TEST_ptr_null(OPENSSL_secure_malloc((size_t)-1));
TEST_true(CRYPTO_secure_malloc_done());
- TEST_info("Possible infinite loop: small arena");
- if (!TEST_false(CRYPTO_secure_malloc_init(16, 16)))
+ /*
+ * If init fails, then initialized should be false, if not, this
+ * could cause an infinite loop secure_malloc, but we don't test it
+ */
+ if (TEST_false(CRYPTO_secure_malloc_init(16, 16)) &&
+ !TEST_false(CRYPTO_secure_malloc_initialized())) {
+ TEST_true(CRYPTO_secure_malloc_done());
goto end;
- TEST_false(CRYPTO_secure_malloc_initialized());
- TEST_ptr_null(OPENSSL_secure_malloc((size_t)-1));
- TEST_true(CRYPTO_secure_malloc_done());
+ }
/*-
* There was also a possible infinite loop when the number of
*
* CRYPTO_secure_malloc_init((size_t)1<<34, (size_t)1<<4);
*
- * Which really only works on 64-bit systems, and even then the
- * code attempts to allocate 16 GB secure memory arena. Linux
- * can deal with this better than other Unixy OS's (e.g. MacOS)
- * but we don't want to push the system too hard during a unit
- * test. In addition, trying to allocate 16GB will cause the
- * mlock() call to fail, so that was at least changed to no
- * longer be an assert. If the reader of this comment really
- * wants to make sure that infinite loop is fixed, they can
- * enable the code below.
+ * Which really only works on 64-bit systems, since it took 16 GB
+ * secure memory arena to trigger the problem. It naturally takes
+ * corresponding amount of available virtual and physical memory
+ * for test to be feasible/representative. Since we can't assume
+ * that every system is equipped with that much memory, the test
+ * remains disabled. If the reader of this comment really wants
+ * to make sure that infinite loop is fixed, they can enable the
+ * code below.
*/
# if 0
- /* This test should only be run under Linux... runner beware */
+ /*-
+ * On Linux and BSD this test has a chance to complete in minimal
+ * time and with minimum side effects, because mlock is likely to
+ * fail because of RLIMIT_MEMLOCK, which is customarily [much]
+ * smaller than 16GB. In other words Linux and BSD users can be
+ * limited by virtual space alone...
+ */
if (sizeof(size_t) > 4) {
TEST_info("Possible infinite loop: 1<<31 limit");
if (TEST_true(CRYPTO_secure_malloc_init((size_t)1<<34, (size_t)1<<4) != 0))
TEST_true(CRYPTO_secure_malloc_done());
}
# endif
-
+
/* this can complete - it was not really secure */
testresult = 1;
end: