(ERR_LIB_CONF, 0, 0), "configuration file routines" }, |
47 | | { ERR_PACK(ERR_LIB_CRYPTO, 0, 0), "common libcrypto routines" }, |
48 | | { ERR_PACK(ERR_LIB_EC, 0, 0), "elliptic curve routines" }, |
49 | | { ERR_PACK(ERR_LIB_ECDSA, 0, 0), "ECDSA routines" }, |
50 | | { ERR_PACK(ERR_LIB_ECDH, 0, 0), "ECDH routines" }, |
51 | | { ERR_PACK(ERR_LIB_SSL, 0, 0), "SSL routines" }, |
52 | | { ERR_PACK(ERR_LIB_BIO, 0, 0), "BIO routines" }, |
53 | | { ERR_PACK(ERR_LIB_PKCS7, 0, 0), "PKCS7 routines" }, |
54 | | { ERR_PACK(ERR_LIB_X509V3, 0, 0), "X509 V3 routines" }, |
55 | | { ERR_PACK(ERR_LIB_PKCS12, 0, 0), "PKCS12 routines" }, |
56 | | { ERR_PACK(ERR_LIB_RAND, 0, 0), "random number generator" }, |
57 | | { ERR_PACK(ERR_LIB_DSO, 0, 0), "DSO support routines" }, |
58 | | { ERR_PACK(ERR_LIB_TS, 0, 0), "time stamp routines" }, |
59 | | { ERR_PACK(ERR_LIB_ENGINE, 0, 0), "engine routines" }, |
60 | | { ERR_PACK(ERR_LIB_OCSP, 0, 0), "OCSP routines" }, |
61 | | { ERR_PACK(ERR_LIB_UI, 0, 0), "UI routines" }, |
62 | | { ERR_PACK(ERR_LIB_FIPS, 0, 0), "FIPS routines" }, |
63 | | { ERR_PACK(ERR_LIB_CMS, 0, 0), "CMS routines" }, |
64 | | { ERR_PACK(ERR_LIB_CRMF, 0, 0), "CRMF routines" }, |
65 | | { ERR_PACK(ERR_LIB_CMP, 0, 0), "CMP routines" }, |
66 | | { ERR_PACK(ERR_LIB_HMAC, 0, 0), "HMAC routines" }, |
67 | | { ERR_PACK(ERR_LIB_CT, 0, 0), "CT routines" }, |
68 | | { ERR_PACK(ERR_LIB_ASYNC, 0, 0), "ASYNC routines" }, |
69 | | { ERR_PACK(ERR_LIB_KDF, 0, 0), "KDF routines" }, |
70 | | { ERR_PACK(ERR_LIB_OSSL_STORE, 0, 0), "STORE routines" }, |
71 | | { ERR_PACK(ERR_LIB_SM2, 0, 0), "SM2 routines" }, |
72 | | { ERR_PACK(ERR_LIB_ESS, 0, 0), "ESS routines" }, |
73 | | { ERR_PACK(ERR_LIB_PROV, 0, 0), "Provider routines" }, |
74 | | { ERR_PACK(ERR_LIB_OSSL_ENCODER, 0, 0), "ENCODER routines" }, |
75 | | { ERR_PACK(ERR_LIB_OSSL_DECODER, 0, 0), "DECODER routines" }, |
76 | | { ERR_PACK(ERR_LIB_HTTP, 0, 0), "HTTP routines" }, |
77 | | { 0, NULL }, |
78 | | }; |
79 | | |
80 | | /* |
81 | | * Should make sure that all ERR_R_ reasons defined in include/openssl/err.h.in |
82 | | * are listed. For maintainability, please keep all reasons in the same order. |
83 | | */ |
84 | | static const ERR_STRING_DATA ERR_str_reasons[] = { |
85 | | { ERR_R_SYS_LIB, "system lib" }, |
86 | | { ERR_R_BN_LIB, "BN lib" }, |
87 | | { ERR_R_RSA_LIB, "RSA lib" }, |
88 | | { ERR_R_DH_LIB, "DH lib" }, |
89 | | { ERR_R_EVP_LIB, "EVP lib" }, |
90 | | { ERR_R_BUF_LIB, "BUF lib" }, |
91 | | { ERR_R_OBJ_LIB, "OBJ lib" }, |
92 | | { ERR_R_PEM_LIB, "PEM lib" }, |
93 | | { ERR_R_DSA_LIB, "DSA lib" }, |
94 | | { ERR_R_X509_LIB, "X509 lib" }, |
95 | | { ERR_R_ASN1_LIB, "ASN1 lib" }, |
96 | | { ERR_R_CRYPTO_LIB, "CRYPTO lib" }, |
97 | | { ERR_R_EC_LIB, "EC lib" }, |
98 | | { ERR_R_BIO_LIB, "BIO lib" }, |
99 | | { ERR_R_PKCS7_LIB, "PKCS7 lib" }, |
100 | | { ERR_R_X509V3_LIB, "X509V3 lib" }, |
101 | | { ERR_R_ENGINE_LIB, "ENGINE lib" }, |
102 | | { ERR_R_UI_LIB, "UI lib" }, |
103 | | { ERR_R_ECDSA_LIB, "ECDSA lib" }, |
104 | | { ERR_R_OSSL_STORE_LIB, "OSSL_STORE lib" }, |
105 | | { ERR_R_OSSL_DECODER_LIB, "OSSL_DECODER lib" }, |
106 | | |
107 | | { ERR_R_FATAL, "fatal" }, |
108 | | { ERR_R_MALLOC_FAILURE, "malloc failure" }, |
109 | | { ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED, |
110 | | "called a function you should not call" }, |
111 | | { ERR_R_PASSED_NULL_PARAMETER, "passed a null parameter" }, |
112 | | { ERR_R_INTERNAL_ERROR, "internal error" }, |
113 | | { ERR_R_DISABLED, "called a function that was disabled at compile-time" }, |
114 | | { ERR_R_INIT_FAIL, "init fail" }, |
115 | | { ERR_R_PASSED_INVALID_ARGUMENT, "passed invalid argument" }, |
116 | | { ERR_R_OPERATION_FAIL, "operation fail" }, |
