Remove locking in CRYPTO_secure_allocated()

The check for being in secure memory is against the arena.  The arena is only
ever modified by sh_init() and sh_done() and in both cases, it is done without
locking.  Thus, it is safe for the CRYPTO_secure_allocated() to not lock.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14775)

diff --git a/crypto/mem_sec.c b/crypto/mem_sec.c
index 276c1165c103ef0089e92519ef0b830e5d367f88..86ff41bf877d354d0921f7f65443fc352b0bb227 100644 (file)
--- a/crypto/mem_sec.c
+++ b/crypto/mem_sec.c
@@ -208,15 +208,14 @@ void CRYPTO_secure_clear_free(void *ptr, size_t num,
 int CRYPTO_secure_allocated(const void *ptr)
 {
 #ifndef OPENSSL_NO_SECURE_MEMORY
-    int ret;
-
     if (!secure_mem_initialized)
         return 0;
-    if (!CRYPTO_THREAD_read_lock(sec_malloc_lock))
-        return 0;
-    ret = sh_allocated(ptr);
-    CRYPTO_THREAD_unlock(sec_malloc_lock);
-    return ret;
+    /*
+     * Only read accesses to the arena take place in sh_allocated() and this
+     * is only changed by the sh_init() and sh_done() calls which are not
+     * locked.  Hence, it is safe to make this check without a lock too.
+     */
+    return sh_allocated(ptr);
 #else
     return 0;
 #endif /* OPENSSL_NO_SECURE_MEMORY */