1 /*
2  * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9 
10 #include "e_os.h"
11 #include "internal/cryptlib.h"
12 #include "crypto/cryptlib.h"
13 #include <stdio.h>
14 #include <stdlib.h>
15 #include <limits.h>
16 #include <openssl/crypto.h>
17 
18 /*
19  * the following pointers may be changed as long as 'allow_customize' is set
20  */
21 static int allow_customize = 1;
22 static CRYPTO_malloc_fn malloc_impl = CRYPTO_malloc;
23 static CRYPTO_realloc_fn realloc_impl = CRYPTO_realloc;
24 static CRYPTO_free_fn free_impl = CRYPTO_free;
25 
26 #if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODULE)
27 # include "internal/tsan_assist.h"
28 
29 # ifdef TSAN_REQUIRES_LOCKING
30 #  define INCREMENT(x) /* empty */
31 #  define LOAD(x) 0
32 # else  /* TSAN_REQUIRES_LOCKING */
33 static TSAN_QUALIFIER int malloc_count;
34 static TSAN_QUALIFIER int realloc_count;
35 static TSAN_QUALIFIER int free_count;
36 
37 #  define INCREMENT(x) tsan_counter(&(x))
38 #  define LOAD(x)      tsan_load(&x)
39 # endif /* TSAN_REQUIRES_LOCKING */
40 
41 static char *md_failstring;
42 static long md_count;
43 static int md_fail_percent = 0;
44 static int md_tracefd = -1;
45 
46 static void parseit(void);
47 static int shouldfail(void);
48 
49 # define FAILTEST() if (shouldfail()) return NULL
50 
51 #else
52 
53 # define INCREMENT(x) /* empty */
54 # define FAILTEST() /* empty */
55 #endif
56 
CRYPTO_set_mem_functions(CRYPTO_malloc_fn malloc_fn,CRYPTO_realloc_fn realloc_fn,CRYPTO_free_fn free_fn)57 int CRYPTO_set_mem_functions(CRYPTO_malloc_fn malloc_fn,
58                              CRYPTO_realloc_fn realloc_fn,
59                              CRYPTO_free_fn free_fn)
60 {
61     if (!allow_customize)
62         return 0;
63     if (malloc_fn != NULL)
64         malloc_impl = malloc_fn;
65     if (realloc_fn != NULL)
66         realloc_impl = realloc_fn;
67     if (free_fn != NULL)
68         free_impl = free_fn;
69     return 1;
70 }
71 
CRYPTO_get_mem_functions(CRYPTO_malloc_fn * malloc_fn,CRYPTO_realloc_fn * realloc_fn,CRYPTO_free_fn * free_fn)72 void CRYPTO_get_mem_functions(CRYPTO_malloc_fn *malloc_fn,
73                               CRYPTO_realloc_fn *realloc_fn,
74                               CRYPTO_free_fn *free_fn)
75 {
76     if (malloc_fn != NULL)
77         *malloc_fn = malloc_impl;
78     if (realloc_fn != NULL)
79         *realloc_fn = realloc_impl;
80     if (free_fn != NULL)
81         *free_fn = free_impl;
82 }
83 
84 #if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODULE)
CRYPTO_get_alloc_counts(int * mcount,int * rcount,int * fcount)85 void CRYPTO_get_alloc_counts(int *mcount, int *rcount, int *fcount)
86 {
87     if (mcount != NULL)
88         *mcount = LOAD(malloc_count);
89     if (rcount != NULL)
90         *rcount = LOAD(realloc_count);
91     if (fcount != NULL)
92         *fcount = LOAD(free_count);
93 }
94 
95 /*
96  * Parse a "malloc failure spec" string.  This likes like a set of fields
97  * separated by semicolons.  Each field has a count and an optional failure
98  * percentage.  For example:
99  *          100@0;100@25;0@0
100  *    or    100;100@25;0
101  * This means 100 mallocs succeed, then next 100 fail 25% of the time, and
102  * all remaining (count is zero) succeed.
