X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fmem.c;h=2ce3e894877df151a93743d138dd7dffbd5c65be;hp=9693842ec338076e9c10f45bed0504c9c30c8c55;hb=e48e86232e20cb3352e83c36555f1ab748605ee5;hpb=3dff94c2e4f48a1f222aba613d2cee2911ea9c3f diff --git a/crypto/mem.c b/crypto/mem.c index 9693842ec3..2ce3e89487 100644 --- a/crypto/mem.c +++ b/crypto/mem.c @@ -5,21 +5,21 @@ * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). * The implementation was written so as to conform with Netscapes SSL. - * + * * This library is free for commercial and non-commercial use as long as * the following conditions are aheared to. The following conditions * apply to all code found in this distribution, be it the RC4, RSA, * lhash, DES, etc., code; not just the SSL code. The SSL documentation * included with this distribution is covered by the same copyright terms * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * + * * Copyright remains Eric Young's, and as such any Copyright notices in * the code are not to be removed. * If this package is used in a product, Eric Young should be given attribution * as the author of the parts of the library used. * This can be in the form of a textual message at program startup or * in documentation (online or textual) provided with the package. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -34,10 +34,10 @@ * Eric Young (eay@cryptsoft.com)" * The word 'cryptographic' can be left out if the rouines from the library * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from + * 4. If you include any Windows specific code (or a derivative thereof) from * the apps directory (application code) you must include an acknowledgement: * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * + * * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -49,7 +49,7 @@ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * + * * The licence and distribution terms for any publically available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence @@ -58,350 +58,406 @@ #include #include -#ifdef CRYPTO_MDEBUG_TIME -# include -#endif -#include -#include -#include +#include #include "cryptlib.h" -/* #ifdef CRYPTO_MDEBUG */ -/* static int mh_mode=CRYPTO_MEM_CHECK_ON; */ -/* #else */ -static int mh_mode=CRYPTO_MEM_CHECK_OFF; -/* #endif */ -/* State CRYPTO_MEM_CHECK_ON exists only temporarily when the library - * thinks that certain allocations should not be checked (e.g. the data - * structures used for memory checking). It is not suitable as an initial - * state: the library will unexpectedly enable memory checking when it - * executes one of those sections that want to disable checking - * temporarily. - * - * State CRYPTO_MEM_CHECK_ENABLE without ..._ON makes no sense whatsoever. - */ +static int allow_customize = 1; /* we provide flexible functions for */ +static int allow_customize_debug = 1; /* exchanging memory-related functions + * at run-time, but this must be done + * before any blocks are actually + * allocated; or we'll run into huge + * problems when malloc/free pairs + * don't match etc. */ -static unsigned long order=0; +/* + * the following pointers may be changed as long as 'allow_customize' is set + */ -static LHASH *mh=NULL; +static void *(*malloc_func) (size_t) = malloc; +static