1 /*
2 * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include "internal/e_os.h"
11 #include "internal/cryptlib.h"
12 #include "crypto/cryptlib.h"
13 #include <stdio.h>
14 #include <stdlib.h>
15 #include <limits.h>
16 #include <openssl/crypto.h>
17
18 /*
19 * the following pointers may be changed as long as 'allow_customize' is set
20 */
21 static int allow_customize = 1;
22 static CRYPTO_malloc_fn malloc_impl = CRYPTO_malloc;
23 static CRYPTO_realloc_fn realloc_impl = CRYPTO_realloc;
24 static CRYPTO_free_fn free_impl = CRYPTO_free;
25
26 #if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODULE)
27 # include "internal/tsan_assist.h"
28
29 # ifdef TSAN_REQUIRES_LOCKING
30 # define INCREMENT(x) /* empty */
31 # define LOAD(x) 0
32 # else /* TSAN_REQUIRES_LOCKING */
33 static TSAN_QUALIFIER int malloc_count;
34 static TSAN_QUALIFIER int realloc_count;
35 static TSAN_QUALIFIER int free_count;
36
37 # define INCREMENT(x) tsan_counter(&(x))
38 # define LOAD(x) tsan_load(&x)
39 # endif /* TSAN_REQUIRES_LOCKING */
40
41 static char *md_failstring;
42 static long md_count;
43 static int md_fail_percent = 0;
44 static int md_tracefd = -1;
45
46 static void parseit(void);
47 static int shouldfail(void);
48
49 # define FAILTEST() if (shouldfail()) return NULL
50
51 #else
52
53 # define INCREMENT(x) /* empty */
54 # define FAILTEST() /* empty */
55 #endif
56
CRYPTO_set_mem_functions(CRYPTO_malloc_fn malloc_fn,CRYPTO_realloc_fn realloc_fn,CRYPTO_free_fn free_fn)57 int CRYPTO_set_mem_functions(CRYPTO_malloc_fn malloc_fn,
58 CRYPTO_realloc_fn realloc_fn,
59 CRYPTO_free_fn free_fn)
60 {
61 if (!allow_customize)
62 return 0;
63 if (malloc_fn != NULL)
64 malloc_impl = malloc_fn;
65 if (realloc_fn != NULL)
66 realloc_impl = realloc_fn;
67 if (free_fn != NULL)
68 free_impl = free_fn;
69 return 1;
70 }
71
CRYPTO_get_mem_functions(CRYPTO_malloc_fn * malloc_fn,CRYPTO_realloc_fn * realloc_fn,CRYPTO_free_fn * free_fn)72 void CRYPTO_get_mem_functions(CRYPTO_malloc_fn *malloc_fn,
73 CRYPTO_realloc_fn *realloc_fn,
74 CRYPTO_free_fn *free_fn)
75 {
76 if (malloc_fn != NULL)
77 *malloc_fn = malloc_impl;
78 if (realloc_fn != NULL)
79 *realloc_fn = realloc_impl;
80 if (free_fn != NULL)
81 *free_fn = free_impl;
82 }
83
84 #if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODULE)
CRYPTO_get_alloc_counts(int * mcount,int * rcount,int * fcount)85 void CRYPTO_get_alloc_counts(int *mcount, int *rcount, int *fcount)
86 {
87 if (mcount != NULL)
88 *mcount = LOAD(malloc_count);
89 if (rcount != NULL)
90 *rcount = LOAD(realloc_count);
91 if (fcount != NULL)
92 *fcount = LOAD(free_count);
93 }
94
95 /*
96 * Parse a "malloc failure spec" string. This likes like a set of fields
97 * separated by semicolons. Each field has a count and an optional failure
98 * percentage. For example:
99 * 100@0;100@25;0@0
100 * or 100;100@25;0
101 * This means 100 mallocs succeed, then next 100 fail 25% of the time, and
102 * all remaining (count is zero) succeed.
