To secure Win64 API I'm throwing in this minimalistic Win64 support.

[openssl.git] / crypto / mem_dbg.c

diff --git a/crypto/mem_dbg.c b/crypto/mem_dbg.c
index 9ed8184e45f9ec0064713c39b660b4bb6e53f645..8316485217ac48847f59ce5ce8a51ba86df2ff97 100644 (file)
--- a/crypto/mem_dbg.c
+++ b/crypto/mem_dbg.c
@@ -59,11 +59,11 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <time.h>      
+#include "cryptlib.h"
 #include <openssl/crypto.h>
 #include <openssl/buffer.h>
 #include <openssl/bio.h>
 #include <openssl/lhash.h>
-#include "cryptlib.h"
 
 static int mh_mode=CRYPTO_MEM_CHECK_OFF;
 /* The state changes to CRYPTO_MEM_CHECK_ON | CRYPTO_MEM_CHECK_ENABLE
@@ -81,7 +81,8 @@ static int mh_mode=CRYPTO_MEM_CHECK_OFF;
  */
 
 static unsigned long order = 0; /* number of memory requests */
-static LHASH *mh=NULL; /* hash-table of memory requests (address as key) */
+static LHASH *mh=NULL; /* hash-table of memory requests (address as key);
+                        * access requires MALLOC2 lock */
 
 
 typedef struct app_mem_info_st
@@ -101,9 +102,12 @@ typedef struct app_mem_info_st
        int references;
        } APP_INFO;
 
+static void app_info_free(APP_INFO *);
+
 static LHASH *amih=NULL; /* hash-table with those app_mem_info_st's
                           * that are at the top of their thread's stack
-                          * (with `thread' as key) */
+                          * (with `thread' as key);
+                          * access requires MALLOC2 lock */
 
 typedef struct mem_st
 /* memory-block description */
@@ -128,7 +132,27 @@ static long options =             /* extra information to be recorded */
        0;
 
 
-static unsigned long disabling_thread = 0;
+static unsigned int num_disable = 0; /* num_disable > 0
+                                      *     iff
+                                      * mh_mode == CRYPTO_MEM_CHECK_ON (w/o ..._ENABLE)
+                                      */
+static unsigned long disabling_thread = 0; /* Valid iff num_disable > 0.
+                                            * CRYPTO_LOCK_MALLOC2 is locked
+                                            * exactly in this case (by the
+                                            * thread named in disabling_thread).
+                                            */
+
+static void app_info_free(APP_INFO *inf)
+       {
+       if (--(inf->references) <= 0)
+               {
+               if (inf->next != NULL)
+                       {
+                       app_info_free(inf->next);
+                       }
+               OPENSSL_free(inf);
+               }
+       }
 
 int CRYPTO_mem_ctrl(int mode)
        {
@@ -137,22 +161,23 @@ int CRYPTO_mem_ctrl(int mode)
        CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
        switch (mode)
                {
-       /* for applications: */
+       /* for applications (not to be called while multiple threads
+        * use the library): */
        case CRYPTO_MEM_CHECK_ON: /* aka MemCheck_start() */
                mh_mode = CRYPTO_MEM_CHECK_ON|CRYPTO_MEM_CHECK_ENABLE;
-               disabling_thread = 0;
+               num_disable = 0;
                break;
        case CRYPTO_MEM_CHECK_OFF: /* aka MemCheck_stop() */
                mh_mode = 0;
-               disabling_thread = 0;
+               num_disable = 0; /* should be true *before* MemCheck_stop is used,
+                                   or there'll be a lot of confusion */
                break;
 
        /* switch off temporarily (for library-internal use): */
        case CRYPTO_MEM_CHECK_DISABLE: /* aka MemCheck_off() */
                if (mh_mode & CRYPTO_MEM_CHECK_ON)
                        {
-                       mh_mode&= ~CRYPTO_MEM_CHECK_ENABLE;
-                       if (disabling_thread != CRYPTO_thread_id()) /* otherwise we already have the MALLOC2 lock */
+                       if (!num_disable || (disabling_thread != CRYPTO_thread_id())) /* otherwise we already have the MALLOC2 lock */
                                {
                                /* Long-time lock CRYPTO_LOCK_MALLOC2 must not be claimed while
                                 * we're holding CRYPTO_LOCK_MALLOC, or we'll deadlock if
@@ -169,18 +194,23 @@ int CRYPTO_mem_ctrl(int mode)
                                 * OpenSSL threads. */
                                CRYPTO_w_lock(CRYPTO_LOCK_MALLOC2);
                                CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
+                               mh_mode &= ~CRYPTO_MEM_CHECK_ENABLE;
                                disabling_thread=CRYPTO_thread_id();
                                }
+                       num_disable++;
                        }
                break;
        case CRYPTO_MEM_CHECK_ENABLE: /* aka MemCheck_on() */
                if (mh_mode & CRYPTO_MEM_CHECK_ON)
                        {
-                       mh_mode|=CRYPTO_MEM_CHECK_ENABLE;
-                       if (disabling_thread != 0)
+                       if (num_disable) /* always true, or something is going wrong */
                                {
-                               disabling_thread=0;
-                               CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC2);
+                               num_disable--;
+                               if (num_disable == 0)
+                                       {
+                                       mh_mode|=CRYPTO_MEM_CHECK_ENABLE;
+                                       CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC2);
+                                       }
                                }
                        }
                break;
@@ -198,12 +228,12 @@ int CRYPTO_is_mem_check_on(void)
 