void *default_malloc_ex(size_t num, const char *file, int line) +{ + return malloc_func(num); +} + +static void *(*malloc_ex_func) (size_t, const char *file, int line) + = default_malloc_ex; + +static void *(*realloc_func) (void *, size_t) = realloc; +static void *default_realloc_ex(void *str, size_t num, + const char *file, int line) +{ + return realloc_func(str, num); +} + +static void *(*realloc_ex_func) (void *, size_t, const char *file, int line) + = default_realloc_ex; + +static void (*free_func) (void *) = free; + +static void *(*malloc_locked_func) (size_t) = malloc; +static void *default_malloc_locked_ex(size_t num, const char *file, int line) +{ + return malloc_locked_func(num); +} + +static void *(*malloc_locked_ex_func) (size_t, const char *file, int line) + = default_malloc_locked_ex; + +static void (*free_locked_func) (void *) = free; + +/* may be changed as long as 'allow_customize_debug' is set */ +/* XXX use correct function pointer types */ +#ifdef CRYPTO_MDEBUG +/* use default functions from mem_dbg.c */ +static void (*malloc_debug_func) (void *, int, const char *, int, int) + = CRYPTO_dbg_malloc; +static void (*realloc_debug_func) (void *, void *, int, const char *, int, + int) + = CRYPTO_dbg_realloc; +static void (*free_debug_func) (void *, int) = CRYPTO_dbg_free; +static void (*set_debug_options_func) (long) = CRYPTO_dbg_set_options; +static long (*get_debug_options_func) (void) = CRYPTO_dbg_get_options; +#else +/* + * applications can use CRYPTO_malloc_debug_init() to select above case at + * run-time + */ +static void (*malloc_debug_func) (void *, int, const char *, int, int) = NULL; +static void (*realloc_debug_func) (void *, void *, int, const char *, int, + int) + = NULL; +static void (*free_debug_func) (void *, int) = NULL; +static void (*set_debug_options_func) (long) = NULL; +static long (*get_debug_options_func) (void) = NULL; +#endif -typedef struct mem_st - { - char *addr; - int num; - const char *file; - int line; - unsigned long order; -#ifdef CRYPTO_MDEBUG_TIME - time_t time; +int CRYPTO_set_mem_functions(void *(*m) (size_t), void *(*r) (void *, size_t), + void (*f) (void *)) +{ + /* Dummy call just to ensure OPENSSL_init() gets linked in */ + OPENSSL_init(); + if (!allow_customize) + return 0; + if ((m == 0) || (r == 0) || (f == 0)) + return 0; + malloc_func = m; + malloc_ex_func = default_malloc_ex; + realloc_func = r; + realloc_ex_func = default_realloc_ex; + free_func = f; + malloc_locked_func = m; + malloc_locked_ex_func = default_malloc_locked_ex; + free_locked_func = f; + return 1; +} + +int CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const char *, int), + void *(*r) (void *, size_t, const char *, + int), void (*f) (void *)) +{ + if (!allow_customize) + return 0; + if ((m == 0) || (r == 0) || (f == 0)) + return 0; + malloc_func = 0; + malloc_ex_func = m; + realloc_func = 0; + realloc_ex_func = r; + free_func = f; + malloc_locked_func = 0; + malloc_locked_ex_func = m; + free_locked_func = f; + return 1; +} + +int CRYPTO_set_locked_mem_functions(void *(*m) (size_t), void (*f) (void *)) +{ + if (!allow_customize) + return 0; + if ((m == NULL) || (f == NULL)) + return 0; + malloc_locked_func = m; + malloc_locked_ex_func = default_malloc_locked_ex; + free_locked_func = f; + return 1; +} + +int CRYPTO_set_locked_mem_ex_functions(void *(*m) (size_t, const char *, int), + void (*f) (void *)) +{ + if (!allow_customize) + return 0; + if ((m == NULL) || (f == NULL)) + return 0; + malloc_locked_func = 0; + malloc_locked_ex_func = m; + free_func = f; + return 1; +} + +int CRYPTO_set_mem_debug_functions(void (*m) + (void *, int, const char *, int, int), + void (*r) (void *, void *, int, + const char *, int, int), + void (*f) (void *, int), void (*so) (long), + long (*go) (void)) +{ + if (!allow_customize_debug) + return 0; + OPENSSL_init(); + malloc_debug_func = m; + realloc_debug_func = r; + free_debug_func = f; + set_debug_options_func = so; + get_debug_options_func = go; + return 1; +} + +void CRYPTO_get_mem_functions(void *(**m) (size_t), + void *(**r) (void *, size_t), + void (**f) (void *)) +{ + if (m != NULL) + *m = (malloc_ex_func == default_malloc_ex) ? malloc_func : 0; + if (r != NULL) + *r = (realloc_ex_func == default_realloc_ex) ? realloc_func : 0; + if (f != NULL) + *f = free_func; +} + +void CRYPTO_get_mem_ex_functions(void *(**m) (size_t, const char *, int), + void *(**r) (void *, size_t, const char *, + int), void (**f) (void *)) +{ + if (m != NULL) + *m = (malloc_ex_func != default_malloc_ex) ? malloc_ex_func : 0; + if (r != NULL) + *r = (realloc_ex_func != default_realloc_ex) ? realloc_ex_func : 0; + if (f != NULL) + *f = free_func; +} + +void CRYPTO_get_locked_mem_functions(void *(**m) (size_t), + void (**f) (void *)) +{ + if (m != NULL) + *m = (malloc_locked_ex_func == default_malloc_locked_ex) ? + malloc_locked_func : 0; + if (f != NULL) + *f = free_locked_func; +} + +void CRYPTO_get_locked_mem_ex_functions(void + *(**m) (size_t, const char *, int), + void (**f) (void *)) +{ + if (m != NULL) + *m = (malloc_locked_ex_func != default_malloc_locked_ex) ? + malloc_locked_ex_func : 0; + if (f != NULL) + *f = free_locked_func; +} + +void CRYPTO_get_mem_debug_functions(void (**m) + (void *, int, const char *, int, int), + void (**r) (void *, void *, int, + const char *, int, int), + void (**f) (void *, int), + void (**so) (long), long (**go) (void)) +{ + if (m != NULL) + *m = malloc_debug_func; + if (r != NULL) + *r = realloc_debug_func; + if (f != NULL) + *f = free_debug_func; + if (so != NULL) + *so = set_debug_options_func; + if (go != NULL) + *go = get_debug_options_func; +} + +void *CRYPTO_malloc_locked(int num, const char *file, int line) +{ + void *ret = NULL; + + if (num <= 0) + return NULL; + + if (allow_customize) + allow_customize = 0; + if (malloc_debug_func != NULL) { + if (allow_customize_debug) + allow_customize_debug = 0; + malloc_debug_func(NULL, num, file, line, 0); + } + ret = malloc_locked_ex_func(num, file, line); +#ifdef LEVITTE_DEBUG_MEM + fprintf(stderr, "LEVITTE_DEBUG_MEM: > 0x%p (%d)\n", ret, num); +#endif + if (malloc_debug_func != NULL) + malloc_debug_func(ret, num, file, line, 1); + +#ifndef OPENSSL_CPUID_OBJ + /* + * Create a dependency on the value of 'cleanse_ctr' so our memory + * sanitisation function can't be optimised out. NB: We only do this for + * >2Kb so the overhead doesn't bother us. + */ + if (ret && (num > 2048)) { + extern unsigned char