From 05c7b1631b4f6884b9ef5f0943a3d16d36383f52 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Wed, 17 Feb 2016 02:24:25 +0100 Subject: [PATCH] Implement the use of heap manipulator implementions - Make use of the functions given through CRYPTO_set_mem_functions(). - CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_secure_free() now receive __FILE__ and __LINE__. - The API for CRYPTO_set_mem_functions() and CRYPTO_get_mem_functions() is slightly changed, the implementation for free() now takes a couple of extra arguments, taking __FILE__ and __LINE__. - The CRYPTO_ memory functions will *always* receive __FILE__ and __LINE__ from the corresponding OPENSSL_ macros, regardless of if crypto-mdebug has been enabled or not. The reason is that if someone swaps out the malloc(), realloc() and free() implementations, we can't know if they will use them or not. Reviewed-by: Rich Salz --- crypto/mem.c | 65 +++++++++++++++++----------------- crypto/mem_dbg.c | 3 +- crypto/mem_sec.c | 4 +-- include/openssl/crypto.h | 75 ++++++++++++---------------------------- ssl/t1_enc.c | 4 +-- 5 files changed, 60 insertions(+), 91 deletions(-) diff --git a/crypto/mem.c b/crypto/mem.c index 1e34904dab..46f00176ab 100644 --- a/crypto/mem.c +++ b/crypto/mem.c @@ -66,11 +66,11 @@ */ static int allow_customize = 1; -static void *(*malloc_wrapper)(size_t, const char *, int) +static void *(*malloc_impl)(size_t, const char *, int) = CRYPTO_malloc; -static void *(*realloc_wrapper)(void *, size_t, const char *, int) +static void *(*realloc_impl)(void *, size_t, const char *, int) = CRYPTO_realloc; -static void (*free_wrapper)(void *) +static void (*free_impl)(void *, const char *, int) = CRYPTO_free; #ifndef OPENSSL_NO_CRYPTO_MDEBUG @@ -82,16 +82,16 @@ static int call_malloc_debug = 0; int CRYPTO_set_mem_functions( void *(*m)(size_t, const char *, int), void *(*r)(void *, size_t, const char *, int), - void (*f)(void *)) + void (*f)(void *, const char *, int)) { if (!allow_customize) return 0; if (m) - malloc_wrapper = m; + malloc_impl = m; if (r) - realloc_wrapper = r; + realloc_impl = r; if (f) - free_wrapper = f; + free_impl = f; return 1; } @@ -106,20 +106,23 @@ int CRYPTO_set_mem_debug(int flag) void CRYPTO_get_mem_functions( void *(**m)(size_t, const char *, int), void *(**r)(void *, size_t, const char *, int), - void (**f)(void *)) + void (**f)(void *, const char *, int)) { if (m != NULL) - *m = malloc_wrapper; + *m = malloc_impl; if (r != NULL) - *r = realloc_wrapper; + *r = realloc_impl; if (f != NULL) - *f = free_wrapper; + *f = free_impl; } void *CRYPTO_malloc(size_t num, const char *file, int line) { void *ret = NULL; + if (malloc_impl != NULL && malloc_impl != CRYPTO_malloc) + return malloc_impl(num, file, line); + if (num <= 0) return NULL; @@ -164,11 +167,14 @@ void *CRYPTO_zalloc(size_t num, const char *file, int line) void *CRYPTO_realloc(void *str, size_t num, const char *file, int line) { + if (realloc_impl != NULL && realloc_impl != &CRYPTO_realloc) + return realloc_impl(str, num, file, line); + if (str == NULL) return CRYPTO_malloc(num, file, line); if (num == 0) { - CRYPTO_free(str); + CRYPTO_free(str, file, line); return NULL; } @@ -198,7 +204,7 @@ void *CRYPTO_clear_realloc(void *str, size_t old_len, size_t num, return CRYPTO_malloc(num, file, line); if (num == 0) { - CRYPTO_clear_free(str, old_len); + CRYPTO_clear_free(str, old_len, file, line); return NULL; } @@ -208,35 +214,26 @@ void *CRYPTO_clear_realloc(void *str, size_t old_len, size_t num, return str; } - /* Allocate new memory. Call malloc and do a copy, so that we can - * cleanse the old buffer. */ -#ifndef OPENSSL_NO_CRYPTO_MDEBUG - if (call_malloc_debug) { - CRYPTO_mem_debug_realloc(str, NULL, num, 0, file, line); - ret = malloc(num); - CRYPTO_mem_debug_realloc(str, ret, num, 