        if (mh_mode & CRYPTO_MEM_CHECK_ON)
                {
-               CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
+               CRYPTO_r_lock(CRYPTO_LOCK_MALLOC);
 
                ret = (mh_mode & CRYPTO_MEM_CHECK_ENABLE)
-                       && disabling_thread != CRYPTO_thread_id();
+                       || (disabling_thread != CRYPTO_thread_id());
 
-               CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
+               CRYPTO_r_unlock(CRYPTO_LOCK_MALLOC);
                }
        return(ret);
        }       
@@ -222,8 +252,16 @@ long CRYPTO_dbg_get_options(void)
 /* static int mem_cmp(MEM *a, MEM *b) */
 static int mem_cmp(const void *a_void, const void *b_void)
        {
-       return((const char *)((MEM *)a_void)->addr
-               - (const char *)((MEM *)b_void)->addr);
+#ifdef _WIN64
+       const char *a=(const char *)((const MEM *)a_void)->addr,
+                  *b=(const char *)((const MEM *)b_void)->addr;
+       if (a==b)       return 0;
+       else if (a>b)   return 1;
+       else            return -1;
+#else
+       return((const char *)((const MEM *)a_void)->addr
+               - (const char *)((const MEM *)b_void)->addr);
+#endif
        }
 
 /* static unsigned long mem_hash(MEM *a) */
@@ -299,7 +337,7 @@ int CRYPTO_push_info_(const char *info, const char *file, int line)
 
        if (is_MemCheck_on())
                {
-               MemCheck_off(); /* obtains CRYPTO_LOCK_MALLOC2 */
+               MemCheck_off(); /* obtain MALLOC2 lock */
 
                if ((ami = (APP_INFO *)OPENSSL_malloc(sizeof(APP_INFO))) == NULL)
                        {
@@ -336,7 +374,7 @@ int CRYPTO_push_info_(const char *info, const char *file, int line)
                        ami->next=amim;
                        }
  err:
-               MemCheck_on(); /* releases CRYPTO_LOCK_MALLOC2 */
+               MemCheck_on(); /* release MALLOC2 lock */
                }
 
        return(ret);
@@ -348,11 +386,11 @@ int CRYPTO_pop_info(void)
 
        if (is_MemCheck_on()) /* _must_ be true, or something went severely wrong */
                {
-               MemCheck_off(); /* obtains CRYPTO_LOCK_MALLOC2 */
+               MemCheck_off(); /* obtain MALLOC2 lock */
 
                ret=(pop_info() != NULL);
 
-               MemCheck_on(); /* releases CRYPTO_LOCK_MALLOC2 */
+               MemCheck_on(); /* release MALLOC2 lock */
                }
        return(ret);
        }
@@ -363,12 +401,12 @@ int CRYPTO_remove_all_info(void)
 
        if (is_MemCheck_on()) /* _must_ be true */
                {
-               MemCheck_off(); /* obtains CRYPTO_LOCK_MALLOC2 */
+               MemCheck_off(); /* obtain MALLOC2 lock */
 
                while(pop_info() != NULL)
                        ret++;
 
-               MemCheck_on(); /* releases CRYPTO_LOCK_MALLOC2 */
+               MemCheck_on(); /* release MALLOC2 lock */
                }
        return(ret);
        }
@@ -391,11 +429,12 @@ void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line,
 
                if (is_MemCheck_on())
                        {
-                       MemCheck_off(); /* obtains CRYPTO_LOCK_MALLOC2 */
+                       MemCheck_off(); /* make sure we hold MALLOC2 lock */
                        if ((m=(MEM *)OPENSSL_malloc(sizeof(MEM))) == NULL)
                                {
                                OPENSSL_free(addr);
-                               MemCheck_on(); /* releases CRYPTO_LOCK_MALLOC2 */
+                               MemCheck_on(); /* release MALLOC2 lock
+                                               * if num_disabled drops to 0 */
                                return;
                                }
                        if (mh == NULL)
@@ -454,7 +493,8 @@ void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line,
                                OPENSSL_free(mm);
                                }
                err:
-                       MemCheck_on(); /* releases CRYPTO_LOCK_MALLOC2 */
+                       MemCheck_on(); /* release MALLOC2 lock
+                                       * if num_disabled drops to 0 */
                        }
                break;
                }
@@ -473,7 +513,7 @@ void CRYPTO_dbg_free(void *addr, int before_p)
 
                if (is_MemCheck_on() && (mh != NULL))
                        {
-                       MemCheck_off();
+                       MemCheck_off(); /* make sure we hold MALLOC2 lock */
 