117 | | { ERR_R_INVALID_PROVIDER_FUNCTIONS, "invalid provider functions" }, |
118 | | { ERR_R_INTERRUPTED_OR_CANCELLED, "interrupted or cancelled" }, |
119 | | { ERR_R_NESTED_ASN1_ERROR, "nested asn1 error" }, |
120 | | { ERR_R_MISSING_ASN1_EOS, "missing asn1 eos" }, |
121 | | /* |
122 | | * Something is unsupported, exactly what is expressed with additional data |
123 | | */ |
124 | | { ERR_R_UNSUPPORTED, "unsupported" }, |
125 | | /* |
126 | | * A fetch failed for other reasons than the name to be fetched being |
127 | | * unsupported. |
128 | | */ |
129 | | { ERR_R_FETCH_FAILED, "fetch failed" }, |
130 | | { ERR_R_INVALID_PROPERTY_DEFINITION, "invalid property definition" }, |
131 | | { ERR_R_UNABLE_TO_GET_READ_LOCK, "unable to get read lock" }, |
132 | | { ERR_R_UNABLE_TO_GET_WRITE_LOCK, "unable to get write lock" }, |
133 | | { 0, NULL }, |
134 | | }; |
135 | | #endif |
136 | | |
137 | | static CRYPTO_ONCE err_string_init = CRYPTO_ONCE_STATIC_INIT; |
138 | | static CRYPTO_RWLOCK *err_string_lock = NULL; |
139 | | |
140 | | #ifndef OPENSSL_NO_ERR |
141 | | static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *); |
142 | | #endif |
143 | | |
144 | | /* |
145 | | * The internal state |
146 | | */ |
147 | | |
148 | | #ifndef OPENSSL_NO_ERR |
149 | | static LHASH_OF(ERR_STRING_DATA) *int_error_hash = NULL; |
150 | | #endif |
151 | | static int int_err_library_number = ERR_LIB_USER; |
152 | | |
153 | | typedef enum ERR_GET_ACTION_e { |
154 | | EV_POP, |
155 | | EV_PEEK, |
156 | | EV_PEEK_LAST |
157 | | } ERR_GET_ACTION; |
158 | | |
159 | | static unsigned long get_error_values(ERR_GET_ACTION g, |
160 | | const char **file, int *line, |
161 | | const char **func, const char **data, |
162 | | int *flags); |
163 | | |
164 | | #ifndef OPENSSL_NO_ERR |
165 | | static unsigned long err_string_data_hash(const ERR_STRING_DATA *a) |
166 | 187k | { |
167 | 187k | unsigned long ret, l; |
168 | | |
169 | 187k | l = a->error; |
170 | 187k | ret = l ^ ERR_GET_LIB(l); |
171 | 187k | return (ret ^ ret % 19 * 13); |
172 | 187k | } |
173 | | |
174 | | static int err_string_data_cmp(const ERR_STRING_DATA *a, |
175 | | const ERR_STRING_DATA *b) |
176 | 146k | { |
177 | 146k | if (a->error == b->error) |
178 | 139k | return 0; |
179 | 6.41k | return a->error > b->error ? 1 : -1; |
180 | 146k | } |
181 | | |
182 | | static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *d) |
183 | 111k | { |
184 | 111k | ERR_STRING_DATA *p = NULL; |
185 | | |
186 | 111k | if (!CRYPTO_THREAD_read_lock(err_string_lock)) |
187 | 0 | return NULL; |
188 | 111k | p = lh_ERR_STRING_DATA_retrieve(int_error_hash, d); |
189 | 111k | CRYPTO_THREAD_unlock(err_string_lock); |
190 | | |
191 | 111k | return p; |
192 | 111k | } |
193 | | #endif |
194 | | |
195 | | void OSSL_ERR_STATE_free(ERR_STATE *state) |
196 | 0 | { |
197 | 0 | int i; |
198 | |
|
199 | 0 | if (state == NULL) |
200 | 0 | return; |
201 | 0 | for (i = 0; i < ERR_NUM_ERRORS; i++) { |
202 | 0 | err_clear(state, i, 1); |
203 | 0 | } |
204 | 0 | CRYPTO_free(state, OPENSSL_FILE, OPENSSL_LINE); |
205 | 0 | } |
206 | | |
207 | | DEFINE_RUN_ONCE_STATIC(do_err_strings_init) |
208 | 16 | { |
209 | 16 | if (!OPENSSL_init_crypto(OPENSSL_INIT_BASE_ONLY, NULL)) |
210 | 0 | return 0; |
211 | 16 | err_string_lock = CRYPTO_THREAD_lock_new(); |
212 | 16 | if (err_string_lock == NULL) |
213 | 0 | return 0; |
214 | 16 | #ifndef OPENSSL_NO_ERR |
215 | 16 | int_error_hash = lh_ERR_STRING_DATA_new(err_string_data_hash, |
216 | 16 | err_string_data_cmp); |
217 | 16 | if (int_error_hash == NULL) { |
218 | 0 | CRYPTO_THREAD_lock_free(err_string_lock); |
219 | 0 | err_string_lock = NULL; |
220 | 0 | return 0; |
221 | 0 | } |
222 | 16 | #endif |
