1 | /* |
2 | * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. |
3 | * |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at |
7 | * https://www.openssl.org/source/license.html |
8 | */ |
9 | |
10 | #include "e_os.h" |
11 | #include "internal/cryptlib.h" |
12 | #include "crypto/cryptlib.h" |
13 | #include <stdio.h> |
14 | #include <stdlib.h> |
15 | #include <limits.h> |
16 | #include <openssl/crypto.h> |
17 | |
18 | /* |
19 | * the following pointers may be changed as long as 'allow_customize' is set |
20 | */ |
21 | static int allow_customize = 1; |
22 | |
23 | static void *(*malloc_impl)(size_t, const char *, int) |
24 | = CRYPTO_malloc; |
25 | static void *(*realloc_impl)(void *, size_t, const char *, int) |
26 | = CRYPTO_realloc; |
27 | static void (*free_impl)(void *, const char *, int) |
28 | = CRYPTO_free; |
29 | |
30 | #if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODE) |
31 | # include "internal/tsan_assist.h" |
32 | |
33 | static TSAN_QUALIFIER int malloc_count; |
34 | static TSAN_QUALIFIER int realloc_count; |
35 | static TSAN_QUALIFIER int free_count; |
36 | |
37 | # define INCREMENT(x) tsan_counter(&(x)) |
38 | |
39 | static char *md_failstring; |
40 | static long md_count; |
41 | static int md_fail_percent = 0; |
42 | static int md_tracefd = -1; |
43 | |
44 | static void parseit(void); |
45 | static int shouldfail(void); |
46 | |
47 | # define FAILTEST() if (shouldfail()) return NULL |
48 | |
49 | #else |
50 | |
51 | # define INCREMENT(x) /* empty */ |
52 | # define FAILTEST() /* empty */ |
53 | #endif |
54 | |
55 | int CRYPTO_set_mem_functions( |
56 | void *(*m)(size_t, const char *, int), |
57 | void *(*r)(void *, size_t, const char *, int), |
58 | void (*f)(void *, const char *, int)) |
59 | { |
60 | if (!allow_customize) |
61 | return 0; |
62 | if (m) |
63 | malloc_impl = m; |
64 | if (r) |
65 | realloc_impl = r; |
66 | if (f) |
67 | free_impl = f; |
68 | return 1; |
69 | } |
70 | |
71 | void CRYPTO_get_mem_functions( |
72 | void *(**m)(size_t, const char *, int), |
73 | void *(**r)(void *, size_t, const char *, int), |
74 | void (**f)(void *, const char *, int)) |
75 | { |
76 | if (m != NULL) |
77 | *m = malloc_impl; |
78 | if (r != NULL) |
79 | *r = realloc_impl; |
80 | if (f != NULL) |
81 | *f = free_impl; |
82 | } |
83 | |
84 | #if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODE) |
85 | void CRYPTO_get_alloc_counts(int *mcount, int *rcount, int *fcount) |
86 | { |
87 | if (mcount != NULL) |
88 | *mcount = tsan_load(&malloc_count); |
89 | if (rcount != NULL) |
90 | *rcount = tsan_load(&realloc_count); |
91 | if (fcount != NULL) |
92 | *fcount = tsan_load(&free_count); |
93 | } |
94 | |
95 | /* |
96 | * Parse a "malloc failure spec" string. This likes like a set of fields |
97 | * separated by semicolons. Each field has a count and an optional failure |
98 | * percentage. For example: |
99 | * 100@0;100@25;0@0 |
100 | * or 100;100@25;0 |
101 | * This means 100 mallocs succeed, then next 100 fail 25% of the time, and |
102 | * all remaining (count is zero) succeed. |
103 | */ |
104 | static void parseit(void) |
105 | { |
106 | char *semi = strchr(md_failstring, ';'); |
107 | char *atsign; |
108 | |
109 | if (semi != NULL) |
110 | *semi++ = '\0'; |
111 | |
112 | /* Get the count (atol will stop at the @ if there), and percentage */ |
113 | md_count = atol(md_failstring); |
114 | atsign = strchr(md_failstring, '@'); |
115 | md_fail_percent = atsign == NULL ? 0 : atoi(atsign + 1); |
116 | |
117 | if (semi != NULL) |
118 | md_failstring = semi; |
119 | } |
120 | |
121 | /* |
122 | * Windows doesn't have random(), but it has rand() |
123 | * Some rand() implementations aren't good, but we're not |
124 | * dealing with secure randomness here. |
125 | */ |
126 | # ifdef _WIN32 |
127 | # define random() rand() |
128 | # endif |
129 | /* |
130 | * See if the current malloc should fail. |
131 | */ |
132 | static int shouldfail(void) |
133 | { |
134 | int roll = (int)(random() % 100); |
135 | int shoulditfail = roll < md_fail_percent; |
136 | # ifndef _WIN32 |
137 | /* suppressed on Windows as POSIX-like file descriptors are non-inheritable */ |
138 | int len; |
139 | char buff[80]; |
140 | |
141 | if (md_tracefd > 0) { |
142 | BIO_snprintf(buff, sizeof(buff), |
143 | "%c C%ld %%%d R%d\n" , |
144 | shoulditfail ? '-' : '+', md_count, md_fail_percent, roll); |
145 | len = strlen(buff); |
146 | if (write(md_tracefd, buff, len) != len) |
147 | perror("shouldfail write failed" ); |
148 | # ifndef OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE |
149 | if (shoulditfail) { |
150 | void *addrs[30]; |
151 | int num = backtrace(addrs, OSSL_NELEM(addrs)); |
152 | |
153 | backtrace_symbols_fd(addrs, num, md_tracefd); |
154 | } |
155 | # endif |
156 | } |
157 | # endif |
158 | |
159 | if (md_count) { |
160 | /* If we used up this one, go to the next. */ |
161 | if (--md_count == 0) |
162 | parseit(); |
163 | } |
164 | |
165 | return shoulditfail; |
166 | } |
167 | |
168 | void ossl_malloc_setup_failures(void) |
169 | { |
170 | const char *cp = getenv("OPENSSL_MALLOC_FAILURES" ); |
171 | |
172 | if (cp != NULL && (md_failstring = strdup(cp)) != NULL) |
173 | parseit(); |
174 | if ((cp = getenv("OPENSSL_MALLOC_FD" )) != NULL) |
175 | md_tracefd = atoi(cp); |
176 | } |
177 | #endif |
178 | |
179 | void *CRYPTO_malloc(size_t num, const char *file, int line) |
180 | { |
181 | void *ret = NULL; |
182 | |
183 | INCREMENT(malloc_count); |
184 | if (malloc_impl != NULL && malloc_impl != CRYPTO_malloc) |
185 | return malloc_impl(num, file, line); |
186 | |
187 | if (num == 0) |
188 | return NULL; |
189 | |
190 | FAILTEST(); |
191 | if (allow_customize) { |
192 | /* |
193 | * Disallow customization after the first allocation. We only set this |
194 | * if necessary to avoid a store to the same cache line on every |
195 | * allocation. |
196 | */ |
197 | allow_customize = 0; |
198 | } |
199 | (void)(file); (void)(line); |
200 | ret = malloc(num); |
201 | |
202 | return ret; |
203 | } |
204 | |
205 | void *CRYPTO_zalloc(size_t num, const char *file, int line) |
206 | { |
207 | void *ret = CRYPTO_malloc(num, file, line); |
208 | |
209 | FAILTEST(); |
210 | if (ret != NULL) |
211 | memset(ret, 0, num); |
212 | return ret; |
213 | } |
214 | |
215 | void *CRYPTO_realloc(void *str, size_t num, const char *file, int line) |
216 | { |
217 | INCREMENT(realloc_count); |
218 | if (realloc_impl != NULL && realloc_impl != &CRYPTO_realloc) |
219 | return realloc_impl(str, num, file, line); |
220 | |
221 | FAILTEST(); |
222 | if (str == NULL) |
223 | return CRYPTO_malloc(num, file, line); |
224 | |
225 | if (num == 0) { |
226 | CRYPTO_free(str, file, line); |
227 | return NULL; |
228 | } |
229 | |
230 | (void)(file); (void)(line); |
231 | return realloc(str, num); |
232 | |
233 | } |
234 | |
235 | void *CRYPTO_clear_realloc(void *str, size_t old_len, size_t num, |
236 | const char *file, int line) |
237 | { |
238 | void *ret = NULL; |
239 | |
240 | if (str == NULL) |
241 | return CRYPTO_malloc(num, file, line); |
242 | |
243 | if (num == 0) { |
244 | CRYPTO_clear_free(str, old_len, file, line); |
245 | return NULL; |
246 | } |
247 | |
248 | /* Can't shrink the buffer since memcpy below copies |old_len| bytes. */ |
249 | if (num < old_len) { |
250 | OPENSSL_cleanse((char*)str + num, old_len - num); |
251 | return str; |
252 | } |
253 | |
254 | ret = CRYPTO_malloc(num, file, line); |
255 | if (ret != NULL) { |
256 | memcpy(ret, str, old_len); |
257 | CRYPTO_clear_free(str, old_len, file, line); |
258 | } |
259 | return ret; |
260 | } |
261 | |
262 | void CRYPTO_free(void *str, const char *file, int line) |
263 | { |
264 | INCREMENT(free_count); |
265 | if (free_impl != NULL && free_impl != &CRYPTO_free) { |
266 | free_impl(str, file, line); |
267 | return; |
268 | } |
269 | |
270 | free(str); |
271 | } |
272 | |
273 | void CRYPTO_clear_free(void *str, size_t num, const char *file, int line) |
274 | { |
275 | if (str == NULL) |
276 | return; |
277 | if (num) |
278 | OPENSSL_cleanse(str, num); |
279 | CRYPTO_free(str, file, line); |
280 | } |
281 | |
282 | #if !defined(OPENSSL_NO_CRYPTO_MDEBUG) |
283 | |
284 | # ifndef OPENSSL_NO_DEPRECATED_3_0 |
285 | int CRYPTO_mem_ctrl(int mode) |
286 | { |
287 | (void)mode; |
288 | return -1; |
289 | } |
290 | |
291 | int CRYPTO_set_mem_debug(int flag) |
292 | { |
293 | (void)flag; |
294 | return -1; |
295 | } |
296 | |
297 | int CRYPTO_mem_debug_push(const char *info, const char *file, int line) |
298 | { |
299 | (void)info; (void)file; (void)line; |
300 | return -1; |
301 | } |
302 | |
303 | int CRYPTO_mem_debug_pop(void) |
304 | { |
305 | return -1; |
306 | } |
307 | |
308 | int CRYPTO_mem_leaks(BIO *b) |
309 | { |
310 | (void)b; |
311 | return -1; |
312 | } |
313 | |
314 | # ifndef OPENSSL_NO_STDIO |
315 | int CRYPTO_mem_leaks_fp(FILE *fp) |
316 | { |
317 | (void)fp; |
318 | return -1; |
319 | } |
320 | # endif |
321 | |
322 | int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u), |
323 | void *u) |
324 | { |
325 | (void)cb; (void)u; |
326 | return -1; |
327 | } |
328 | |
329 | # endif |
330 | |
331 | #endif |
332 | |