X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fmem.c;h=0c8f4e18693a500022826f5cfee7281b398b9ae3;hp=72e501ad0f2a5cdf71aa4b5f0829f54c02ad90c2;hb=ff8428561a4fa89423862f532436a9b109369d53;hpb=58964a492275ca9a59a0cd9c8155cb2491b4b909 diff --git a/crypto/mem.c b/crypto/mem.c index 72e501ad0f..0c8f4e1869 100644 --- a/crypto/mem.c +++ b/crypto/mem.c @@ -5,21 +5,21 @@ * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). * The implementation was written so as to conform with Netscapes SSL. - * + * * This library is free for commercial and non-commercial use as long as * the following conditions are aheared to. The following conditions * apply to all code found in this distribution, be it the RC4, RSA, * lhash, DES, etc., code; not just the SSL code. The SSL documentation * included with this distribution is covered by the same copyright terms * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * + * * Copyright remains Eric Young's, and as such any Copyright notices in * the code are not to be removed. * If this package is used in a product, Eric Young should be given attribution * as the author of the parts of the library used. * This can be in the form of a textual message at program startup or * in documentation (online or textual) provided with the package. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -34,10 +34,10 @@ * Eric Young (eay@cryptsoft.com)" * The word 'cryptographic' can be left out if the rouines from the library * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from + * 4. If you include any Windows specific code (or a derivative thereof) from * the apps directory (application code) you must include an acknowledgement: * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * + * * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -49,7 +49,7 @@ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * + * * The licence and distribution terms for any publically available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence @@ -58,296 +58,343 @@ #include #include -#include "buffer.h" -#include "bio.h" -#include "lhash.h" -#include "cryptlib.h" - -static int mh_mode=CRYPTO_MEM_CHECK_OFF; -static unsigned long order=0; - -static LHASH *mh=NULL; - -typedef struct mem_st - { - char *addr; - int num; - char *file; - int line; - unsigned long order; - } MEM; - -int CRYPTO_mem_ctrl(mode) -int mode; - { - int ret=mh_mode; - - CRYPTO_w_lock(CRYPTO_LOCK_MALLOC); - switch (mode) - { - case CRYPTO_MEM_CHECK_ON: - mh_mode|=CRYPTO_MEM_CHECK_ON; - break; - case CRYPTO_MEM_CHECK_OFF: - mh_mode&= ~CRYPTO_MEM_CHECK_ON; - break; - default: - break; - } - CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC); - return(ret); - } - -static int mem_cmp(a,b) -MEM *a,*b; - { - return(a->addr - b->addr); - } - -static unsigned long mem_hash(a) -MEM *a; - { - unsigned long ret; - - ret=(unsigned long)a->addr; - - ret=ret*17851+(ret>>14)*7+(ret>>4)*251; - return(ret); - } - -static char *(*malloc_func)()= (char *(*)())malloc; -static char *(*realloc_func)()= (char *(*)())realloc; -static void (*free_func)()= (void (*)())free; - -void CRYPTO_set_mem_functions(m,r,f) -char *(*m)(); -char *(*r)(); -void (*f)(); - { - if ((m == NULL) || (r == NULL) || (f == NULL)) return; - malloc_func=m; - realloc_func=r; - free_func=f; - } - -void CRYPTO_get_mem_functions(m,r,f) -char *(**m)(); -char *(**r)(); -void (**f)(); - { - if (m != NULL) *m=malloc_func; - if (r != NULL) *r=realloc_func; - if (f != NULL) *f=free_func; - } - -char *CRYPTO_malloc(num) -int num; - { - return(malloc_func(num)); - } - -char *CRYPTO_realloc(str,num) -char *str; -int num; - { - return(realloc_func(str,num)); - } - -void CRYPTO_free(str) -char *str; - { - free_func(str); - } - -char *CRYPTO_dbg_malloc(num,file,line) -int num; -char *file; -int line; - { - char *ret; - MEM *m,*mm; - - if ((ret=malloc_func(num)) == NULL) - return(NULL); - - if (mh_mode & CRYPTO_MEM_CHECK_ON) - { - if ((m=(MEM *)malloc(sizeof(MEM))) == NULL) - { - free(ret); - return(NULL); - } - CRYPTO_w_lock(CRYPTO_LOCK_MALLOC); - if (mh == NULL) - { - if ((mh=lh_new(mem_hash,mem_cmp)) == NULL) - { - free(ret); - free(m); - return(NULL); - } - } - - m->addr=ret; - m->file=file; - m->line=line; - m->num=num; - m->order=order++; - if ((mm=(MEM *)lh_insert(mh,(char *)m)) != NULL) - { - /* Not good, but don't sweat it */ - free(mm); - } - CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC); - } - return(ret); - } - -void CRYPTO_dbg_free(addr) -char *addr; - { - MEM m,*mp; - - if ((mh_mode & CRYPTO_MEM_CHECK_ON) && (mh != NULL)) - { - CRYPTO_w_lock(CRYPTO_LOCK_MALLOC); - m.addr=addr; - mp=(MEM *)lh_delete(mh,(char *)&m); - if (mp != NULL) - free(mp); - CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC); - } - free_func(addr); - } - -char *CRYPTO_dbg_realloc(addr,num,file,line) -char *addr; -int num; -char *file; -int line; - { - char *ret; - MEM m,*mp; - - ret=realloc_func(addr,num); - if (ret == addr) return(ret); - - if (mh_mode & CRYPTO_MEM_CHECK_ON) - { - if (ret == NULL) return(NULL); - m.addr=addr; - CRYPTO_w_lock(CRYPTO_LOCK_MALLOC); - mp=(MEM *)lh_delete(mh,(char *)&m); - if (mp != NULL) - { - mp->addr=ret; - lh_insert(mh,(char *)mp); - } - CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC); - } - return(ret); - } - -char *CRYPTO_remalloc(a,n) -char *a; -int n; - { - if (a != NULL) Free(a); - a=(char *)Malloc(n); - return(a); - } - -char *CRYPTO_dbg_remalloc(a,n,file,line) -char *a; -int n; -char *file; -int line; - { - if (a != NULL) CRYPTO_dbg_free(a); - a=(char *)CRYPTO_dbg_malloc(n,file,line); - return(a); - } - - -typedef struct mem_leak_st - { - BIO *bio; - int chunks; - long bytes; - } MEM_LEAK; - -static void print_leak(m,l) -MEM *m; -MEM_LEAK *l; - { - char buf[128]; - - sprintf(buf,"%5ld file=%s, line=%d, number=%d, address=%08lX\n", - m->order,m->file,m->line,m->num,(long)m->addr); - BIO_puts(l->bio,buf); - l->chunks++; - l->bytes+=m->num; - } - -void CRYPTO_mem_leaks(b) -BIO *b; - { - MEM_LEAK ml; - char buf[80]; - - if (mh == NULL) return; - ml.bio=b; - ml.bytes=0; - ml.chunks=0; - CRYPTO_w_lock(CRYPTO_LOCK_MALLOC); - lh_doall_arg(mh,(void (*)())print_leak,(char *)&ml); - CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC); - if (ml.chunks != 0) - { - sprintf(buf,"%ld bytes leaked in %d chunks\n", - ml.bytes,ml.chunks); - BIO_puts(b,buf); - } - /* - lh_stats_bio(mh,b); - lh_node_stats_bio(mh,b); - lh_node_usage_stats_bio(mh,b); - */ - } - -static void (*mem_cb)()=NULL; - -static void cb_leak(m,cb) -MEM *m; -char *cb; - { - void (*mem_callback)()=(void (*)())cb; - mem_callback(m->order,m->file,m->line,m->num,m->addr); - } - -void CRYPTO_mem_leaks_cb(cb) -void (*cb)(); - { - if (mh == NULL) return; - CRYPTO_w_lock(CRYPTO_LOCK_MALLOC); - mem_cb=cb; - lh_doall_arg(mh,(void (*)())cb_leak,(char *)mem_cb); - mem_cb=NULL; - CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC); - } - -#ifndef NO_FP_API -void CRYPTO_mem_leaks_fp(fp) -FILE *fp; - { - BIO *b; - - if (mh == NULL) return; - if ((b=BIO_new(BIO_s_file())) == NULL) - return; - BIO_set_fp(b,fp,BIO_NOCLOSE); - CRYPTO_mem_leaks(b); - BIO_free(b); - } +#include +#include "internal/cryptlib.h" + +static int allow_customize = 1; /* we provide flexible functions for */ +static int allow_customize_debug = 1; /* exchanging memory-related functions + * at run-time, but this must be done + * before any blocks are actually + * allocated; or we'll run into huge + * problems when malloc/free pairs + * don't match etc. */ + +/* + * the following pointers may be changed as long as 'allow_customize' is set + */ + +static void *(*malloc_func) (size_t) = malloc; +static void *default_malloc_ex(size_t num, const char *file, int line) +{ + return malloc_func(num); +} + +static void *(*malloc_ex_func) (size_t, const char *file, int line) + = default_malloc_ex; + +static void *(*realloc_func) (void *, size_t) = realloc; +static void *default_realloc_ex(void *str, size_t num, + const char *file, int line) +{ + return