223 | 16 | return 1; |
224 | 16 | } |
225 | | |
226 | | void err_cleanup(void) |
227 | 0 | { |
228 | 0 | CRYPTO_THREAD_lock_free(err_string_lock); |
229 | 0 | err_string_lock = NULL; |
230 | 0 | #ifndef OPENSSL_NO_ERR |
231 | 0 | lh_ERR_STRING_DATA_free(int_error_hash); |
232 | 0 | int_error_hash = NULL; |
233 | 0 | #endif |
234 | 0 | } |
235 | | |
236 | | #ifndef OPENSSL_NO_ERR |
237 | | /* |
238 | | * Legacy; pack in the library. |
239 | | */ |
240 | | static void err_patch(int lib, ERR_STRING_DATA *str) |
241 | 0 | { |
242 | 0 | unsigned long plib = ERR_PACK(lib, 0, 0); |
243 | |
|
244 | 0 | for (; str->error != 0; str++) |
245 | 0 | str->error |= plib; |
246 | 0 | } |
247 | | |
248 | | /* |
249 | | * Hash in |str| error strings. Assumes the RUN_ONCE was done. |
250 | | */ |
251 | | static int err_load_strings(const ERR_STRING_DATA *str) |
252 | 1.71k | { |
253 | 1.71k | if (!CRYPTO_THREAD_write_lock(err_string_lock)) |
254 | 0 | return 0; |
255 | 77.7k | for (; str->error; str++) |
256 | 76.0k | (void)lh_ERR_STRING_DATA_insert(int_error_hash, |
257 | 1.71k | (ERR_STRING_DATA *)str); |
258 | 1.71k | CRYPTO_THREAD_unlock(err_string_lock); |
259 | 1.71k | return 1; |
260 | 1.71k | } |
261 | | #endif |
262 | | |
263 | | int ossl_err_load_ERR_strings(void) |
264 | 576 | { |
265 | 576 | #ifndef OPENSSL_NO_ERR |
266 | 576 | if (!RUN_ONCE(&err_string_init, do_err_strings_init)) |
267 | 0 | return 0; |
268 | | |
269 | 576 | err_load_strings(ERR_str_libraries); |
270 | 576 | err_load_strings(ERR_str_reasons); |
271 | 576 | #endif |
272 | 576 | return 1; |
273 | 576 | } |
274 | | |
275 | | int ERR_load_strings(int lib, ERR_STRING_DATA *str) |
276 | 0 | { |
277 | 0 | #ifndef OPENSSL_NO_ERR |
278 | 0 | if (ossl_err_load_ERR_strings() == 0) |
279 | 0 | return 0; |
280 | | |
281 | 0 | err_patch(lib, str); |
282 | 0 | err_load_strings(str); |
283 | 0 | #endif |
284 | |
|
285 | 0 | return 1; |
286 | 0 | } |
287 | | |
288 | | int ERR_load_strings_const(const ERR_STRING_DATA *str) |
289 | 560 | { |
290 | 560 | #ifndef OPENSSL_NO_ERR |
291 | 560 | if (ossl_err_load_ERR_strings() == 0) |
292 | 0 | return 0; |
293 | 560 | err_load_strings(str); |
294 | 560 | #endif |
295 | | |
296 | 560 | return 1; |
297 | 560 | } |
298 | | |
299 | | int ERR_unload_strings(int lib, ERR_STRING_DATA *str) |
300 | 0 | { |
301 | 0 | #ifndef OPENSSL_NO_ERR |
302 | 0 | if (!RUN_ONCE(&err_string_init, do_err_strings_init)) |
303 | 0 | return 0; |
304 | | |
305 | 0 | if (!CRYPTO_THREAD_write_lock(err_string_lock)) |
306 | 0 | return 0; |
307 | | /* |
308 | | * We don't need to ERR_PACK the lib, since that was done (to |
309 | | * the table) when it was loaded. |
310 | | */ |
311 | 0 | for (; str->error; str++) |
312 | 0 | (void)lh_ERR_STRING_DATA_delete(int_error_hash, str); |
313 | 0 | CRYPTO_THREAD_unlock(err_string_lock); |
314 | 0 | #endif |
315 | |
|
316 | 0 | return 1; |
317 | 0 | } |
318 | | |
319 | | void err_free_strings_int(void) |
320 | 0 | { |
321 | | /* obsolete */ |
322 | 0 | } |
323 | | |
324 | | /********************************************************/ |
325 | | |
326 | | void ERR_clear_error(void) |
327 | 0 | { |
328 | 0 | int i; |
329 | 0 | ERR_STATE *es; |
330 | |
|
331 | 0 | es = ossl_err_get_state_int(0); |
332 | 0 | if (es == NULL) |
333 | 0 | return; |
334 | | |
335 | 0 | for (i = 0; i < ERR_NUM_ERRORS; i++) { |
336 | 0 | err_clear(es, i, 0); |
337 | 0 | } |
338 | 0 | es->top = es->bottom = 0; |
339 | 0 | } |
340 | | |
341 | | unsigned long ERR_get_error(void) |
342 | 67.3k | { |
343 | 67.3k | return get_error_values(EV_POP, NULL, NULL, NULL, NULL, NULL); |
344 | 67.3k | } |
345 | | |
346 | | unsigned long ERR_get_error_all(const char **file, int *line, |