cleanse_ctr; + ((unsigned char *)ret)[0] = cleanse_ctr; + } #endif - } MEM; - -int CRYPTO_mem_ctrl(int mode) - { - int ret=mh_mode; - - CRYPTO_w_lock(CRYPTO_LOCK_MALLOC); - switch (mode) - { - /* for applications: */ - case CRYPTO_MEM_CHECK_ON: /* aka MemCheck_start() */ - mh_mode = CRYPTO_MEM_CHECK_ON|CRYPTO_MEM_CHECK_ENABLE; - break; - case CRYPTO_MEM_CHECK_OFF: /* aka MemCheck_stop() */ - mh_mode = 0; - break; - - /* switch off temporarily (for library-internal use): */ - case CRYPTO_MEM_CHECK_DISABLE: /* aka MemCheck_off() */ - mh_mode&= ~CRYPTO_MEM_CHECK_ENABLE; - break; - case CRYPTO_MEM_CHECK_ENABLE: /* aka MemCheck_on() */ - if (mh_mode&CRYPTO_MEM_CHECK_ON) - mh_mode|=CRYPTO_MEM_CHECK_ENABLE; - break; - - default: - break; - } - CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC); - return(ret); - } - -static int mem_cmp(MEM *a, MEM *b) - { - return(a->addr - b->addr); - } - -static unsigned long mem_hash(MEM *a) - { - unsigned long ret; - - ret=(unsigned long)a->addr; - - ret=ret*17851+(ret>>14)*7+(ret>>4)*251; - return(ret); - } - -static char *(*malloc_locked_func)()=(char *(*)())malloc; -static void (*free_locked_func)()=(void (*)())free; -static char *(*malloc_func)()= (char *(*)())malloc; -static char *(*realloc_func)()= (char *(*)())realloc; -static void (*free_func)()= (void (*)())free; - -void CRYPTO_set_mem_functions(char *(*m)(), char *(*r)(), void (*f)()) - { - if ((m == NULL) || (r == NULL) || (f == NULL)) return; - malloc_func=m; - realloc_func=r; - free_func=f; - malloc_locked_func=m; - free_locked_func=f; - } - -void CRYPTO_set_locked_mem_functions(char *(*m)(), void (*f)()) - { - if ((m == NULL) || (f == NULL)) return; - malloc_locked_func=m; - free_locked_func=f; - } - -void CRYPTO_get_mem_functions(char *(**m)(), char *(**r)(), void (**f)()) - { - if (m != NULL) *m=malloc_func; - if (r != NULL) *r=realloc_func; - if (f != NULL) *f=free_func; - } - -void CRYPTO_get_locked_mem_functions(char *(**m)(), void (**f)()) - { - if (m != NULL) *m=malloc_locked_func; - if (f != NULL) *f=free_locked_func; - } - -void *CRYPTO_malloc_locked(int num) - { - return(malloc_locked_func(num)); - } + + return ret; +} void CRYPTO_free_locked(void *str) - { - free_locked_func(str); - } +{ + if (free_debug_func != NULL) + free_debug_func(str, 0); +#ifdef LEVITTE_DEBUG_MEM + fprintf(stderr, "LEVITTE_DEBUG_MEM: < 0x%p\n", str); +#endif + free_locked_func(str); + if (free_debug_func != NULL) + free_debug_func(NULL, 1); +} + +void *CRYPTO_malloc(int num, const char *file, int line) +{ + void *ret = NULL; + + if (num <= 0) + return NULL; + + if (allow_customize) + allow_customize = 0; + if (malloc_debug_func != NULL) { + if (allow_customize_debug) + allow_customize_debug = 0; + malloc_debug_func(NULL, num, file, line, 0); + } + ret = malloc_ex_func(num, file, line); +#ifdef LEVITTE_DEBUG_MEM + fprintf(stderr, "LEVITTE_DEBUG_MEM: > 0x%p (%d)\n", ret, num); +#endif + if (malloc_debug_func != NULL) + malloc_debug_func(ret, num, file, line, 1); + +#ifndef OPENSSL_CPUID_OBJ + /* + * Create a dependency on the value of 'cleanse_ctr' so our memory + * sanitisation function can't be optimised out. NB: We only do this for + * >2Kb so the overhead doesn't bother us. + */ + if (ret && (num > 