X-Git-Url: https://git.openssl.org/gitweb/?a=blobdiff_plain;f=crypto%2Fmem.c;h=f7984fa958eb1edd6c61f6667f3f2b29753be662;hb=1da5d3029e15a398d1a2d7c79daf0eb341887c42;hp=03d2569bced7c0c0980551e02802f66deb7c4d54;hpb=54a656ef081f72a740c550ebd8099b40b8b5cde0;p=openssl.git

diff --git a/crypto/mem.c b/crypto/mem.c
index 03d2569bce..f7984fa958 100644
--- a/crypto/mem.c
+++ b/crypto/mem.c
@@ -121,10 +121,11 @@ static void (*set_debug_options_func)(long) = NULL;
 static long (*get_debug_options_func)(void) = NULL;
 #endif
 
-
 int CRYPTO_set_mem_functions(void *(*m)(size_t), void *(*r)(void *, size_t),
 	void (*f)(void *))
 	{
+	/* Dummy call just to ensure OPENSSL_init() gets linked in */
+	OPENSSL_init();
 	if (!allow_customize)
 		return 0;
 	if ((m == 0) || (r == 0) || (f == 0))
@@ -251,6 +252,8 @@ void *CRYPTO_malloc_locked(int num, const char *file, int line)
 	{
 	void *ret = NULL;
 
+	if (num <= 0) return NULL;
+
 	allow_customize = 0;
 	if (malloc_debug_func != NULL)
 		{
@@ -264,6 +267,16 @@ void *CRYPTO_malloc_locked(int num, const char *file, int line)
 	if (malloc_debug_func != NULL)
 		malloc_debug_func(ret, num, file, line, 1);
 
+#ifndef OPENSSL_CPUID_OBJ
+        /* Create a dependency on the value of 'cleanse_ctr' so our memory
+         * sanitisation function can't be optimised out. NB: We only do
+         * this for >2Kb so the overhead doesn't bother us. */
+        if(ret && (num > 2048))
+	{	extern unsigned char cleanse_ctr;
+		((unsigned char *)ret)[0] = cleanse_ctr;
+	}
+#endif
+
 	return ret;
 	}
 
@@ -283,6 +296,8 @@ void *CRYPTO_malloc(int num, const char *file, int line)
 	{
 	void *ret = NULL;
 
+	if (num <= 0) return NULL;
+
 	allow_customize = 0;
 	if (malloc_debug_func != NULL)
 		{
@@ -296,6 +311,23 @@ void *CRYPTO_malloc(int num, const char *file, int line)
 	if (malloc_debug_func != NULL)
 		malloc_debug_func(ret, num, file, line, 1);
 
+#ifndef OPENSSL_CPUID_OBJ
+        /* Create a dependency on the value of 'cleanse_ctr' so our memory
+         * sanitisation function can't be optimised out. NB: We only do
+         * this for >2Kb so the overhead doesn't bother us. */
+        if(ret && (num > 2048))
+	{	extern unsigned char cleanse_ctr;
+                ((unsigned char *)ret)[0] = cleanse_ctr;
+	}
+#endif
+
+	return ret;
+	}
+char *CRYPTO_strdup(const char *str, const char *file, int line)
+	{
+	char *ret = CRYPTO_malloc(strlen(str)+1, file, line);
+
+	strcpy(ret, str);
 	return ret;
 	}
 
@@ -305,6 +337,9 @@ void *CRYPTO_realloc(void *str, int num, const char *file, int line)
 
 	if (str == NULL)
 		return CRYPTO_malloc(num, file, line);
+
+	if (num <= 0) return NULL;
+
 	if (realloc_debug_func != NULL)
 		realloc_debug_func(str, NULL, num, file, line, 0);
 	ret = realloc_ex_func(str,num,file,line);
@@ -324,15 +359,26 @@ void *CRYPTO_realloc_clean(void *str, int old_len, int num, const char *file,
 
 	if (str == NULL)
 		return CRYPTO_malloc(num, file, line);
+
+	if (num <= 0) return NULL;
+
+	/* We don't support shrinking the buffer. Note the memcpy that copies
+	 * |old_len| bytes to the new buffer, below. */
+	if (num < old_len) return NULL;
+
 	if (realloc_debug_func != NULL)
 		realloc_debug_func(str, NULL, num, file, line, 0);
 	ret=malloc_ex_func(num,file,line);
 	if(ret)
+		{
 		memcpy(ret,str,old_len);
-	memset(str,'\0',old_len);
-	free_func(str);
+		OPENSSL_cleanse(str,old_len);
+		free_func(str);
+		}
 #ifdef LEVITTE_DEBUG_MEM
-	fprintf(stderr, "LEVITTE_DEBUG_MEM:         | 0x%p -> 0x%p (%d)\n", str, ret, num);
+	fprintf(stderr,
+		"LEVITTE_DEBUG_MEM:         | 0x%p -> 0x%p (%d)\n",
+		str, ret, num);
 #endif
 	if (realloc_debug_func != NULL)
 		realloc_debug_func(str, ret, num, file, line, 1);