347 | | const char **func, |
348 | | const char **data, int *flags) |
349 | 0 | { |
350 | 0 | return get_error_values(EV_POP, file, line, func, data, flags); |
351 | 0 | } |
352 | | |
353 | | #ifndef OPENSSL_NO_DEPRECATED_3_0 |
354 | | unsigned long ERR_get_error_line(const char **file, int *line) |
355 | 0 | { |
356 | 0 | return get_error_values(EV_POP, file, line, NULL, NULL, NULL); |
357 | 0 | } |
358 | | |
359 | | unsigned long ERR_get_error_line_data(const char **file, int *line, |
360 | | const char **data, int *flags) |
361 | 0 | { |
362 | 0 | return get_error_values(EV_POP, file, line, NULL, data, flags); |
363 | 0 | } |
364 | | #endif |
365 | | |
366 | | unsigned long ERR_peek_error(void) |
367 | 0 | { |
368 | 0 | return get_error_values(EV_PEEK, NULL, NULL, NULL, NULL, NULL); |
369 | 0 | } |
370 | | |
371 | | unsigned long ERR_peek_error_line(const char **file, int *line) |
372 | 0 | { |
373 | 0 | return get_error_values(EV_PEEK, file, line, NULL, NULL, NULL); |
374 | 0 | } |
375 | | |
376 | | unsigned long ERR_peek_error_func(const char **func) |
377 | 0 | { |
378 | 0 | return get_error_values(EV_PEEK, NULL, NULL, func, NULL, NULL); |
379 | 0 | } |
380 | | |
381 | | unsigned long ERR_peek_error_data(const char **data, int *flags) |
382 | 0 | { |
383 | 0 | return get_error_values(EV_PEEK, NULL, NULL, NULL, data, flags); |
384 | 0 | } |
385 | | |
386 | | unsigned long ERR_peek_error_all(const char **file, int *line, |
387 | | const char **func, |
388 | | const char **data, int *flags) |
389 | 0 | { |
390 | 0 | return get_error_values(EV_PEEK, file, line, func, data, flags); |
391 | 0 | } |
392 | | |
393 | | #ifndef OPENSSL_NO_DEPRECATED_3_0 |
394 | | unsigned long ERR_peek_error_line_data(const char **file, int *line, |
395 | | const char **data, int *flags) |
396 | 0 | { |
397 | 0 | return get_error_values(EV_PEEK, file, line, NULL, data, flags); |
398 | 0 | } |
399 | | #endif |
400 | | |
401 | | unsigned long ERR_peek_last_error(void) |
402 | 32 | { |
403 | 32 | return get_error_values(EV_PEEK_LAST, NULL, NULL, NULL, NULL, NULL); |
404 | 32 | } |
405 | | |
406 | | unsigned long ERR_peek_last_error_line(const char **file, int *line) |
407 | 0 | { |
408 | 0 | return get_error_values(EV_PEEK_LAST, file, line, NULL, NULL, NULL); |
409 | 0 | } |
410 | | |
411 | | unsigned long ERR_peek_last_error_func(const char **func) |
412 | 0 | { |
413 | 0 | return get_error_values(EV_PEEK_LAST, NULL, NULL, func, NULL, NULL); |
414 | 0 | } |
415 | | |
416 | | unsigned long ERR_peek_last_error_data(const char **data, int *flags) |
417 | 0 | { |
418 | 0 | return get_error_values(EV_PEEK_LAST, NULL, NULL, NULL, data, flags); |
419 | 0 | } |
420 | | |
421 | | unsigned long ERR_peek_last_error_all(const char **file, int *line, |
422 | | const char **func, |
423 | | const char **data, int *flags) |
424 | 0 | { |
425 | 0 | return get_error_values(EV_PEEK_LAST, file, line, func, data, flags); |
426 | 0 | } |
427 | | |
428 | | #ifndef OPENSSL_NO_DEPRECATED_3_0 |
429 | | unsigned long ERR_peek_last_error_line_data(const char **file, int *line, |
430 | | const char **data, int *flags) |
431 | 0 | { |
432 | 0 | return get_error_values(EV_PEEK_LAST, file, line, NULL, data, flags); |
433 | 0 | } |
434 | | #endif |
435 | | |
436 | | static unsigned long get_error_values(ERR_GET_ACTION g, |
437 | | const char **file, int *line, |
438 | | const char **func, |
439 | | const char **data, int *flags) |
440 | 67.4k | { |
441 | 67.4k | int i = 0; |
442 | 67.4k | ERR_STATE *es; |
443 | 67.4k | unsigned long ret; |
444 | | |
445 | 67.4k | es = ossl_err_get_state_int(1); |
446 | 67.4k | if (es == NULL) |
447 | 0 | return 0; |
448 | | |
449 | | /* |