2048)) { + extern unsigned char cleanse_ctr; + ((unsigned char *)ret)[0] = cleanse_ctr; + } +#endif -void *CRYPTO_malloc(int num) - { - return(malloc_func(num)); - } + return ret; +} -void *CRYPTO_realloc(void *str, int num) - { - return(realloc_func(str,num)); - } +char *CRYPTO_strdup(const char *str, const char *file, int line) +{ + char *ret = CRYPTO_malloc(strlen(str) + 1, file, line); -void CRYPTO_free(void *str) - { - free_func(str); - } - -static unsigned long break_order_num=0; -void *CRYPTO_dbg_malloc(int num, const char *file, int line) - { - char *ret; - MEM *m,*mm; - - if ((ret=malloc_func(num)) == NULL) - return(NULL); - - if (mh_mode & CRYPTO_MEM_CHECK_ENABLE) - { - MemCheck_off(); - if ((m=(MEM *)Malloc(sizeof(MEM))) == NULL) - { - Free(ret); - MemCheck_on(); - return(NULL); - } - CRYPTO_w_lock(CRYPTO_LOCK_MALLOC); - if (mh == NULL) - { - if ((mh=lh_new(mem_hash,mem_cmp)) == NULL) - { - Free(ret); - Free(m); - ret=NULL; - goto err; - } - } - - m->addr=ret; - m->file=file; - m->line=line; - m->num=num; - if (order == break_order_num) - { - /* BREAK HERE */ - m->order=order; - } - m->order=order++; -#ifdef CRYPTO_MDEBUG_TIME - m->time=time(NULL); -#endif - if ((mm=(MEM *)lh_insert(mh,(char *)m)) != NULL) - { - /* Not good, but don't sweat it */ - Free(mm); - } -err: - CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC); - MemCheck_on(); - } - return(ret); - } - -void CRYPTO_dbg_free(void *addr) - { - MEM m,*mp; - - if ((mh_mode & CRYPTO_MEM_CHECK_ENABLE) && (mh != NULL)) - { - MemCheck_off(); - CRYPTO_w_lock(CRYPTO_LOCK_MALLOC); - m.addr=addr; - mp=(MEM *)lh_delete(mh,(char *)&m); - if (mp != NULL) - Free(mp); - CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC); - MemCheck_on(); - } - free_func(addr); - } - -void *CRYPTO_dbg_realloc(void *addr, int num, const char *file, int line) - { - char *ret; - MEM m,*mp; - - ret=realloc_func(addr,num); - if (ret == addr) return(ret); - - if (mh_mode & CRYPTO_MEM_CHECK_ENABLE) - { - MemCheck_off(); - if (ret == NULL) return(NULL); - m.addr=addr; - CRYPTO_w_lock(CRYPTO_LOCK_MALLOC); - mp=(MEM *)lh_delete(mh,(char *)&m); - if (mp != NULL) - { - mp->addr=ret; - lh_insert(mh,(char *)mp); - } - CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC); - MemCheck_on(); - } - return(ret); - } - -void *CRYPTO_remalloc(void *a, int n) - { - if (a != NULL) Free(a); - a=(char *)Malloc(n); - return(a); - } - -void *CRYPTO_dbg_remalloc(void *a, int n, const char *file, int line) - { - if (a != NULL) CRYPTO_dbg_free(a); - a=(char *)CRYPTO_dbg_malloc(n,file,line); - return(a); - } - - -typedef struct mem_leak_st - { - BIO *bio; - int chunks; - long bytes; - } MEM_LEAK; - -static void print_leak(MEM *m, MEM_LEAK *l) - { - char buf[128]; - - if(m->addr == (char *)l->bio) - return; -#ifdef CRYPTO_MDEBUG_TIME - { - struct tm *lcl = localtime(&m->time); - sprintf(buf,"[%02d:%02d:%02d] %5lu file=%s, line=%d, number=%d, address=%08lX\n", - lcl->tm_hour,lcl->tm_min,lcl->tm_sec, - m->order,m->file,m->line,m->num,(unsigned long)m->addr); - } -#else - sprintf(buf,"%5lu file=%s, line=%d, number=%d, address=%08lX\n", - m->order,m->file,m->line,m->num,(unsigned long)m->addr); -#endif - BIO_puts(l->bio,buf); - l->chunks++; - l->bytes+=m->num; - } - -void