mirror of
https://github.com/openssl/openssl.git
synced 2025-02-11 14:22:43 +08:00
afe9bba749
Windows doesn't provide random(). In this particular case, our requirements on the quality of randomness isn't high, so we don't need to care how good randomness rand() does or doesn't provide. Fixes #3778 Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3779)
289 lines
6.9 KiB
C
289 lines
6.9 KiB
C
/*
|
|
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
|
|
*
|
|
* Licensed under the OpenSSL license (the "License"). You may not use
|
|
* this file except in compliance with the License. You can obtain a copy
|
|
* in the file LICENSE in the source distribution or at
|
|
* https://www.openssl.org/source/license.html
|
|
*/
|
|
|
|
#include <stdio.h>
|
|
#include <stdlib.h>
|
|
#include <limits.h>
|
|
#include <openssl/crypto.h>
|
|
#include "internal/cryptlib.h"
|
|
#include "internal/cryptlib_int.h"
|
|
#ifndef OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
|
|
# include <execinfo.h>
|
|
#endif
|
|
|
|
/*
|
|
* the following pointers may be changed as long as 'allow_customize' is set
|
|
*/
|
|
static int allow_customize = 1;
|
|
|
|
static void *(*malloc_impl)(size_t, const char *, int)
|
|
= CRYPTO_malloc;
|
|
static void *(*realloc_impl)(void *, size_t, const char *, int)
|
|
= CRYPTO_realloc;
|
|
static void (*free_impl)(void *, const char *, int)
|
|
= CRYPTO_free;
|
|
|
|
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
|
|
static char *md_failstring;
|
|
static long md_count;
|
|
static int md_fail_percent = 0;
|
|
static int md_tracefd = -1;
|
|
static int call_malloc_debug = 1;
|
|
|
|
static void parseit(void);
|
|
static int shouldfail(void);
|
|
|
|
# define FAILTEST() if (shouldfail()) return NULL
|
|
|
|
#else
|
|
static int call_malloc_debug = 0;
|
|
|
|
# define FAILTEST() /* empty */
|
|
#endif
|
|
|
|
int CRYPTO_set_mem_functions(
|
|
void *(*m)(size_t, const char *, int),
|
|
void *(*r)(void *, size_t, const char *, int),
|
|
void (*f)(void *, const char *, int))
|
|
{
|
|
if (!allow_customize)
|
|
return 0;
|
|
if (m)
|
|
malloc_impl = m;
|
|
if (r)
|
|
realloc_impl = r;
|
|
if (f)
|
|
free_impl = f;
|
|
return 1;
|
|
}
|
|
|
|
int CRYPTO_set_mem_debug(int flag)
|
|
{
|
|
if (!allow_customize)
|
|
return 0;
|
|
call_malloc_debug = flag;
|
|
return 1;
|
|
}
|
|
|
|
void CRYPTO_get_mem_functions(
|
|
void *(**m)(size_t, const char *, int),
|
|
void *(**r)(void *, size_t, const char *, int),
|
|
void (**f)(void *, const char *, int))
|
|
{
|
|
if (m != NULL)
|
|
*m = malloc_impl;
|
|
if (r != NULL)
|
|
*r = realloc_impl;
|
|
if (f != NULL)
|
|
*f = free_impl;
|
|
}
|
|
|
|
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
|
|
/*
|
|
* Parse a "malloc failure spec" string. This likes like a set of fields
|
|
* separated by semicolons. Each field has a count and an optional failure
|
|
* percentage. For example:
|
|
* 100@0;100@25;0@0
|
|
* or 100;100@25;0
|
|
* This means 100 mallocs succeed, then next 100 fail 25% of the time, and
|
|
* all remaining (count is zero) succeed.
|
|
*/
|
|
static void parseit(void)
|
|
{
|
|
char *semi = strchr(md_failstring, ';');
|
|
char *atsign;
|
|
|
|
if (semi != NULL)
|
|
*semi++ = '\0';
|
|
|
|
/* Get the count (atol will stop at the @ if there), and percentage */
|
|
md_count = atol(md_failstring);
|
|
atsign = strchr(md_failstring, '@');
|
|
md_fail_percent = atsign == NULL ? 0 : atoi(atsign + 1);
|
|
|
|
if (semi != NULL)
|
|
md_failstring = semi;
|
|
}
|
|
|
|
/*
|
|
* Windows doesn't have random(), but it has rand()
|
|
* Some rand() implementations aren't good, but we're not
|
|
* dealing with secure randomness here.
|
|
*/
|
|
#ifdef _WIN32
|
|
# define random() rand()
|
|
#endif
|
|
/*
|
|
* See if the current malloc should fail.