                        m.addr=addr;
                        mp=(MEM *)lh_delete(mh,(char *)&m);
@@ -484,13 +524,12 @@ void CRYPTO_dbg_free(void *addr, int before_p)
                                mp->order, mp->addr, mp->num);
 #endif
                                if (mp->app_info != NULL)
-                                       {
-                                       mp->app_info->references--;
-                                       }
+                                       app_info_free(mp->app_info);
                                OPENSSL_free(mp);
                                }
 
-                       MemCheck_on(); /* releases CRYPTO_LOCK_MALLOC2 */
+                       MemCheck_on(); /* release MALLOC2 lock
+                                       * if num_disabled drops to 0 */
                        }
                break;
        case 1:
@@ -524,7 +563,7 @@ void CRYPTO_dbg_realloc(void *addr1, void *addr2, int num,
 
                if (is_MemCheck_on())
                        {
-                       MemCheck_off(); /* obtains CRYPTO_LOCK_MALLOC2 */
+                       MemCheck_off(); /* make sure we hold MALLOC2 lock */
 
                        m.addr=addr1;
                        mp=(MEM *)lh_delete(mh,(char *)&m);
@@ -541,7 +580,8 @@ void CRYPTO_dbg_realloc(void *addr1, void *addr2, int num,
                                lh_insert(mh,(char *)mp);
                                }
 
-                       MemCheck_on(); /* releases CRYPTO_LOCK_MALLOC2 */
+                       MemCheck_on(); /* release MALLOC2 lock
+                                       * if num_disabled drops to 0 */
                        }
                break;
                }
@@ -556,7 +596,7 @@ typedef struct mem_leak_st
        long bytes;
        } MEM_LEAK;
 
-static void print_leak(MEM *m, MEM_LEAK *l)
+static void print_leak(const MEM *m, MEM_LEAK *l)
        {
        char buf[1024];
        char *bufp = buf;
@@ -565,6 +605,8 @@ static void print_leak(MEM *m, MEM_LEAK *l)
        struct tm *lcl = NULL;
        unsigned long ti;
 
+#define BUF_REMAIN (sizeof buf - (size_t)(bufp - buf))
+
        if(m->addr == (char *)l->bio)
            return;
 
@@ -572,22 +614,22 @@ static void print_leak(MEM *m, MEM_LEAK *l)
                {
                lcl = localtime(&m->time);
        
-               sprintf(bufp, "[%02d:%02d:%02d] ",
+               BIO_snprintf(bufp, BUF_REMAIN, "[%02d:%02d:%02d] ",
                        lcl->tm_hour,lcl->tm_min,lcl->tm_sec);
                bufp += strlen(bufp);
                }
 
-       sprintf(bufp, "%5lu file=%s, line=%d, ",
+       BIO_snprintf(bufp, BUF_REMAIN, "%5lu file=%s, line=%d, ",
                m->order,m->file,m->line);
        bufp += strlen(bufp);
 
        if (options & V_CRYPTO_MDEBUG_THREAD)
                {
-               sprintf(bufp, "thread=%lu, ", m->thread);
+               BIO_snprintf(bufp, BUF_REMAIN, "thread=%lu, ", m->thread);
                bufp += strlen(bufp);
                }
 
-       sprintf(bufp, "number=%d, address=%08lX\n",
+       BIO_snprintf(bufp, BUF_REMAIN, "number=%d, address=%08lX\n",
                m->num,(unsigned long)m->addr);
        bufp += strlen(bufp);
 
@@ -609,7 +651,7 @@ static void print_leak(MEM *m, MEM_LEAK *l)
 
                ami_cnt++;
                memset(buf,'>',ami_cnt);
-               sprintf(buf + ami_cnt,
+               BIO_snprintf(buf + ami_cnt, sizeof buf - ami_cnt,
                        " thread=%lu, file=%s, line=%d, info=\"",
                        amip->thread, amip->file, amip->line);
                buf_len=strlen(buf);
@@ -621,10 +663,11 @@ static void print_leak(MEM *m, MEM_LEAK *l)
                        }
                else
                        {
-                       strcpy(buf + buf_len, amip->info);
+                       BUF_strlcpy(buf + buf_len, amip->info,
+                                   sizeof buf - buf_len);
                        buf_len = strlen(buf);
                        }
-               sprintf(buf + buf_len, "\"\n");
+               BIO_snprintf(buf + buf_len, sizeof buf - buf_len, "\"\n");
                
