1 /* 2 * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include "e_os.h" 11 #include "internal/cryptlib.h" 12 #include "crypto/cryptlib.h" 13 #include <stdio.h> 14 #include <stdlib.h> 15 #include <limits.h> 16 #include <openssl/crypto.h> 17 18 /* 19 * the following pointers may be changed as long as 'allow_customize' is set 20 */ 21 static int allow_customize = 1; 22 static CRYPTO_malloc_fn malloc_impl = CRYPTO_malloc; 23 static CRYPTO_realloc_fn realloc_impl = CRYPTO_realloc; 24 static CRYPTO_free_fn free_impl = CRYPTO_free; 25 26 #if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODULE) 27 # include "internal/tsan_assist.h" 28 29 # ifdef TSAN_REQUIRES_LOCKING 30 # define INCREMENT(x) /* empty */ 31 # define LOAD(x) 0 32 # else /* TSAN_REQUIRES_LOCKING */ 33 static TSAN_QUALIFIER int malloc_count; 34 static TSAN_QUALIFIER int realloc_count; 35 static TSAN_QUALIFIER int free_count; 36 37 # define INCREMENT(x) tsan_counter(&(x)) 38 # define LOAD(x) tsan_load(&x) 39 # endif /* TSAN_REQUIRES_LOCKING */ 40 41 static char *md_failstring; 42 static long md_count; 43 static int md_fail_percent = 0; 44 static int md_tracefd = -1; 45 46 static void parseit(void); 47 static int shouldfail(void); 48 49 # define FAILTEST() if (shouldfail()) return NULL 50 51 #else 52 53 # define INCREMENT(x) /* empty */ 54 # define FAILTEST() /* empty */ 55 #endif 56 57 int CRYPTO_set_mem_functions(CRYPTO_malloc_fn malloc_fn, 58 CRYPTO_realloc_fn realloc_fn, 59 CRYPTO_free_fn free_fn) 60 { 61 if (!allow_customize) 62 return 0; 63 if (malloc_fn != NULL) 64 malloc_impl = malloc_fn; 65 if (realloc_fn != NULL) 66 realloc_impl = realloc_fn; 67 if (free_fn != NULL) 68 free_impl = free_fn; 69 return 1; 70 } 71 72 void CRYPTO_get_mem_functions(CRYPTO_malloc_fn *malloc_fn, 73 CRYPTO_realloc_fn *realloc_fn, 74 CRYPTO_free_fn *free_fn) 75 { 76 if (malloc_fn != NULL) 77 *malloc_fn = malloc_impl; 78 if (realloc_fn != NULL) 79 *realloc_fn = realloc_impl; 80 if (free_fn != NULL) 81 *free_fn = free_impl; 82 } 83 84 #if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODULE) 85 void CRYPTO_get_alloc_counts(int *mcount, int *rcount, int *fcount) 86 { 87 if (mcount != NULL) 88 *mcount = LOAD(malloc_count); 89 if (rcount != NULL) 90 *rcount = LOAD(realloc_count); 91 if (fcount != NULL) 92 *fcount = LOAD(free_count); 93 } 94 95 /* 96 * Parse a "malloc failure spec" string. This likes like a set of fields 97 * separated by semicolons. Each field has a count and an optional failure 98 * percentage. For example: 99 * 100@0;100@25;0@0 100 * or 100;100@25;0 101 * This means 100 mallocs succeed, then next 100 fail 25% of the time, and 102 * all remaining (count is zero) succeed. 103 * The failure percentge can have 2 digits after the comma. For example: 104 * 0@0.01 105 * This means 0.01% of all allocations will fail. 106 */ 107 static void parseit(void) 108 { 109 char *semi = strchr(md_failstring, ';'); 110 char *atsign; 111 112 if (semi != NULL) 113 *semi++ = '\0'; 114 115 /* Get the count (atol will stop at the @ if there), and percentage */ 116 md_count = atol(md_failstring); 117 atsign = strchr(md_failstring, '@'); 118 md_fail_percent = atsign == NULL ? 0 : (int)(atof(atsign + 1) * 100 + 0.5); 119 120 if (semi != NULL) 121 md_failstring = semi; 122 } 123 124 /* 125 * Windows doesn't have random() and srandom(), but it has rand() and srand(). 126 * Some rand() implementations aren't good, but we're not 127 * dealing with secure randomness here. 128 */ 129 # ifdef _WIN32 130 # define random() rand() 131 # define srandom(seed) srand(seed) 132 # endif 133 /* 134 * See if the current malloc should fail. 135 */ 136 static int shouldfail(void) 137 { 138 int roll = (int)(random() % 10000); 139 int shoulditfail = roll < md_fail_percent; 140 # ifndef _WIN32 141 /* suppressed on Windows as POSIX-like file descriptors are non-inheritable */ 142 int len; 143 char buff[80]; 144 145 if (md_tracefd > 0) { 146 BIO_snprintf(buff, sizeof(buff), 147 "%c C%ld %%%d R%d\n", 148 shoulditfail ? '-' : '+', md_count, md_fail_percent, roll); 149 len = strlen(buff); 150 if (write(md_tracefd, buff, len) != len) 151 