103 */
parseit(void)104 static void parseit(void)
105 {
106 char *semi = strchr(md_failstring, ';');
107 char *atsign;
108
109 if (semi != NULL)
110 *semi++ = '\0';
111
112 /* Get the count (atol will stop at the @ if there), and percentage */
113 md_count = atol(md_failstring);
114 atsign = strchr(md_failstring, '@');
115 md_fail_percent = atsign == NULL ? 0 : atoi(atsign + 1);
116
117 if (semi != NULL)
118 md_failstring = semi;
119 }
120
121 /*
122 * Windows doesn't have random(), but it has rand()
123 * Some rand() implementations aren't good, but we're not
124 * dealing with secure randomness here.
125 */
126 # ifdef _WIN32
127 # define random() rand()
128 # endif
129 /*
130 * See if the current malloc should fail.
131 */
shouldfail(void)132 static int shouldfail(void)
133 {
134 int roll = (int)(random() % 100);
135 int shoulditfail = roll < md_fail_percent;
136 # ifndef _WIN32
137 /* suppressed on Windows as POSIX-like file descriptors are non-inheritable */
138 int len;
139 char buff[80];
140
141 if (md_tracefd > 0) {
142 BIO_snprintf(buff, sizeof(buff),
143 "%c C%ld %%%d R%d\n",
144 shoulditfail ? '-' : '+', md_count, md_fail_percent, roll);
145 len = strlen(buff);
146 if (write(md_tracefd, buff, len) != len)
147 perror("shouldfail write failed");
148 }
149 # endif
150
151 if (md_count) {
152 /* If we used up this one, go to the next. */
153 if (--md_count == 0)
154 parseit();
155 }
156
157 return shoulditfail;
158 }
159
ossl_malloc_setup_failures(void)160 void ossl_malloc_setup_failures(void)
161 {
162 const char *cp = getenv("OPENSSL_MALLOC_FAILURES");
163
164 if (cp != NULL && (md_failstring = strdup(cp)) != NULL)
165 parseit();
166 if ((cp = getenv("OPENSSL_MALLOC_FD")) != NULL)
167 md_tracefd = atoi(cp);
168 }
169 #endif
170
CRYPTO_malloc(size_t num,const char * file,int line)171 void *CRYPTO_malloc(size_t num, const char *file, int line)
172 {
173 void *ptr;
174
175 INCREMENT(malloc_count);
176 if (malloc_impl != CRYPTO_malloc) {
177 ptr = malloc_impl(num, file, line);
178 if (ptr != NULL || num == 0)
179 return ptr;
180 goto err;
181 }
182
183 if (num == 0)
184 return NULL;
185
186 FAILTEST();
187 if (allow_customize) {
188 /*
189 * Disallow customization after the first allocation. We only set this
190 * if necessary to avoid a store to the same cache line on every
191 * allocation.
192 */
193 allow_customize = 0;
194 }
195
196 ptr = malloc(num);
197 if (ptr != NULL)
198 return ptr;
199 err:
200 /*
201 * ossl_err_get_state_int() in err.c uses CRYPTO_zalloc(num, NULL, 0) for
202 * ERR_STATE allocation. Prevent mem alloc error loop while reporting error.