                BIO_puts(l->bio,buf);
 
@@ -641,25 +684,27 @@ static void print_leak(MEM *m, MEM_LEAK *l)
 #endif
        }
 
+static IMPLEMENT_LHASH_DOALL_ARG_FN(print_leak, const MEM *, MEM_LEAK *)
+
 void CRYPTO_mem_leaks(BIO *b)
        {
        MEM_LEAK ml;
-       char buf[80];
 
        if (mh == NULL && amih == NULL)
                return;
+
+       MemCheck_off(); /* obtain MALLOC2 lock */
+
        ml.bio=b;
        ml.bytes=0;
        ml.chunks=0;
-       MemCheck_off(); /* obtains CRYPTO_LOCK_MALLOC2 */
        if (mh != NULL)
-               lh_doall_arg(mh, (LHASH_DOALL_ARG_FN_TYPE)print_leak,
+               lh_doall_arg(mh, LHASH_DOALL_ARG_FN(print_leak),
                                (char *)&ml);
        if (ml.chunks != 0)
                {
-               sprintf(buf,"%ld bytes leaked in %d chunks\n",
-                       ml.bytes,ml.chunks);
-               BIO_puts(b,buf);
+               BIO_printf(b,"%ld bytes leaked in %d chunks\n",
+                          ml.bytes,ml.chunks);
                }
        else
                {
@@ -678,7 +723,15 @@ void CRYPTO_mem_leaks(BIO *b)
                 * void_fn_to_char kludge in CRYPTO_mem_leaks_cb.
                 * Otherwise the code police will come and get us.)
                 */
+               int old_mh_mode;
+
                CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
+
+               /* avoid deadlock when lh_free() uses CRYPTO_dbg_free(),
+                * which uses CRYPTO_is_mem_check_on */
+               old_mh_mode = mh_mode;
+               mh_mode = CRYPTO_MEM_CHECK_OFF;
+
                if (mh != NULL)
                        {
                        lh_free(mh);
@@ -692,25 +745,26 @@ void CRYPTO_mem_leaks(BIO *b)
                                amih = NULL;
                                }
                        }
+
+               mh_mode = old_mh_mode;
                CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
                }
-       MemCheck_on(); /* releases CRYPTO_LOCK_MALLOC2 */
-
-#if 0
-       lh_stats_bio(mh,b);
-       lh_node_stats_bio(mh,b);
-       lh_node_usage_stats_bio(mh,b);
-#endif
+       MemCheck_on(); /* release MALLOC2 lock */
        }
 
-#ifndef NO_FP_API
+#ifndef OPENSSL_NO_FP_API
 void CRYPTO_mem_leaks_fp(FILE *fp)
        {
        BIO *b;
 
        if (mh == NULL) return;
-       if ((b=BIO_new(BIO_s_file())) == NULL)
-               return;
+       /* Need to turn off memory checking when allocated BIOs ... especially
+        * as we're creating them at a time when we're trying to check we've not
+        * left anything un-free()'d!! */
+       MemCheck_off();
+       b = BIO_new(BIO_s_file());
+       MemCheck_on();
+       if(!b) return;
        BIO_set_fp(b,fp,BIO_NOCLOSE);
        CRYPTO_mem_leaks(b);
        BIO_free(b);
@@ -722,16 +776,20 @@ void CRYPTO_mem_leaks_fp(FILE *fp)
 /* FIXME: We really don't allow much to the callback.  For example, it has
    no chance of reaching the info stack for the item it processes.  Should
    it really be this way?  -- Richard Levitte */
-static void cb_leak(MEM *m,
-                   void (**cb)(unsigned long, const char *, int, int, void *))
+/* NB: The prototypes have been typedef'd to CRYPTO_MEM_LEAK_CB inside crypto.h
+ * If this code is restructured, remove the callback type if it is no longer
+ * needed. -- Geoff Thorpe */
+static void cb_leak(const MEM *m, CRYPTO_MEM_LEAK_CB **cb)
        {
        (**cb)(m->order,m->file,m->line,m->num,m->addr);
        }
 
-void CRYPTO_mem_leaks_cb(void (*cb)(unsigned long, const char *, int, int, void *))
+static IMPLEMENT_LHASH_DOALL_ARG_FN(cb_leak, const MEM *, CRYPTO_MEM_LEAK_CB **)
+
+void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb)
        {
        if (mh == NULL) return;
        CRYPTO_w_lock(CRYPTO_LOCK_MALLOC2);
-       lh_doall_arg(mh, (LHASH_DOALL_ARG_FN_TYPE)cb_leak,(void *)&cb);
+       lh_doall_arg(mh, LHASH_DOALL_ARG_FN(cb_leak), &cb);
        CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC2);
        }