450 | | * Clear anything that should have been cleared earlier. We do this |
451 | | * here because this doesn't have constant-time issues. |
452 | | */ |
453 | 67.4k | while (es->bottom != es->top) { |
454 | 46.8k | if (es->err_flags[es->top] & ERR_FLAG_CLEAR) { |
455 | 0 | err_clear(es, es->top, 0); |
456 | 0 | es->top = es->top > 0 ? es->top - 1 : ERR_NUM_ERRORS - 1; |
457 | 0 | continue; |
458 | 0 | } |
459 | 46.8k | i = (es->bottom + 1) % ERR_NUM_ERRORS; |
460 | 46.8k | if (es->err_flags[i] & ERR_FLAG_CLEAR) { |
461 | 0 | es->bottom = i; |
462 | 0 | err_clear(es, es->bottom, 0); |
463 | 0 | continue; |
464 | 0 | } |
465 | 46.8k | break; |
466 | 46.8k | } |
467 | | |
468 | | /* If everything has been cleared, the stack is empty. */ |
469 | 67.4k | if (es->bottom == es->top) |
470 | 20.5k | return 0; |
471 | | |
472 | | /* Which error, the top of stack (latest one) or the first one? */ |
473 | 46.8k | if (g == EV_PEEK_LAST) |
474 | 32 | i = es->top; |
475 | 46.8k | else |
476 | 46.8k | i = (es->bottom + 1) % ERR_NUM_ERRORS; |
477 | | |
478 | 46.8k | ret = es->err_buffer[i]; |
479 | 46.8k | if (g == EV_POP) { |
480 | 46.8k | es->bottom = i; |
481 | 46.8k | es->err_buffer[i] = 0; |
482 | 46.8k | } |
483 | | |
484 | 46.8k | if (file != NULL) { |
485 | 0 | *file = es->err_file[i]; |
486 | 0 | if (*file == NULL) |
487 | 0 | *file = ""; |
488 | 0 | } |
489 | 46.8k | if (line != NULL) |
490 | 0 | *line = es->err_line[i]; |
491 | 46.8k | if (func != NULL) { |
492 | 0 | *func = es->err_func[i]; |
493 | 0 | if (*func == NULL) |
494 | 0 | *func = ""; |
495 | 0 | } |
496 | 46.8k | if (flags != NULL) |
497 | 0 | *flags = es->err_data_flags[i]; |
498 | 46.8k | if (data == NULL) { |
499 | 46.8k | if (g == EV_POP) { |
500 | 46.8k | err_clear_data(es, i, 0); |
501 | 46.8k | } |
502 | 46.8k | } else { |
503 | 0 | *data = es->err_data[i]; |
504 | 0 | if (*data == NULL) { |
505 | 0 | *data = ""; |
506 | 0 | if (flags != NULL) |
507 | 0 | *flags = 0; |
508 | 0 | } |
509 | 0 | } |
510 | 46.8k | return ret; |
511 | 67.4k | } |
512 | | |
513 | | void ossl_err_string_int(unsigned long e, const char *func, |
514 | | char *buf, size_t len) |
515 | 0 | { |
516 | 0 | char lsbuf[64], rsbuf[256]; |
517 | 0 | const char *ls, *rs = NULL; |
518 | 0 | unsigned long l, r; |
519 | |
|
520 | 0 | if (len == 0) |
521 | 0 | return; |
522 | | |
523 | 0 | l = ERR_GET_LIB(e); |
524 | 0 | ls = ERR_lib_error_string(e); |
525 | 0 | if (ls == NULL) { |
526 | 0 | BIO_snprintf(lsbuf, sizeof(lsbuf), "lib(%lu)", l); |
527 | 0 | ls = lsbuf; |
528 | 0 | } |
529 | | |
530 | | /* |
531 | | * ERR_reason_error_string() can't safely return system error strings, |
532 | | * since it would call openssl_strerror_r(), which needs a buffer for |
533 | | * thread safety. So for system errors, we call openssl_strerror_r() |
534 | | * directly instead. |
535 | | */ |
536 | 0 | r = ERR_GET_REASON(e); |
537 | 0 | #ifndef OPENSSL_NO_ERR |
538 | 0 | if (ERR_SYSTEM_ERROR(e)) { |
539 | 0 | if (openssl_strerror_r(r, rsbuf, sizeof(rsbuf))) |
540 | 0 | rs = rsbuf; |
541 | 0 | } else { |
542 | 0 | rs = ERR_reason_error_string(e); |
543 | 0 | } |
544 | 0 | #endif |
545 | 0 | if (rs == NULL) { |
546 | 0 | BIO_snprintf(rsbuf, sizeof(rsbuf), "reason(%lu)", |
547 | 0 | r & ~(ERR_RFLAGS_MASK << ERR_RFLAGS_OFFSET)); |
548 | 0 | rs = rsbuf; |
549 | 0 | } |
550 | |
|
551 | 0 | BIO_snprintf(buf, len, "error:%08lX:%s:%s:%s", e, ls, func, rs); |
552 | 0 | if (strlen(buf) == len - 1) { |
553 | | /* Didn't fit; use a minimal format. */ |
554 | 0 | BIO_snprintf(buf, len, "err:%lx:%lx:%lx:%lx", e, l, 0L, r); |
555 | 0 | } |
556 | 0 | } |
557 | | |
558 | | void ERR_error_string_n(unsigned long e, char *buf, size_t len) |
559 | 0 | { |
560 | 0 | ossl_err_string_int(e, "", buf, len); |