perror("shouldfail write failed"); 152 } 153 # endif 154 155 if (md_count) { 156 /* If we used up this one, go to the next. */ 157 if (--md_count == 0) 158 parseit(); 159 } 160 161 return shoulditfail; 162 } 163 164 void ossl_malloc_setup_failures(void) 165 { 166 const char *cp = getenv("OPENSSL_MALLOC_FAILURES"); 167 168 if (cp != NULL && (md_failstring = strdup(cp)) != NULL) 169 parseit(); 170 if ((cp = getenv("OPENSSL_MALLOC_FD")) != NULL) 171 md_tracefd = atoi(cp); 172 if ((cp = getenv("OPENSSL_MALLOC_SEED")) != NULL) 173 srandom(atoi(cp)); 174 } 175 #endif 176 177 void *CRYPTO_malloc(size_t num, const char *file, int line) 178 { 179 INCREMENT(malloc_count); 180 if (malloc_impl != CRYPTO_malloc) 181 return malloc_impl(num, file, line); 182 183 if (num == 0) 184 return NULL; 185 186 FAILTEST(); 187 if (allow_customize) { 188 /* 189 * Disallow customization after the first allocation. We only set this 190 * if necessary to avoid a store to the same cache line on every 191 * allocation. 192 */ 193 allow_customize = 0; 194 } 195 196 return malloc(num); 197 } 198 199 void *CRYPTO_zalloc(size_t num, const char *file, int line) 200 { 201 void *ret; 202 203 ret = CRYPTO_malloc(num, file, line); 204 if (ret != NULL) 205 memset(ret, 0, num); 206 207 return ret; 208 } 209 210 void *CRYPTO_realloc(void *str, size_t num, const char *file, int line) 211 { 212 INCREMENT(realloc_count); 213 if (realloc_impl != CRYPTO_realloc) 214 return realloc_impl(str, num, file, line); 215 216 if (str == NULL) 217 return CRYPTO_malloc(num, file, line); 218 219 if (num == 0) { 220 CRYPTO_free(str, file, line); 221 return NULL; 222 } 223 224 FAILTEST(); 225 return realloc(str, num); 226 } 227 228 void *CRYPTO_clear_realloc(void *str, size_t old_len, size_t num, 229 const char *file, int line) 230 { 231 void *ret = NULL; 232 233 if (str == NULL) 234 return CRYPTO_malloc(num, file, line); 235 236 if (num == 0) { 237 CRYPTO_clear_free(str, old_len, file, line); 238 return NULL; 239 } 240 241 /* Can't shrink the buffer since memcpy below copies |old_len| bytes. */ 242 if (num < old_len) { 243 OPENSSL_cleanse((char*)str + num, old_len - num); 244 return str; 245 } 246 247 ret = CRYPTO_malloc(num, file, line); 248 if (ret != NULL) { 249 memcpy(ret, str, old_len); 250 CRYPTO_clear_free(str, old_len, file, line); 251 } 252 return ret; 253 } 254 255 void CRYPTO_free(void *str, const char *file, int line) 256 { 257 INCREMENT(free_count); 258 if (free_impl != CRYPTO_free) { 259 free_impl(str, file, line); 260 return; 261 } 262 263 free(str); 264 } 265 266 void CRYPTO_clear_free(void *str, size_t num, const char *file, int line) 267 { 268 if (str == NULL) 269 return; 270 if (num) 271 OPENSSL_cleanse(str, num); 272 CRYPTO_free(str, file, line); 273 } 274 275 #if !defined(OPENSSL_NO_CRYPTO_MDEBUG) 276 277 # ifndef OPENSSL_NO_DEPRECATED_3_0 278 int CRYPTO_mem_ctrl(int mode) 279 { 280 (void)mode; 281 return -1; 282 } 283 284 int CRYPTO_set_mem_debug(int flag) 285 { 286 (void)flag; 287 return -1; 288 } 289 290 int CRYPTO_mem_debug_push(const char *info, const char *file, int line) 291 { 292 (void)info; (void)file; (void)line; 293 return 0; 294 } 295 296 int CRYPTO_mem_debug_pop(void) 297 { 298 return 0; 299 } 300 301 void CRYPTO_mem_debug_malloc(void *addr, size_t num, int flag, 302 const char *file, int line) 303 { 304 (void)addr; (void)num; (void)flag; (void)file; (void)line; 305 } 306 307 void CRYPTO_mem_debug_realloc(void *addr1, void *addr2, size_t num, int flag, 308 const char *file, int line) 309 { 310 (void)addr1; (void)addr2; (void)num; (void)flag; (void)file; (void)line; 311 } 312 313 void CRYPTO_mem_debug_free(void *addr, int flag, 314 const char *file, int line) 315 { 316 (void)addr; (void)flag; (void)file; (void)line; 317 } 318 319 int CRYPTO_mem_leaks(BIO *b) 320 { 321 (void)b; 322 return -1; 323 } 324 325 # ifndef OPENSSL_NO_STDIO 326 int CRYPTO_mem_leaks_fp(FILE *fp) 327 { 328 (void)fp; 329 return -1; 330 } 331 # endif 332 333 int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u), 334 void *u) 335 { 336 (void)cb; (void)u; 337 return -1; 338 } 339 340 # endif 341 342 #endif 343