CRYPTO_mem_leaks(BIO *b) - { - MEM_LEAK ml; - char buf[80]; - - if (mh == NULL) return; - ml.bio=b; - ml.bytes=0; - ml.chunks=0; - CRYPTO_w_lock(CRYPTO_LOCK_MALLOC); - lh_doall_arg(mh,(void (*)())print_leak,(char *)&ml); - CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC); - if (ml.chunks != 0) - { - sprintf(buf,"%ld bytes leaked in %d chunks\n", - ml.bytes,ml.chunks); - BIO_puts(b,buf); - } - -#if 0 - lh_stats_bio(mh,b); - lh_node_stats_bio(mh,b); - lh_node_usage_stats_bio(mh,b); + strcpy(ret, str); + return ret; +} + +void *CRYPTO_realloc(void *str, int num, const char *file, int line) +{ + void *ret = NULL; + + if (str == NULL) + return CRYPTO_malloc(num, file, line); + + if (num <= 0) + return NULL; + + if (realloc_debug_func != NULL) + realloc_debug_func(str, NULL, num, file, line, 0); + ret = realloc_ex_func(str, num, file, line); +#ifdef LEVITTE_DEBUG_MEM + fprintf(stderr, "LEVITTE_DEBUG_MEM: | 0x%p -> 0x%p (%d)\n", str, + ret, num); #endif - } - -static void (*mem_cb)()=NULL; - -static void cb_leak(MEM *m, char *cb) - { - void (*mem_callback)()=(void (*)())cb; - mem_callback(m->order,m->file,m->line,m->num,m->addr); - } - -void CRYPTO_mem_leaks_cb(void (*cb)()) - { - if (mh == NULL) return; - CRYPTO_w_lock(CRYPTO_LOCK_MALLOC); - mem_cb=cb; - lh_doall_arg(mh,(void (*)())cb_leak,(char *)mem_cb); - mem_cb=NULL; - CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC); - } - -#ifndef NO_FP_API -void CRYPTO_mem_leaks_fp(FILE *fp) - { - BIO *b; - - if (mh == NULL) return; - if ((b=BIO_new(BIO_s_file())) == NULL) - return; - BIO_set_fp(b,fp,BIO_NOCLOSE); - CRYPTO_mem_leaks(b); - BIO_free(b); - } + if (realloc_debug_func != NULL) + realloc_debug_func(str, ret, num, file, line, 1); + + return ret; +} + +void *CRYPTO_realloc_clean(void *str, int old_len, int num, const char *file, + int line) +{ + void *ret = NULL; + + if (str == NULL) + return CRYPTO_malloc(num, file, line); + + if (num <= 0) + return NULL; + + /* + * We don't support shrinking the buffer. Note the memcpy that copies + * |old_len| bytes to the new buffer, below. + */ + if (num < old_len) + return NULL; + + if (realloc_debug_func != NULL) + realloc_debug_func(str, NULL, num, file, line, 0); + ret = malloc_ex_func(num, file, line); + if (ret) { + memcpy(ret, str, old_len); + OPENSSL_cleanse(str, old_len); + free_func(str); + } +#ifdef LEVITTE_DEBUG_MEM + fprintf(stderr, + "LEVITTE_DEBUG_MEM: | 0x%p -> 0x%p (%d)\n", + str, ret, num); #endif + if (realloc_debug_func != NULL) + realloc_debug_func(str, ret, num, file, line, 1); + return ret; +} + +void CRYPTO_free(void *str) +{ + if (free_debug_func != NULL) + free_debug_func(str, 0); +#ifdef LEVITTE_DEBUG_MEM + fprintf(stderr, "LEVITTE_DEBUG_MEM: < 0x%p\n", str); +#endif + free_func(str); + if (free_debug_func != NULL) + free_debug_func(NULL, 1); +} + +void *CRYPTO_remalloc(void *a, int num, const char *file, int line) +{ + if (a != NULL) + OPENSSL_free(a); + a = (char *)OPENSSL_malloc(num); + return (a); +} + +void CRYPTO_set_mem_debug_options(long bits) +{ + if (set_debug_options_func != NULL) + set_debug_options_func(bits); +} + +long CRYPTO_get_mem_debug_options(void) +{ + if (get_debug_options_func != NULL) + return get_debug_options_func(); + return 0; +}