561 | 0 | } |
562 | | |
563 | | /* |
564 | | * ERR_error_string_n should be used instead for ret != NULL as |
565 | | * ERR_error_string cannot know how large the buffer is |
566 | | */ |
567 | | char *ERR_error_string(unsigned long e, char *ret) |
568 | 0 | { |
569 | 0 | static char buf[256]; |
570 | |
|
571 | 0 | if (ret == NULL) |
572 | 0 | ret = buf; |
573 | 0 | ERR_error_string_n(e, ret, (int)sizeof(buf)); |
574 | 0 | return ret; |
575 | 0 | } |
576 | | |
577 | | const char *ERR_lib_error_string(unsigned long e) |
578 | 46.8k | { |
579 | 46.8k | #ifndef OPENSSL_NO_ERR |
580 | 46.8k | ERR_STRING_DATA d, *p; |
581 | 46.8k | unsigned long l; |
582 | | |
583 | 46.8k | if (!RUN_ONCE(&err_string_init, do_err_strings_init)) { |
584 | 0 | return NULL; |
585 | 0 | } |
586 | | |
587 | 46.8k | l = ERR_GET_LIB(e); |
588 | 46.8k | d.error = ERR_PACK(l, 0, 0); |
589 | 46.8k | p = int_err_get_item(&d); |
590 | 46.8k | return ((p == NULL) ? NULL : p->string); |
591 | | #else |
592 | | return NULL; |
593 | | #endif |
594 | 46.8k | } |
595 | | |
596 | | #ifndef OPENSSL_NO_DEPRECATED_3_0 |
597 | | const char *ERR_func_error_string(unsigned long e) |
598 | 46.8k | { |
599 | 46.8k | return NULL; |
600 | 46.8k | } |
601 | | #endif |
602 | | |
603 | | const char *ERR_reason_error_string(unsigned long e) |
604 | 47.4k | { |
605 | 47.4k | #ifndef OPENSSL_NO_ERR |
606 | 47.4k | ERR_STRING_DATA d, *p = NULL; |
607 | 47.4k | unsigned long l, r; |
608 | | |
609 | 47.4k | if (!RUN_ONCE(&err_string_init, do_err_strings_init)) { |
610 | 0 | return NULL; |
611 | 0 | } |
612 | | |
613 | | /* |
614 | | * ERR_reason_error_string() can't safely return system error strings, |
615 | | * since openssl_strerror_r() needs a buffer for thread safety, and we |
616 | | * haven't got one that would serve any sensible purpose. |
617 | | */ |
618 | 47.4k | if (ERR_SYSTEM_ERROR(e)) |
619 | 0 | return NULL; |
620 | | |
621 | 47.4k | l = ERR_GET_LIB(e); |
622 | 47.4k | r = ERR_GET_REASON(e); |
623 | 47.4k | d.error = ERR_PACK(l, 0, r); |
624 | 47.4k | p = int_err_get_item(&d); |
625 | 47.4k | if (p == NULL) { |
626 | 16.9k | d.error = ERR_PACK(0, 0, r); |
627 | 16.9k | p = int_err_get_item(&d); |
628 | 16.9k | } |
629 | 47.4k | return ((p == NULL) ? NULL : p->string); |
630 | | #else |
631 | | return NULL; |
632 | | #endif |
633 | 47.4k | } |
634 | | |
635 | | static void err_delete_thread_state(void *unused) |
636 | 0 | { |
637 | 0 | ERR_STATE *state = CRYPTO_THREAD_get_local_ex(CRYPTO_THREAD_LOCAL_ERR_KEY, |
638 | 0 | CRYPTO_THREAD_NO_CONTEXT); |
639 | |
|
640 | 0 | if (state == NULL) |
641 | 0 | return; |
642 | | |
643 | 0 | CRYPTO_THREAD_set_local_ex(CRYPTO_THREAD_LOCAL_ERR_KEY, |
644 | 0 | CRYPTO_THREAD_NO_CONTEXT, NULL); |
645 | 0 | OSSL_ERR_STATE_free(state); |
646 | 0 | } |
647 | | |
648 | | ERR_STATE *ossl_err_get_state_int(int save_sys_error) |
649 | 248k | { |
650 | 248k | ERR_STATE *state; |
651 | 248k | int saveerrno = 0; |
652 | | |
653 | 248k | if (save_sys_error) |
654 | 248k | saveerrno = get_last_sys_error(); |
655 | | |
656 | 248k | if (!OPENSSL_init_crypto(OPENSSL_INIT_BASE_ONLY, NULL)) |
657 | 0 | return NULL; |
658 | | |
659 | 248k | state = CRYPTO_THREAD_get_local_ex(CRYPTO_THREAD_LOCAL_ERR_KEY, |
660 | 248k | CRYPTO_THREAD_NO_CONTEXT); |
661 | 248k | if (state == (ERR_STATE *)-1) |
662 | 0 | return NULL; |
663 | | |
664 | 248k | if (state == NULL) { |
665 | 16 | if (!CRYPTO_THREAD_set_local_ex(CRYPTO_THREAD_LOCAL_ERR_KEY, |
666 | 16 | CRYPTO_THREAD_NO_CONTEXT, (ERR_STATE *)-1)) |
667 | 0 | return NULL; |
668 | | |
669 | 16 | state = OSSL_ERR_STATE_new(); |
670 | 16 | if (state == NULL) { |
671 | 0 | CRYPTO_THREAD_set_local_ex(CRYPTO_THREAD_LOCAL_ERR_KEY, |