1, file, line); - } else { - ret = malloc(num); - } -#else - (void)file; - (void)line; - ret = malloc(num); -#endif + ret = CRYPTO_malloc(num, file, line); if (ret) memcpy(ret, str, old_len); - CRYPTO_clear_free(str, old_len); + CRYPTO_clear_free(str, old_len, file, line); return ret; } -void CRYPTO_free(void *str) +void CRYPTO_free(void *str, const char *file, int line) { + if (free_impl != NULL && free_impl != &CRYPTO_free) { + free_impl(str, file, line); + return; + } + #ifndef OPENSSL_NO_CRYPTO_MDEBUG if (call_malloc_debug) { - CRYPTO_mem_debug_free(str, 0); + CRYPTO_mem_debug_free(str, 0, file, line); free(str); - CRYPTO_mem_debug_free(str, 1); + CRYPTO_mem_debug_free(str, 1, file, line); } else { free(str); } @@ -245,11 +242,11 @@ void CRYPTO_free(void *str) #endif } -void CRYPTO_clear_free(void *str, size_t num) +void CRYPTO_clear_free(void *str, size_t num, const char *file, int line) { if (str == NULL) return; if (num) OPENSSL_cleanse(str, num); - CRYPTO_free(str); + CRYPTO_free(str, file, line); } diff --git a/crypto/mem_dbg.c b/crypto/mem_dbg.c index b905fabfa1..f2a1fd837a 100644 --- a/crypto/mem_dbg.c +++ b/crypto/mem_dbg.c @@ -474,7 +474,8 @@ void CRYPTO_mem_debug_malloc(void *addr, size_t num, int before_p, return; } -void CRYPTO_mem_debug_free(void *addr, int before_p) +void CRYPTO_mem_debug_free(void *addr, int before_p, + const char *file, int line) { MEM m, *mp; diff --git a/crypto/mem_sec.c b/crypto/mem_sec.c index 196c2457ad..be3bb9a62b 100644 --- a/crypto/mem_sec.c +++ b/crypto/mem_sec.c @@ -120,7 +120,7 @@ void *CRYPTO_secure_zalloc(size_t num, const char *file, int line) return ret; } -void CRYPTO_secure_free(void *ptr) +void CRYPTO_secure_free(void *ptr, const char *file, int line) { #ifdef IMPLEMENTED size_t actual_size; @@ -128,7 +128,7 @@ void CRYPTO_secure_free(void *ptr) if (ptr == NULL) return; if (!secure_mem_initialized) { - CRYPTO_free(ptr); + CRYPTO_free(ptr, file, line); return; } LOCK(); diff --git a/include/openssl/crypto.h b/include/openssl/crypto.h index 7191915743..0a88b66d8b 100644 --- a/include/openssl/crypto.h +++ b/include/openssl/crypto.h @@ -292,63 +292,33 @@ DEFINE_STACK_OF(void) int CRYPTO_mem_ctrl(int mode); -# ifndef OPENSSL_NO_CRYPTO_MDEBUG -# define OPENSSL_malloc(num) \ +# define OPENSSL_malloc(num) \ CRYPTO_malloc(num, __FILE__, __LINE__) -# define OPENSSL_zalloc(num) \ +# define OPENSSL_zalloc(num) \ CRYPTO_zalloc(num, __FILE__, __LINE__) -# define OPENSSL_realloc(addr, num) \ +# define OPENSSL_realloc(addr, num) \ CRYPTO_realloc(addr, num, __FILE__, __LINE__) -# define OPENSSL_clear_realloc(addr, old_num, num) \ +# define OPENSSL_clear_realloc(addr, old_num, num) \ CRYPTO_clear_realloc(addr, old_num, num, __FILE__, __LINE__) -# define OPENSSL_clear_free(addr, num) \ - CRYPTO_clear_free(addr, num) -# define OPENSSL_free(addr) \ - CRYPTO_free(addr) -# define OPENSSL_memdup(str, s) \ +# define OPENSSL_clear_free(addr, num) \ + CRYPTO_clear_free(addr, num, __FILE__, __LINE__) +# define OPENSSL_free(addr) \ + CRYPTO_free(addr, __FILE__, __LINE__) +# define OPENSSL_memdup(str, s) \ CRYPTO_memdup((str), s, __FILE__, __LINE__) -# define OPENSSL_strdup(str) \ +# define OPENSSL_strdup(str) \ CRYPTO_strdup(str, __FILE__, __LINE__) -# define OPENSSL_strndup(str, n) \ +# define OPENSSL_strndup(str, n) \ CRYPTO_strndup(str, n, __FILE__, __LINE__) -# define OPENSSL_secure_malloc(num) \ +# define OPENSSL_secure_malloc(num) \ CRYPTO_secure_malloc(num, __FILE__, __LINE__) -# define OPENSSL_secure_zalloc(num) \ +# define OPENSSL_secure_zalloc(num) \ CRYPTO_secure_zalloc(num, __FILE__, __LINE__) -# define OPENSSL_secure_free(addr) \ - CRYPTO_secure_free(addr) -# define OPENSSL_secure_actual_size(ptr) \ - CRYPTO_secure_actual_size(ptr) -# else -# define OPENSSL_malloc(num) \ - CRYPTO_malloc(num, NULL, 0) -# define OPENSSL_zalloc(num) \ - CRYPTO_zalloc(num, NULL, 0) -# define OPENSSL_realloc(addr, num) \ - CRYPTO_realloc(addr, num, NULL, 0) -# define OPENSSL_clear_realloc(addr, old_num, num) \ - CRYPTO_clear_realloc(addr, old_num, num, NULL, 0) -# define OPENSSL_clear_free(addr, num) \ - CRYPTO_clear_free(addr, num) -# define OPENSSL_free(addr) \ - CRYPTO_free(addr) -# define OPENSSL_memdup(str, s) \ - CRYPTO_memdup(str, s, NULL, 0) -# define OPENSSL_strdup(str) \ - CRYPTO_strdup(str, NULL, 0) -# define OPENSSL_strndup(str, s) \ - CRYPTO_strndup(str, s, NULL, 0) -# define OPENSSL_secure_malloc(num) \ - CRYPTO_secure_malloc(num, NULL, 0) -# define OPENSSL_secure_zalloc(num) \ - CRYPTO_secure_zalloc(num, NULL, 0) -# define OPENSSL_secure_free(addr) \ - CRYPTO_secure_free(addr) -# define OPENSSL_secure_actual_size(ptr) \ +# define OPENSSL_secure_free(addr) \ + CRYPTO_secure_free(addr, __FILE__, __LINE__) +# define OPENSSL_secure_actual_size(ptr) \ CRYPTO_secure_actual_size(ptr) -# endif - size_t OPENSSL_strlcpy(char *dst, const char *src, size_t siz); size_t OPENSSL_strlcat(char *dst, const char *src, size_t siz); size_t OPENSSL_strnlen(const char *str, size_t maxlen); @@ -463,20 +433,20 @@ void (*CRYPTO_get_dynlock_destroy_callback(void)) (struct CRYPTO_dynlock_value int CRYPTO_set_mem_functions( void *(*m) (size_t, const char *, int), void *(*r) (void *, size_t, const char *, int), - void (*f) (void *)); + void (*f) (void *, const char *, int)); int CRYPTO_set_mem_debug(int flag); void CRYPTO_get_mem_functions( void *(**m) (size_t, const char *, int), void *(**r) (void *, size_t, const char *, int), - void (**f) (void *)); + void (**f) (void *, const char *, int)); void *CRYPTO_malloc(size_t num, const char *file, int line); void *CRYPTO_zalloc(size_t num, const char *file, int line); void *CRYPTO_memdup(const void *str, size_t siz, const char *file, int line); char *CRYPTO_strdup(const char *str, const char *file, int line); char *CRYPTO_strndup(const char *str, size_t s, const char *file, int line); -void CRYPTO_free(void *ptr); -void CRYPTO_clear_free(void *ptr, size_t num); +void CRYPTO_free(void *ptr, const char *file, int line); +void CRYPTO_clear_free(void *ptr, size_t num, const char *file, int line); void *CRYPTO_realloc(void *addr, size_t num, const char *file, int line); void *CRYPTO_clear_realloc(void *addr, size_t old_num, size_t num, const char *file, int line); @@ -485,7 +455,7 @@ int CRYPTO_secure_malloc_init(size_t sz, int minsize); void CRYPTO_secure_malloc_done(void); void *CRYPTO_secure_malloc(size_t num, const char *file, int line); void *CRYPTO_secure_zalloc(size_t num, const char *file, int line); -void CRYPTO_secure_free(void *ptr); +void CRYPTO_secure_free(void *ptr, const char *file, int line); int CRYPTO_secure_allocated(const void *ptr); int CRYPTO_secure_malloc_initialized(void); size_t CRYPTO_secure_actual_size(void *ptr); @@ -511,7 +481,8 @@ void CRYPTO_mem_debug_malloc(void *addr, size_t num, int flag, const char *file, int line); void CRYPTO_mem_debug_realloc(void *addr1, void *addr2, size_t num, int flag, const char *file, int line); -void CRYPTO_mem_debug_free(void *addr, int flag); +void CRYPTO_mem_debug_free(void *addr, int flag, + const char *file, int line); # ifndef OPENSSL_NO_STDIO int CRYPTO_mem_leaks_fp(FILE *); diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index f3593f12f6..804803aadc 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -728,8 +728,8 @@ int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen, SSLerr(SSL_F_TLS1_EXPORT_KEYING_MATERIAL, ERR_R_MALLOC_FAILURE); rv = 0; ret: - CRYPTO_clear_free(val, vallen); - CRYPTO_clear_free(buff, olen); + OPENSSL_clear_free(val, vallen); + OPENSSL_clear_free(buff, olen); return (rv); } -- 2.34.1