X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fmem.c;h=6635167228da1c9eb4ee6be3b4a147a1c3bc2af4;hp=effec714e8223cdf8a087d47332cc9e1f317895c;hb=80c808b90b79356c37ac41ee9bf748d39b4e53e3;hpb=b93642c5ccf3274e505080768f9ac199b036cc1d

diff --git a/crypto/mem.c b/crypto/mem.c
index effec714e8..6635167228 100644
--- a/crypto/mem.c
+++ b/crypto/mem.c
@@ -250,6 +250,9 @@ void CRYPTO_get_mem_debug_functions(void (**m)(void *,int,const char *,int,int),
 void *CRYPTO_malloc_locked(int num, const char *file, int line)
 	{
 	void *ret = NULL;
+	extern unsigned char cleanse_ctr;
+
+	if (num <= 0) return NULL;
 
 	allow_customize = 0;
 	if (malloc_debug_func != NULL)
@@ -264,6 +267,12 @@ void *CRYPTO_malloc_locked(int num, const char *file, int line)
 	if (malloc_debug_func != NULL)
 		malloc_debug_func(ret, num, file, line, 1);
 
+        /* Create a dependency on the value of 'cleanse_ctr' so our memory
+         * sanitisation function can't be optimised out. NB: We only do
+         * this for >2Kb so the overhead doesn't bother us. */
+        if(ret && (num > 2048))
+		((unsigned char *)ret)[0] = cleanse_ctr;
+
 	return ret;
 	}
 
@@ -282,6 +291,9 @@ void CRYPTO_free_locked(void *str)
 void *CRYPTO_malloc(int num, const char *file, int line)
 	{
 	void *ret = NULL;
+	extern unsigned char cleanse_ctr;
+
+	if (num <= 0) return NULL;
 
 	allow_customize = 0;
 	if (malloc_debug_func != NULL)
@@ -296,6 +308,12 @@ void *CRYPTO_malloc(int num, const char *file, int line)
 	if (malloc_debug_func != NULL)
 		malloc_debug_func(ret, num, file, line, 1);
 
+        /* Create a dependency on the value of 'cleanse_ctr' so our memory
+         * sanitisation function can't be optimised out. NB: We only do
+         * this for >2Kb so the overhead doesn't bother us. */
+        if(ret && (num > 2048))
+                ((unsigned char *)ret)[0] = cleanse_ctr;
+
 	return ret;
 	}
 
@@ -303,6 +321,11 @@ void *CRYPTO_realloc(void *str, int num, const char *file, int line)
 	{
 	void *ret = NULL;
 
+	if (str == NULL)
+		return CRYPTO_malloc(num, file, line);
+
+	if (num <= 0) return NULL;
+
 	if (realloc_debug_func != NULL)
 		realloc_debug_func(str, NULL, num, file, line, 0);
 	ret = realloc_ex_func(str,num,file,line);
@@ -315,6 +338,36 @@ void *CRYPTO_realloc(void *str, int num, const char *file, int line)
 	return ret;
 	}
 
+void *CRYPTO_realloc_clean(void *str, int old_len, int num, const char *file,
+			   int line)
+	{
+	void *ret = NULL;
+
+	if (str == NULL)
+		return CRYPTO_malloc(num, file, line);
+
+	if (num <= 0) return NULL;
+
+	if (realloc_debug_func != NULL)
+		realloc_debug_func(str, NULL, num, file, line, 0);
+	ret=malloc_ex_func(num,file,line);
+	if(ret)
+		{
+		memcpy(ret,str,old_len);
+		OPENSSL_cleanse(str,old_len);
+		free_func(str);
+		}
+#ifdef LEVITTE_DEBUG_MEM
+	fprintf(stderr,
+		"LEVITTE_DEBUG_MEM:         | 0x%p -> 0x%p (%d)\n",
+		str, ret, num);
+#endif
+	if (realloc_debug_func != NULL)
+		realloc_debug_func(str, ret, num, file, line, 1);
+
+	return ret;
+	}
+
 void CRYPTO_free(void *str)
 	{
 	if (free_debug_func != NULL)
@@ -334,7 +387,6 @@ void *CRYPTO_remalloc(void *a, int num, const char *file, int line)
 	return(a);
 	}
 
-
 void CRYPTO_set_mem_debug_options(long bits)
 	{
 	if (set_debug_options_func != NULL)