672 | 0 | CRYPTO_THREAD_NO_CONTEXT, NULL); |
673 | 0 | return NULL; |
674 | 0 | } |
675 | | |
676 | 16 | if (!ossl_init_thread_start(NULL, NULL, err_delete_thread_state) |
677 | 16 | || !CRYPTO_THREAD_set_local_ex(CRYPTO_THREAD_LOCAL_ERR_KEY, |
678 | 16 | CRYPTO_THREAD_NO_CONTEXT, state)) { |
679 | 0 | OSSL_ERR_STATE_free(state); |
680 | 0 | CRYPTO_THREAD_set_local_ex(CRYPTO_THREAD_LOCAL_ERR_KEY, |
681 | 0 | CRYPTO_THREAD_NO_CONTEXT, NULL); |
682 | 0 | return NULL; |
683 | 0 | } |
684 | | |
685 | | /* Ignore failures from these */ |
686 | 16 | OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); |
687 | 16 | } |
688 | | |
689 | 248k | if (save_sys_error) |
690 | 248k | set_sys_error(saveerrno); |
691 | 248k | return state; |
692 | 248k | } |
693 | | |
694 | | /* |
695 | | * err_shelve_state returns the current thread local error state |
696 | | * and freezes the error module until err_unshelve_state is called. |
697 | | */ |
698 | | int err_shelve_state(void **state) |
699 | 16 | { |
700 | 16 | int saveerrno = get_last_sys_error(); |
701 | | |
702 | | /* |
703 | | * Note, at present our only caller is OPENSSL_init_crypto(), indirectly |
704 | | * via ossl_init_load_crypto_nodelete(), by which point the requested |
705 | | * "base" initialization has already been performed, so the below call is a |
706 | | * NOOP, that re-enters OPENSSL_init_crypto() only to quickly return. |
707 | | * |
708 | | * If are no other valid callers of this function, the call below can be |
709 | | * removed, avoiding the re-entry into OPENSSL_init_crypto(). If there are |
710 | | * potential uses that are not from inside OPENSSL_init_crypto(), then this |
711 | | * call is needed, but some care is required to make sure that the re-entry |
712 | | * remains a NOOP. |
713 | | */ |
714 | 16 | if (!OPENSSL_init_crypto(OPENSSL_INIT_BASE_ONLY, NULL)) |
715 | 0 | return 0; |
716 | | |
717 | 16 | *state = CRYPTO_THREAD_get_local_ex(CRYPTO_THREAD_LOCAL_ERR_KEY, |
718 | 16 | CRYPTO_THREAD_NO_CONTEXT); |
719 | 16 | if (!CRYPTO_THREAD_set_local_ex(CRYPTO_THREAD_LOCAL_ERR_KEY, |
720 | 16 | CRYPTO_THREAD_NO_CONTEXT, (ERR_STATE *)-1)) |
721 | 0 | return 0; |
722 | | |
723 | 16 | set_sys_error(saveerrno); |
724 | 16 | return 1; |
725 | 16 | } |
726 | | |
727 | | /* |
728 | | * err_unshelve_state restores the error state that was returned |
729 | | * by err_shelve_state previously. |
730 | | */ |
731 | | void err_unshelve_state(void *state) |
732 | 16 | { |
733 | 16 | if (state != (void *)-1) |
734 | 16 | CRYPTO_THREAD_set_local_ex(CRYPTO_THREAD_LOCAL_ERR_KEY, |
735 | 16 | CRYPTO_THREAD_NO_CONTEXT, (ERR_STATE *)state); |
736 | 16 | } |
737 | | |
738 | | int ERR_get_next_error_library(void) |
739 | 16 | { |
740 | 16 | int ret; |
741 | | |
742 | 16 | if (!RUN_ONCE(&err_string_init, do_err_strings_init)) |
743 | 0 | return 0; |
744 | | |
745 | 16 | if (!CRYPTO_THREAD_write_lock(err_string_lock)) |
746 | 0 | return 0; |
747 | 16 | ret = int_err_library_number++; |
748 | 16 | CRYPTO_THREAD_unlock(err_string_lock); |
749 | 16 | return ret; |
750 | 16 | } |
751 | | |
752 | | static int err_set_error_data_int(char *data, size_t size, int flags, |
753 | | int deallocate) |
754 | 20.0k | { |
755 | 20.0k | ERR_STATE *es; |
756 | | |
757 | 20.0k | es = ossl_err_get_state_int(1); |
758 | 20.0k | if (es == NULL) |
759 | 0 | return 0; |
760 | | |
761 | 20.0k | err_clear_data(es, es->top, deallocate); |
762 | 20.0k | err_set_data(es, es->top, data, size, flags); |
763 | | |
764 | 20.0k | return 1; |
765 | 20.0k | } |
766 | | |
767 | | void ERR_set_error_data(char *data, int flags) |
768 | 0 | { |
769 | | /* |
770 | | * This function is void so we cannot propagate the error return. Since it |
