1/*
2 * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License").  You may not use
5 * this file except in compliance with the License.  You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#include "e_os.h"
11#include "internal/cryptlib.h"
12#include "crypto/cryptlib.h"
13#include <stdio.h>
14#include <stdlib.h>
15#include <limits.h>
16#include <openssl/crypto.h>
17
18/*
19 * the following pointers may be changed as long as 'allow_customize' is set
20 */
21static int allow_customize = 1;
22static CRYPTO_malloc_fn malloc_impl = CRYPTO_malloc;
23static CRYPTO_realloc_fn realloc_impl = CRYPTO_realloc;
24static CRYPTO_free_fn free_impl = CRYPTO_free;
25
26#if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODULE)
27# include "internal/tsan_assist.h"
28
29# ifdef TSAN_REQUIRES_LOCKING
30#  define INCREMENT(x) /* empty */
31#  define LOAD(x) 0
32# else  /* TSAN_REQUIRES_LOCKING */
33static TSAN_QUALIFIER int malloc_count;
34static TSAN_QUALIFIER int realloc_count;
35static TSAN_QUALIFIER int free_count;
36
37#  define INCREMENT(x) tsan_counter(&(x))
38#  define LOAD(x)      tsan_load(&x)
39# endif /* TSAN_REQUIRES_LOCKING */
40
41static char *md_failstring;
42static long md_count;
43static int md_fail_percent = 0;
44static int md_tracefd = -1;
45
46static void parseit(void);
47static int shouldfail(void);
48
49# define FAILTEST() if (shouldfail()) return NULL
50
51#else
52
53# define INCREMENT(x) /* empty */
54# define FAILTEST() /* empty */
55#endif
56
57int CRYPTO_set_mem_functions(CRYPTO_malloc_fn malloc_fn,
58                             CRYPTO_realloc_fn realloc_fn,
59                             CRYPTO_free_fn free_fn)
60{
61    if (!allow_customize)
62        return 0;
63    if (malloc_fn != NULL)
64        malloc_impl = malloc_fn;
65    if (realloc_fn != NULL)
66        realloc_impl = realloc_fn;
67    if (free_fn != NULL)
68        free_impl = free_fn;
69    return 1;
70}
71
72void CRYPTO_get_mem_functions(CRYPTO_malloc_fn *malloc_fn,
73                              CRYPTO_realloc_fn *realloc_fn,
74                              CRYPTO_free_fn *free_fn)
75{
76    if (malloc_fn != NULL)
77        *malloc_fn = malloc_impl;
78    if (realloc_fn != NULL)
79        *realloc_fn = realloc_impl;
80    if (free_fn != NULL)
81        *free_fn = free_impl;
82}
83
84#if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODULE)
85void CRYPTO_get_alloc_counts(int *mcount, int *rcount, int *fcount)
86{
87    if (mcount != NULL)
88        *mcount = LOAD(malloc_count);
89    if (rcount != NULL)
90        *rcount = LOAD(realloc_count);
91    if (fcount != NULL)
92        *fcount = LOAD(free_count);
93}
94
95/*
96 * Parse a "malloc failure spec" string.  This likes like a set of fields
97 * separated by semicolons.  Each field has a count and an optional failure
98 * percentage.  For example:
99 *          100@0;100@25;0@0
100 *    or    100;100@25;0
101 * This means 100 mallocs succeed, then next 100 fail 25% of the time, and
102 * all remaining (count is zero) succeed.
103 * The failure percentge can have 2 digits after the comma.  For example:
104 *          0@0.01
105 * This means 0.01% of all allocations will fail.
106 */
107static void parseit(void)
108{
109    char *semi = strchr(md_failstring, ';');
110    char *atsign;
111
112    if (semi != NULL)
113        *semi++ = '\0';
114
115    /* Get the count (atol will stop at the @ if there), and percentage */
116    md_count = atol(md_failstring);
117    atsign = strchr(md_failstring, '@');
118    md_fail_percent = atsign == NULL ? 0 : (int)(atof(atsign + 1) * 100 + 0.5);
119
120    if (semi != NULL)
121        md_failstring = semi;
122}
123
124/*
125 * Windows doesn't have random() and srandom(), but it has rand() and srand().
126 * Some rand() implementations aren't good, but we're not
127 * dealing with secure randomness here.
128 */
129# ifdef _WIN32
130#  define random() rand()
131#  define srandom(seed) srand(seed)
132# endif
133/*
134 * See if the current malloc should fail.