203 */
204 if (file != NULL || line != 0) {
205 ERR_new();
206 ERR_set_debug(file, line, NULL);
207 ERR_set_error(ERR_LIB_CRYPTO, ERR_R_MALLOC_FAILURE, NULL);
208 }
209 return NULL;
210 }
211
CRYPTO_zalloc(size_t num,const char * file,int line)212 void *CRYPTO_zalloc(size_t num, const char *file, int line)
213 {
214 void *ret;
215
216 ret = CRYPTO_malloc(num, file, line);
217 FAILTEST();
218 if (ret != NULL)
219 memset(ret, 0, num);
220
221 return ret;
222 }
223
CRYPTO_realloc(void * str,size_t num,const char * file,int line)224 void *CRYPTO_realloc(void *str, size_t num, const char *file, int line)
225 {
226 INCREMENT(realloc_count);
227 if (realloc_impl != CRYPTO_realloc)
228 return realloc_impl(str, num, file, line);
229
230 FAILTEST();
231 if (str == NULL)
232 return CRYPTO_malloc(num, file, line);
233
234 if (num == 0) {
235 CRYPTO_free(str, file, line);
236 return NULL;
237 }
238
239 return realloc(str, num);
240 }
241
CRYPTO_clear_realloc(void * str,size_t old_len,size_t num,const char * file,int line)242 void *CRYPTO_clear_realloc(void *str, size_t old_len, size_t num,
243 const char *file, int line)
244 {
245 void *ret = NULL;
246
247 if (str == NULL)
248 return CRYPTO_malloc(num, file, line);
249
250 if (num == 0) {
251 CRYPTO_clear_free(str, old_len, file, line);
252 return NULL;
253 }
254
255 /* Can't shrink the buffer since memcpy below copies |old_len| bytes. */
256 if (num < old_len) {
257 OPENSSL_cleanse((char*)str + num, old_len - num);
258 return str;
259 }
260
261 ret = CRYPTO_malloc(num, file, line);
262 if (ret != NULL) {
263 memcpy(ret, str, old_len);
264 CRYPTO_clear_free(str, old_len, file, line);
265 }
266 return ret;
267 }
268
CRYPTO_free(void * str,const char * file,int line)269 void CRYPTO_free(void *str, const char *file, int line)
270 {
271 INCREMENT(free_count);
272 if (free_impl != CRYPTO_free) {
273 free_impl(str, file, line);
274 return;
275 }
276
277 free(str);
278 }
279
CRYPTO_clear_free(void * str,size_t num,const char * file,int line)280 void CRYPTO_clear_free(void *str, size_t num, const char *file, int line)
281 {
282 if (str == NULL)
283 return;
284 if (num)
285 OPENSSL_cleanse(str, num);
286 CRYPTO_free(str, file, line);
287 }
288
289 #if !defined(OPENSSL_NO_CRYPTO_MDEBUG)
290
291 # ifndef OPENSSL_NO_DEPRECATED_3_0
CRYPTO_mem_ctrl(int mode)292 int CRYPTO_mem_ctrl(int mode)
293 {
294 (void)mode;
295 return -1;
296 }
297
CRYPTO_set_mem_debug(int flag)298 int CRYPTO_set_mem_debug(int flag)
299 {
300 (void)flag;
301 return -1;
302 }
303
CRYPTO_mem_debug_push(const char * info,const char * file,int line)304 int CRYPTO_mem_debug_push(const char *info, const char *file, int line)
305 {
306 (void)info; (void)file; (void)line;
307 return 0;
308 }
309
CRYPTO_mem_debug_pop(void)310 int CRYPTO_mem_debug_pop(void)
311 {
312 return 0;
313 }
314
CRYPTO_mem_debug_malloc(void * addr,size_t num,int flag,const char * file,int line)315 void CRYPTO_mem_debug_malloc(void *addr, size_t num, int flag,
316 const char *file, int line)
317 {
318 (void)addr; (void)num; (void)flag; (void)file; (void)line;
319 }
320
CRYPTO_mem_debug_realloc(void * addr1,void * addr2,size_t num,int flag,const char * file,int line)321 void CRYPTO_mem_debug_realloc(void *addr1, void *addr2, size_t num, int flag,
322 const char *file, int line)
323 {
324 (void)addr1; (void)addr2; (void)num; (void)flag; (void)file; (void)line;
325 }
326
CRYPTO_mem_debug_free(void * addr,int flag,const char * file,int line)327 void CRYPTO_mem_debug_free(void *addr, int flag,
328 const char *file, int line)
329 {
330 (void)addr; (void)flag; (void)file; (void)line;
331 }
332
CRYPTO_mem_leaks(BIO * b)333 int CRYPTO_mem_leaks(BIO *b)
334 {
335 (void)b;
336 return -1;
337 }
338
339 # ifndef OPENSSL_NO_STDIO
CRYPTO_mem_leaks_fp(FILE * fp)340 int CRYPTO_mem_leaks_fp(FILE *fp)
341 {
342 (void)fp;
343 return -1;
344 }
345 # endif
346
CRYPTO_mem_leaks_cb(int (* cb)(const char * str,size_t len,void * u),void * u)347 int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
348 void *u)
349 {
350 (void)cb; (void)u;
351 return -1;
352 }
353
354 # endif
355
356 #endif
357