771 | | * is also in the public API we can't change the return type. |
772 | | * |
773 | | * We estimate the size of the data. If it's not flagged as allocated, |
774 | | * then this is safe, and if it is flagged as allocated, then our size |
775 | | * may be smaller than the actual allocation, but that doesn't matter |
776 | | * too much, the buffer will remain untouched or will eventually be |
777 | | * reallocated to a new size. |
778 | | * |
779 | | * callers should be advised that this function takes over ownership of |
780 | | * the allocated memory, i.e. they can't count on the pointer to remain |
781 | | * valid. |
782 | | */ |
783 | 0 | err_set_error_data_int(data, strlen(data) + 1, flags, 1); |
784 | 0 | } |
785 | | |
786 | | void ERR_add_error_data(int num, ...) |
787 | 20.0k | { |
788 | 20.0k | va_list args; |
789 | 20.0k | va_start(args, num); |
790 | 20.0k | ERR_add_error_vdata(num, args); |
791 | 20.0k | va_end(args); |
792 | 20.0k | } |
793 | | |
794 | | void ERR_add_error_vdata(int num, va_list args) |
795 | 20.0k | { |
796 | 20.0k | int i; |
797 | 20.0k | size_t len, size; |
798 | 20.0k | int flags = ERR_TXT_MALLOCED | ERR_TXT_STRING; |
799 | 20.0k | char *str, *arg; |
800 | 20.0k | ERR_STATE *es; |
801 | | |
802 | | /* Get the current error data; if an allocated string get it. */ |
803 | 20.0k | es = ossl_err_get_state_int(1); |
804 | 20.0k | if (es == NULL) |
805 | 0 | return; |
806 | 20.0k | i = es->top; |
807 | | |
808 | | /* |
809 | | * If err_data is allocated already, reuse the space. |
810 | | * Otherwise, allocate a small new buffer. |
811 | | */ |
812 | 20.0k | if ((es->err_data_flags[i] & flags) == flags |
813 | 0 | && ossl_assert(es->err_data[i] != NULL)) { |
814 | 0 | str = es->err_data[i]; |
815 | 0 | size = es->err_data_size[i]; |
816 | | |
817 | | /* |
818 | | * To protect the string we just grabbed from tampering by other |
819 | | * functions we may call, or to protect them from freeing a pointer |
820 | | * that may no longer be valid at that point, we clear away the |
821 | | * data pointer and the flags. We will set them again at the end |
822 | | * of this function. |
823 | | */ |
824 | 0 | es->err_data[i] = NULL; |
825 | 0 | es->err_data_flags[i] = 0; |
826 | 20.0k | } else if ((str = OPENSSL_malloc(size = 81)) == NULL) { |
827 | 0 | return; |
828 | 20.0k | } else { |
829 | 20.0k | str[0] = '\0'; |
830 | 20.0k | } |
831 | 20.0k | len = strlen(str); |
832 | | |
833 | 73.9k | while (--num >= 0) { |
834 | 53.9k | arg = va_arg(args, char *); |
835 | 53.9k | if (arg == NULL) |
836 | 0 | arg = "<NULL>"; |
837 | 53.9k | len += strlen(arg); |
838 | 53.9k | if (len >= size) { |
839 | 0 | char *p; |
840 | |
|
841 | 0 | size = len + 20; |
842 | 0 | p = OPENSSL_realloc(str, size); |
843 | 0 | if (p == NULL) { |
844 | 0 | OPENSSL_free(str); |
845 | 0 | return; |
846 | 0 | } |
847 | 0 | str = p; |
848 | 0 | } |
849 | 53.9k | OPENSSL_strlcat(str, arg, size); |
850 | 53.9k | } |
851 | 20.0k | if (!err_set_error_data_int(str, size, flags, 0)) |
852 | 0 | OPENSSL_free(str); |
853 | 20.0k | } |
854 | | |
855 | | void err_clear_last_constant_time(int clear) |
856 | 0 | { |
857 | 0 | ERR_STATE *es; |
858 | 0 | int top; |
859 | |
|
860 | 0 | es = ossl_err_get_state_int(0); |
861 | 0 | if (es == NULL) |
862 | 0 | return; |
863 | | |
864 | 0 | top = es->top; |
865 | | |
866 | | /* |
867 | | * Flag error as cleared but remove it elsewhere to avoid two errors |
868 | | * accessing the same error stack location, revealing timing information. |
869 | | */ |
870 | 0 | clear = constant_time_select_int(constant_time_eq_int(clear, 0), |
871 | 0 | 0, ERR_FLAG_CLEAR); |
872 | 0 | es->err_flags[top] |= clear; |
873 | 0 | } |