X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=crypto%2Fmem.c;h=01052cfa38e9a562a4301cce3bd6a36a9877d91a;hb=6a7a4a4e19a339889e8238b6b23b5d3c010a0361;hp=03d2569bced7c0c0980551e02802f66deb7c4d54;hpb=54a656ef081f72a740c550ebd8099b40b8b5cde0;p=oweals%2Fopenssl.git diff --git a/crypto/mem.c b/crypto/mem.c index 03d2569bce..01052cfa38 100644 --- a/crypto/mem.c +++ b/crypto/mem.c @@ -121,10 +121,11 @@ static void (*set_debug_options_func)(long) = NULL; static long (*get_debug_options_func)(void) = NULL; #endif - int CRYPTO_set_mem_functions(void *(*m)(size_t), void *(*r)(void *, size_t), void (*f)(void *)) { + /* Dummy call just to ensure OPENSSL_init() gets linked in */ + OPENSSL_init(); if (!allow_customize) return 0; if ((m == 0) || (r == 0) || (f == 0)) @@ -186,6 +187,7 @@ int CRYPTO_set_mem_debug_functions(void (*m)(void *,int,const char *,int,int), { if (!allow_customize_debug) return 0; + OPENSSL_init(); malloc_debug_func=m; realloc_debug_func=r; free_debug_func=f; @@ -251,10 +253,14 @@ void *CRYPTO_malloc_locked(int num, const char *file, int line) { void *ret = NULL; - allow_customize = 0; + if (num <= 0) return NULL; + + if(allow_customize) + allow_customize = 0; if (malloc_debug_func != NULL) { - allow_customize_debug = 0; + if(allow_customize_debug) + allow_customize_debug = 0; malloc_debug_func(NULL, num, file, line, 0); } ret = malloc_locked_ex_func(num,file,line); @@ -264,6 +270,16 @@ void *CRYPTO_malloc_locked(int num, const char *file, int line) if (malloc_debug_func != NULL) malloc_debug_func(ret, num, file, line, 1); +#ifndef OPENSSL_CPUID_OBJ + /* Create a dependency on the value of 'cleanse_ctr' so our memory + * sanitisation function can't be optimised out. NB: We only do + * this for >2Kb so the overhead doesn't bother us. */ + if(ret && (num > 2048)) + { extern unsigned char cleanse_ctr; + ((unsigned char *)ret)[0] = cleanse_ctr; + } +#endif + return ret; } @@ -283,10 +299,14 @@ void *CRYPTO_malloc(int num, const char *file, int line) { void *ret = NULL; - allow_customize = 0; + if (num <= 0) return NULL; + + if(allow_customize) + allow_customize = 0; if (malloc_debug_func != NULL) { - allow_customize_debug = 0; + if(allow_customize_debug) + allow_customize_debug = 0; malloc_debug_func(NULL, num, file, line, 0); } ret = malloc_ex_func(num,file,line); @@ -296,6 +316,23 @@ void *CRYPTO_malloc(int num, const char *file, int line) if (malloc_debug_func != NULL) malloc_debug_func(ret, num, file, line, 1); +#ifndef OPENSSL_CPUID_OBJ + /* Create a dependency on the value of 'cleanse_ctr' so our memory + * sanitisation function can't be optimised out. NB: We only do + * this for >2Kb so the overhead doesn't bother us. */ + if(ret && (num > 2048)) + { extern unsigned char cleanse_ctr; + ((unsigned char *)ret)[0] = cleanse_ctr; + } +#endif + + return ret; + } +char *CRYPTO_strdup(const char *str, const char *file, int line) + { + char *ret = CRYPTO_malloc(strlen(str)+1, file, line); + + strcpy(ret, str); return ret; } @@ -305,6 +342,9 @@ void *CRYPTO_realloc(void *str, int num, const char *file, int line) if (str == NULL) return CRYPTO_malloc(num, file, line); + + if (num <= 0) return NULL; + if (realloc_debug_func != NULL) realloc_debug_func(str, NULL, num, file, line, 0); ret = realloc_ex_func(str,num,file,line); @@ -324,15 +364,26 @@ void *CRYPTO_realloc_clean(void *str, int old_len, int num, const char *file, if (str == NULL) return CRYPTO_malloc(num, file, line); + + if (num <= 0) return NULL; + + /* We don't support shrinking the buffer. Note the memcpy that copies + * |old_len| bytes to the new buffer, below. */ + if (num < old_len) return NULL; + if (realloc_debug_func != NULL) realloc_debug_func(str, NULL, num, file, line, 0); ret=malloc_ex_func(num,file,line); if(ret) + { memcpy(ret,str,old_len); - memset(str,'\0',old_len); - free_func(str); + OPENSSL_cleanse(str,old_len); + free_func(str); + } #ifdef LEVITTE_DEBUG_MEM - fprintf(stderr, "LEVITTE_DEBUG_MEM: | 0x%p -> 0x%p (%d)\n", str, ret, num); + fprintf(stderr, + "LEVITTE_DEBUG_MEM: | 0x%p -> 0x%p (%d)\n", + str, ret, num); #endif if (realloc_debug_func != NULL) realloc_debug_func(str, ret, num, file, line, 1);