103  */
parseit(void)104 static void parseit(void)
105 {
106     char *semi = strchr(md_failstring, ';');
107     char *atsign;
108 
109     if (semi != NULL)
110         *semi++ = '\0';
111 
112     /* Get the count (atol will stop at the @ if there), and percentage */
113     md_count = atol(md_failstring);
114     atsign = strchr(md_failstring, '@');
115     md_fail_percent = atsign == NULL ? 0 : atoi(atsign + 1);
116 
117     if (semi != NULL)
118         md_failstring = semi;
119 }
120 
121 /*
122  * Windows doesn't have random(), but it has rand()
123  * Some rand() implementations aren't good, but we're not
124  * dealing with secure randomness here.
125  */
126 # ifdef _WIN32
127 #  define random() rand()
128 # endif
129 /*
130  * See if the current malloc should fail.
131  */
shouldfail(void)132 static int shouldfail(void)
133 {
134     int roll = (int)(random() % 100);
135     int shoulditfail = roll < md_fail_percent;
136 # ifndef _WIN32
137 /* suppressed on Windows as POSIX-like file descriptors are non-inheritable */
138     int len;
139     char buff[80];
140 
141     if (md_tracefd > 0) {
142         BIO_snprintf(buff, sizeof(buff),
143                      "%c C%ld %%%d R%d\n",
144                      shoulditfail ? '-' : '+', md_count, md_fail_percent, roll);
145         len = strlen(buff);
146         if (write(md_tracefd, buff, len) != len)
147             perror("shouldfail write failed");
148     }
149 # endif
150 
151     if (md_count) {
152         /* If we used up this one, go to the next. */
153         if (--md_count == 0)
154             parseit();
155     }
156 
157     return shoulditfail;
158 }
159 
ossl_malloc_setup_failures(void)160 void ossl_malloc_setup_failures(void)
161 {
162     const char *cp = getenv("OPENSSL_MALLOC_FAILURES");
163 
164     if (cp != NULL && (md_failstring = strdup(cp)) != NULL)
165         parseit();
166     if ((cp = getenv("OPENSSL_MALLOC_FD")) != NULL)
167         md_tracefd = atoi(cp);
168 }
169 #endif
170 
CRYPTO_malloc(size_t num,const char * file,int line)171 void *CRYPTO_malloc(size_t num, const char *file, int line)
172 {
173     INCREMENT(malloc_count);
174     if (malloc_impl != CRYPTO_malloc)
175         return malloc_impl(num, file, line);
176 
177     if (num == 0)
178         return NULL;
179 
180     FAILTEST();
181     if (allow_customize) {
182         /*
183          * Disallow customization after the first allocation. We only set this
184          * if necessary to avoid a store to the same cache line on every
185          * allocation.
186          */
187         allow_customize = 0;
188     }
189 
190     return malloc(num);
191 }
192 
CRYPTO_zalloc(size_t num,const char * file,int line)193 void *CRYPTO_zalloc(size_t num, const char *file, int line)
194 {
195     void *ret;
196 
197     ret = CRYPTO_malloc(num, file, line);
198     FAILTEST();
199     if (ret != NULL)
200         memset(ret, 0, num);
201 
202     return ret;
203 }
204 
CRYPTO_realloc(void * str,size_t num,const char * file,int line)205 void *CRYPTO_realloc(void *str, size_t num, const char *file, int line)
206 {
207     INCREMENT(realloc_count);
208     if (realloc_impl != CRYPTO_realloc)
209         return realloc_impl(str, num, file, line);
210 
211     FAILTEST();
212     if (str == NULL)
213         return CRYPTO_malloc(num, file, line);
214 
215     if (num == 0) {
216         CRYPTO_free(str, file, line);
217         return NULL;
218     }
219 
220     return realloc(str, num);
221 }
222 
CRYPTO_clear_realloc(void * str,size_t old_len,size_t num,const char * file,int line)223 void *CRYPTO_clear_realloc(void *str, size_t old_len, size_t num,
224                            const char *file, int line)
225 {
226     void *ret = NULL;
227 
228     if (str == NULL)
229         return CRYPTO_malloc(num, file, line);
230 
231     if (num == 0) {
232         CRYPTO_clear_free(str, old_len, file, line);
233         return NULL;
234     }
235 
236     /* Can't shrink the buffer since memcpy below copies |old_len| bytes. */
237     if (num < old_len) {
238         OPENSSL_cleanse((char*)str + num, old_len - num);
239         return str;
240     }
241 
242     ret = CRYPTO_malloc(num, file, line);
243     if (ret != NULL) {
244         memcpy(ret, str, old_len);
245         CRYPTO_clear_free(str, old_len, file, line);
246     }
247     return ret;
248 }
249 
CRYPTO_free(void * str,const char * file,int line)250 void CRYPTO_free(void *str, const char *file, int line)
251 {
252     INCREMENT(free_count);
253     if (free_impl != CRYPTO_free) {
254         free_impl(str, file, line);
255         return;
256     }
257 
258     free(str);
259 }
260 
CRYPTO_clear_free(void * str,size_t num,const char * file,int line)261 void CRYPTO_clear_free(void *str, size_t num, const char *file, int line)
262 {
263     if (str == NULL)
264         return;
265     if (num)
266         OPENSSL_cleanse(str, num);
267     CRYPTO_free(str, file, line);
268 }
269 
270 #if !defined(OPENSSL_NO_CRYPTO_MDEBUG)
271 
272 # ifndef OPENSSL_NO_DEPRECATED_3_0
CRYPTO_mem_ctrl(int mode)273 int CRYPTO_mem_ctrl(int mode)
274 {
275     (void)mode;
276     return -1;
277 }
278 
CRYPTO_set_mem_debug(int flag)279 int CRYPTO_set_mem_debug(int flag)
280 {
281     (void)flag;
282     return -1;
283 }
284 
CRYPTO_mem_debug_push(const char * info,const char * file,int line)285 int CRYPTO_mem_debug_push(const char *info, const char *file, int line)
286 {
287     (void)info; (void)file; (void)line;
288     return 0;
289 }
290 
CRYPTO_mem_debug_pop(void)291 int CRYPTO_mem_debug_pop(void)
292 {
293     return 0;
294 }
295 
CRYPTO_mem_debug_malloc(void * addr,size_t num,int flag,const char * file,int line)296 void CRYPTO_mem_debug_malloc(void *addr, size_t num, int flag,
297                              const char *file, int line)
298 {
299     (void)addr; (void)num; (void)flag; (void)file; (void)line;
300 }
301 
CRYPTO_mem_debug_realloc(void * addr1,void * addr2,size_t num,int flag,const char * file,int line)302 void CRYPTO_mem_debug_realloc(void *addr1, void *addr2, size_t num, int flag,
303                               const char *file, int line)
304 {
305     (void)addr1; (void)addr2; (void)num; (void)flag; (void)file; (void)line;
306 }
307 
CRYPTO_mem_debug_free(void * addr,int flag,const char * file,int line)308 void CRYPTO_mem_debug_free(void *addr, int flag,
309                            const char *file, int line)
310 {
311     (void)addr; (void)flag; (void)file; (void)line;
312 }
313 
CRYPTO_mem_leaks(BIO * b)314 int CRYPTO_mem_leaks(BIO *b)
315 {
316     (void)b;
317     return -1;
318 }
319 
320 #  ifndef OPENSSL_NO_STDIO
CRYPTO_mem_leaks_fp(FILE * fp)321 int CRYPTO_mem_leaks_fp(FILE *fp)
322 {
323     (void)fp;
324     return -1;
325 }
326 #  endif
327 
CRYPTO_mem_leaks_cb(int (* cb)(const char * str,size_t len,void * u),void * u)328 int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
329                         void *u)
330 {
331     (void)cb; (void)u;
332     return -1;
333 }
334 
335 # endif
336 
337 #endif
338