|
|
*/
|
|
static int shouldfail(void)
|
|
{
|
|
int roll = (int)(random() % 100);
|
|
int shoulditfail = roll < md_fail_percent;
|
|
char buff[80];
|
|
|
|
if (md_tracefd > 0) {
|
|
BIO_snprintf(buff, sizeof(buff),
|
|
"%c C%ld %%%d R%d\n",
|
|
shoulditfail ? '-' : '+', md_count, md_fail_percent, roll);
|
|
write(md_tracefd, buff, strlen(buff));
|
|
#ifndef OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
|
|
if (shoulditfail) {
|
|
void *addrs[30];
|
|
int num = backtrace(addrs, OSSL_NELEM(addrs));
|
|
|
|
backtrace_symbols_fd(addrs, num, md_tracefd);
|
|
}
|
|
#endif
|
|
}
|
|
|
|
if (md_count) {
|
|
/* If we used up this one, go to the next. */
|
|
if (--md_count == 0)
|
|
parseit();
|
|
}
|
|
|
|
return shoulditfail;
|
|
}
|
|
|
|
void ossl_malloc_setup_failures(void)
|
|
{
|
|
const char *cp = getenv("OPENSSL_MALLOC_FAILURES");
|
|
|
|
if (cp != NULL && (md_failstring = strdup(cp)) != NULL)
|
|
parseit();
|
|
if ((cp = getenv("OPENSSL_MALLOC_FD")) != NULL)
|
|
md_tracefd = atoi(cp);
|
|
}
|
|
#endif
|
|
|
|
void *CRYPTO_malloc(size_t num, const char *file, int line)
|
|
{
|
|
void *ret = NULL;
|
|
|
|
if (malloc_impl != NULL && malloc_impl != CRYPTO_malloc)
|
|
return malloc_impl(num, file, line);
|
|
|
|
if (num == 0)
|
|
return NULL;
|
|
|
|
FAILTEST();
|
|
allow_customize = 0;
|
|
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
|
|
if (call_malloc_debug) {
|
|
CRYPTO_mem_debug_malloc(NULL, num, 0, file, line);
|
|
ret = malloc(num);
|
|
CRYPTO_mem_debug_malloc(ret, num, 1, file, line);
|
|
} else {
|
|
ret = malloc(num);
|
|
}
|
|
#else
|
|
osslargused(file); osslargused(line);
|
|
ret = malloc(num);
|
|
#endif
|
|
|
|
return ret;
|
|
}
|
|
|
|
void *CRYPTO_zalloc(size_t num, const char *file, int line)
|
|
{
|
|
void *ret = CRYPTO_malloc(num, file, line);
|
|
|
|
FAILTEST();
|
|
if (ret != NULL)
|
|
memset(ret, 0, num);
|
|
return ret;
|
|
}
|
|
|
|
void *CRYPTO_realloc(void *str, size_t num, const char *file, int line)
|
|
{
|
|
if (realloc_impl != NULL && realloc_impl != &CRYPTO_realloc)
|
|
return realloc_impl(str, num, file, line);
|
|
|
|
FAILTEST();
|
|
if (str == NULL)
|
|
return CRYPTO_malloc(num, file, line);
|
|
|
|
if (num == 0) {
|
|
CRYPTO_free(str, file, line);
|
|
return NULL;
|
|
}
|
|
|
|
allow_customize = 0;
|
|
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
|
|
if (call_malloc_debug) {
|
|
void *ret;
|
|
CRYPTO_mem_debug_realloc(str, NULL, num, 0, file, line);
|
|
ret = realloc(str, num);
|
|
CRYPTO_mem_debug_realloc(str, ret, num, 1, file, line);
|
|
return ret;
|
|
}
|
|
#else
|
|
osslargused(file); osslargused(line);
|
|
#endif
|
|
return realloc(str, num);
|
|
|
|
}
|
|
|
|
void *CRYPTO_clear_realloc(void *str, size_t old_len, size_t num,
|
|
const char *file, int line)
|
|
{
|
|
void *ret = NULL;
|
|
|
|
if (str == NULL)
|
|
return CRYPTO_malloc(num, file, line);
|
|
|
|
if (num == 0) {
|
|
CRYPTO_clear_free(str, old_len, file, line);
|
|
return NULL;
|
|
}
|
|
|
|
/* Can't shrink the buffer since memcpy below copies |old_len| bytes. */
|
|
if (num < old_len) {
|
|
OPENSSL_cleanse((char*)str + num, old_len - num);
|
|
return str;
|
|
}
|
|
|
|
ret = CRYPTO_malloc(num, file, line);
|
|
if (ret != NULL) {
|
|
memcpy(ret, str, old_len);
|
|
CRYPTO_clear_free(str, old_len, file, line);
|
|
}
|
|
return ret;
|
|
}
|
|
|
|
void CRYPTO_free(void *str, const char *file, int line)
|
|
{
|
|
if (free_impl != NULL && free_impl != &CRYPTO_free) {
|
|
free_impl(str, file, line);
|
|
return;
|
|
}
|
|
|
|
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
|
|
if (call_malloc_debug) {
|
|
CRYPTO_mem_debug_free(str, 0, file, line);
|
|
free(str);
|
|
CRYPTO_mem_debug_free(str, 1, file, line);
|
|
} else {
|
|
free(str);
|
|
}
|
|
#else
|
|
free(str);
|
|
#endif
|
|
}
|
|
|
|
void CRYPTO_clear_free(void *str, size_t num, const char *file, int line)
|
|
{
|
|
if (str == NULL)
|
|
return;
|
|
if (num)
|
|
OPENSSL_cleanse(str, num);
|
|
CRYPTO_free(str, file, line);
|
|
}
|