realloc_func(str, num); +} + +static void *(*realloc_ex_func) (void *, size_t, const char *file, int line) + = default_realloc_ex; + +static void (*free_func) (void *) = free; + +static void *(*malloc_secure_func)(size_t) = malloc; +static void *default_malloc_secure_ex(size_t num, const char *file, int line) +{ + return malloc_secure_func(num); +} +static void *(*malloc_secure_ex_func)(size_t, const char *file, int line) + = default_malloc_secure_ex; +static void (*free_secure_func)(void *) = free; + +/* may be changed as long as 'allow_customize_debug' is set */ +/* XXX use correct function pointer types */ +#ifdef CRYPTO_MDEBUG +/* use default functions from mem_dbg.c */ +static void (*malloc_debug_func) (void *, size_t, const char *, int, int) + = CRYPTO_dbg_malloc; +static void (*realloc_debug_func) (void *, void *, size_t, const char *, int, + int) + = CRYPTO_dbg_realloc; +static void (*free_debug_func) (void *, int) = CRYPTO_dbg_free; +static void (*set_debug_options_func) (long) = CRYPTO_dbg_set_options; +static long (*get_debug_options_func) (void) = CRYPTO_dbg_get_options; +#else +/* + * applications can use CRYPTO_malloc_debug_init() to select above case at + * run-time + */ +static void (*malloc_debug_func) (void *, int, const char *, int, int) = NULL; +static void (*realloc_debug_func) (void *, void *, int, const char *, int, + int) + = NULL; +static void (*free_debug_func) (void *, int) = NULL; +static void (*set_debug_options_func) (long) = NULL; +static long (*get_debug_options_func) (void) = NULL; +#endif + +int CRYPTO_set_mem_functions(void *(*m) (size_t), void *(*r) (void *, size_t), + void (*f) (void *)) +{ + /* Dummy call just to ensure OPENSSL_init() gets linked in */ + OPENSSL_init(); + if (!allow_customize) + return 0; + if ((m == 0) || (r == 0) || (f == 0)) + return 0; + malloc_func = m; + malloc_ex_func = default_malloc_ex; + realloc_func = r; + realloc_ex_func = default_realloc_ex; + free_func = f; + /* If user wants to intercept the secure or locked functions, do it + * after the basic functions. */ + malloc_secure_func = m; + malloc_secure_ex_func = default_malloc_secure_ex; + free_secure_func = f; + return 1; +} + +int CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const char *, int), + void *(*r) (void *, size_t, const char *, + int), void (*f) (void *)) +{ + if (!allow_customize) + return 0; + if ((m == 0) || (r == 0) || (f == 0)) + return 0; + malloc_func = 0; + malloc_ex_func = m; + realloc_func = 0; + realloc_ex_func = r; + free_func = f; + malloc_secure_func = 0; + malloc_secure_ex_func = m; + free_secure_func = f; + return 1; +} + +int CRYPTO_set_secure_mem_functions(void *(*m)(size_t), void (*f)(void *)) +{ + /* Dummy call just to ensure OPENSSL_init() gets linked in */ + OPENSSL_init(); + if (!allow_customize) + return 0; + if ((m == 0) || (f == 0)) + return 0; + malloc_secure_func = m; + malloc_secure_ex_func = default_malloc_secure_ex; + free_secure_func = f; + return 1; +} + +int CRYPTO_set_secure_mem_ex_functions(void *(*m)(size_t, const char *, int), + void (*f)(void *)) +{ + if (!allow_customize) + return 0; + if ((m == NULL) || (f == NULL)) + return 0; + malloc_secure_func = 0; + malloc_secure_ex_func = m; + free_secure_func = f; + return 1; +} + +int CRYPTO_set_mem_debug_functions(void (*m) (void *, size_t, + const char *, int, int), + void (*r) (void *, void *, size_t, + const char *, int, int), + void (*f) (void *, int), void (*so) (long), + long (*go) (void)) +{ + if (!allow_customize_debug) + return 0; + malloc_debug_func = m; + realloc_debug_func = r; + free_debug_func = f; + set_debug_options_func = so; + get_debug_options_func = go; + return 1; +} + +void CRYPTO_get_mem_functions(void *(**m) (size_t), + void *(**r) (void *, size_t), + void (**f) (void *)) +{ + if (m != NULL) + *m = (malloc_ex_func == default_malloc_ex) ? malloc_func : 0; + if (r != NULL) + *r = (realloc_ex_func == default_realloc_ex) ? realloc_func : 0; + if (f != NULL) + *f = free_func; +} + +void CRYPTO_get_mem_ex_functions(void *(**m) (size_t, const char *, int), + void *(**r) (void *, size_t, const char *, + int), void (**f) (void *)) +{ + if (m != NULL) + *m = (malloc_ex_func != default_malloc_ex) ? malloc_ex_func : 0; + if (r != NULL) + *r = (realloc_ex_func != default_realloc_ex) ? realloc_ex_func : 0; + if (f != NULL) + *f = free_func; +} + +void CRYPTO_get_secure_mem_functions(void *(**m)(size_t), void (**f)(void *)) +{ + if (m != NULL) + *m = (malloc_secure_ex_func == default_malloc_secure_ex) ? + malloc_secure_func : 0; + if (f != NULL) + *f=free_secure_func; +} + +void CRYPTO_get_secure_mem_ex_functions(void *(**m)(size_t,const char *,int), + void (**f)(void *)) +{ + if (m != NULL) + *m = (malloc_secure_ex_func != default_malloc_secure_ex) ? + malloc_secure_ex_func : 0; + if (f != NULL) + *f=free_secure_func; +} + +void CRYPTO_get_mem_debug_functions(void (**m) (void *, size_t, + const char *, int, int), + void (**r) (void *, void *, size_t, + const char *, int, int), + void (**f) (void *, int), + void (**so) (long), long (**go) (void)) +{ + if (m != NULL) + *m = malloc_debug_func; + if (r != NULL) + *r = realloc_debug_func; + if (f != NULL) + *f = free_debug_func; + if (so != NULL) + *so = set_debug_options_func; + if (go != NULL) + *go = get_debug_options_func; +} + +void *CRYPTO_malloc(size_t num, const char *file, int line) +{ + void *ret = NULL; + + if (num <= 0) + return NULL; + + if (allow_customize) + allow_customize = 0; + if (malloc_debug_func != NULL) { + if (allow_customize_debug) + allow_customize_debug = 0; + malloc_debug_func(NULL, num, file, line, 0); + } + ret = malloc_ex_func(num, file, line); + if (malloc_debug_func != NULL) + malloc_debug_func(ret, num, file, line, 1); + +#ifndef OPENSSL_CPUID_OBJ + /* + * Create a dependency on the value of 'cleanse_ctr' so our memory + * sanitisation function can't be optimised out. NB: We only do this for + * >2Kb so the overhead doesn't bother us. + */ + if (ret && (num > 2048)) { + extern unsigned char cleanse_ctr; + ((unsigned char *)ret)[0] = cleanse_ctr; + } #endif + return ret; +} + +void *CRYPTO_zalloc(size_t num, const char *file, int line) +{ + void *ret = CRYPTO_malloc(num, file, line); + + if (ret != NULL) + memset(ret, 0, num); + return ret; +} + +void *CRYPTO_realloc(void *str, size_t num, const char *file, int line) +{ + void *ret = NULL; + + if (str == NULL) + return CRYPTO_malloc(num, file, line); + + if (num <= 0) + return NULL; + + if (realloc_debug_func != NULL) + realloc_debug_func(str, NULL, num, file, line, 0); + ret = realloc_ex_func(str, num, file, line); + if (realloc_debug_func != NULL) + realloc_debug_func(str, ret, num, file, line, 1); + + return ret; +} + +void *CRYPTO_realloc_clean(void *str, size_t old_len, size_t num, + const char *file, int line) +{ + void *ret = NULL; + + if (str == NULL) + return CRYPTO_malloc(num, file, line); + + if (num <= 0) + return NULL; + + /* + * We don't support shrinking the buffer. Note the memcpy that copies + * |old_len| bytes to the new buffer, below. + */ + if (num < old_len) + return NULL; + + if (realloc_debug_func != NULL) + realloc_debug_func(str, NULL, num, file, line, 0); + ret = malloc_ex_func(num, file, line); + if (ret) { + memcpy(ret, str, old_len); + OPENSSL_clear_free(str, old_len); + } + if (realloc_debug_func != NULL) + realloc_debug_func(str, ret, num, file, line, 1); + + return ret; +} + +void CRYPTO_free(void *str) +{ + if (free_debug_func != NULL) + free_debug_func(str, 0); + free_func(str); + if (free_debug_func != NULL) + free_debug_func(NULL, 1); +} + +void CRYPTO_clear_free(void *str, size_t num) +{ + if (!str) + return; + if (num) + OPENSSL_cleanse(str, num); + CRYPTO_free(str); +} + +void CRYPTO_set_mem_debug_options(long bits) +{ + if (set_debug_options_func != NULL) + set_debug_options_func(bits); +} + +long CRYPTO_get_mem_debug_options(void) +{ + if (get_debug_options_func != NULL) + return get_debug_options_func(); + return 0; +}