135 */
136static int shouldfail(void)
137{
138    int roll = (int)(random() % 10000);
139    int shoulditfail = roll < md_fail_percent;
140# ifndef _WIN32
141/* suppressed on Windows as POSIX-like file descriptors are non-inheritable */
142    int len;
143    char buff[80];
144
145    if (md_tracefd > 0) {
146        BIO_snprintf(buff, sizeof(buff),
147                     "%c C%ld %%%d R%d\n",
148                     shoulditfail ? '-' : '+', md_count, md_fail_percent, roll);
149        len = strlen(buff);
150        if (write(md_tracefd, buff, len) != len)
151            perror("shouldfail write failed");
152    }
153# endif
154
155    if (md_count) {
156        /* If we used up this one, go to the next. */
157        if (--md_count == 0)
158            parseit();
159    }
160
161    return shoulditfail;
162}
163
164void ossl_malloc_setup_failures(void)
165{
166    const char *cp = getenv("OPENSSL_MALLOC_FAILURES");
167
168    if (cp != NULL && (md_failstring = strdup(cp)) != NULL)
169        parseit();
170    if ((cp = getenv("OPENSSL_MALLOC_FD")) != NULL)
171        md_tracefd = atoi(cp);
172    if ((cp = getenv("OPENSSL_MALLOC_SEED")) != NULL)
173        srandom(atoi(cp));
174}
175#endif
176
177void *CRYPTO_malloc(size_t num, const char *file, int line)
178{
179    INCREMENT(malloc_count);
180    if (malloc_impl != CRYPTO_malloc)
181        return malloc_impl(num, file, line);
182
183    if (num == 0)
184        return NULL;
185
186    FAILTEST();
187    if (allow_customize) {
188        /*
189         * Disallow customization after the first allocation. We only set this
190         * if necessary to avoid a store to the same cache line on every
191         * allocation.
192         */
193        allow_customize = 0;
194    }
195
196    return malloc(num);
197}
198
199void *CRYPTO_zalloc(size_t num, const char *file, int line)
200{
201    void *ret;
202
203    ret = CRYPTO_malloc(num, file, line);
204    if (ret != NULL)
205        memset(ret, 0, num);
206
207    return ret;
208}
209
210void *CRYPTO_realloc(void *str, size_t num, const char *file, int line)
211{
212    INCREMENT(realloc_count);
213    if (realloc_impl != CRYPTO_realloc)
214        return realloc_impl(str, num, file, line);
215
216    if (str == NULL)
217        return CRYPTO_malloc(num, file, line);
218
219    if (num == 0) {
220        CRYPTO_free(str, file, line);
221        return NULL;
222    }
223
224    FAILTEST();
225    return realloc(str, num);
226}
227
228void *CRYPTO_clear_realloc(void *str, size_t old_len, size_t num,
229                           const char *file, int line)
230{
231    void *ret = NULL;
232
233    if (str == NULL)
234        return CRYPTO_malloc(num, file, line);
235
236    if (num == 0) {
237        CRYPTO_clear_free(str, old_len, file, line);
238        return NULL;
239    }
240
241    /* Can't shrink the buffer since memcpy below copies |old_len| bytes. */
242    if (num < old_len) {
243        OPENSSL_cleanse((char*)str + num, old_len - num);
244        return str;
245    }
246
247    ret = CRYPTO_malloc(num, file, line);
248    if (ret != NULL) {
249        memcpy(ret, str, old_len);
250        CRYPTO_clear_free(str, old_len, file, line);
251    }
252    return ret;
253}
254
255void CRYPTO_free(void *str, const char *file, int line)
256{
257    INCREMENT(free_count);
258    if (free_impl != CRYPTO_free) {
259        free_impl(str, file, line);
260        return;
261    }
262
263    free(str);
264}
265
266void CRYPTO_clear_free(void *str, size_t num, const char *file, int line)
267{
268    if (str == NULL)
269        return;
270    if (num)
271        OPENSSL_cleanse(str, num);
272    CRYPTO_free(str, file, line);
273}
274
275#if !defined(OPENSSL_NO_CRYPTO_MDEBUG)
276
277# ifndef OPENSSL_NO_DEPRECATED_3_0
278int CRYPTO_mem_ctrl(int mode)
279{
280    (void)mode;
281    return -1;
282}
283
284int CRYPTO_set_mem_debug(int flag)
285{
286    (void)flag;
287    return -1;
288}
289
290int CRYPTO_mem_debug_push(const char *info, const char *file, int line)
291{
292    (void)info; (void)file; (void)line;
293    return 0;
294}
295
296int CRYPTO_mem_debug_pop(void)
297{
298    return 0;
299}
300
301void CRYPTO_mem_debug_malloc(void *addr, size_t num, int flag,
302                             const char *file, int line)
303{
304    (void)addr; (void)num; (void)flag; (void)file; (void)line;
305}
306
307void CRYPTO_mem_debug_realloc(void *addr1, void *addr2, size_t num, int flag,
308                              const char *file, int line)
309{
310    (void)addr1; (void)addr2; (void)num; (void)flag; (void)file; (void)line;
311}
312
313void CRYPTO_mem_debug_free(void *addr, int flag,
314                           const char *file, int line)
315{
316    (void)addr; (void)flag; (void)file; (void)line;
317}
318
319int CRYPTO_mem_leaks(BIO *b)
320{
321    (void)b;
322    return -1;
323}
324
325#  ifndef OPENSSL_NO_STDIO
326int CRYPTO_mem_leaks_fp(FILE *fp)
327{
328    (void)fp;
329    return -1;
330}
331#  endif
332
333int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
334                        void *u)
335{
336    (void)cb; (void)u;
337    return -1;
338}
339
340# endif
341
342#endif
343