1berry/MariaDB-server
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

cleanup: check_openssl_compatibility()

Browse Source 
CRYPTO_set_mem_functions() works only until the first allocation is done:
* remove the second CRYPTO_set_mem_functions() call
* check whether the first CRYPTO_set_mem_functions() call worked
* stricter memory checks (==1, not >1, etc)
* as coc_malloc cannot be removed, make the counter a bit cheaper
* only do the check for OpenSSL 1.1 (because of OpenSSL 1.0 bug)
This commit is contained in:
Sergei Golubchik 2017-06-23 16:19:40 +02:00
parent a6bef22cda
commit 93a95c0a76
1 changed files with 22 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
mysys_ssl/openssl.c
View File

@ -17,8 +17,14 @@
#include <my_global.h> #include <my_global.h>
#include <ssl_compat.h> #include <ssl_compat.h>
#ifdef HAVE_YASSL /*
The check is only done for OpenSSL 1.1.x.
It could run for OpenSSL 1.0.x but it doesn't make much sense
and it hits this bug:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1594748
*/
#ifndef HAVE_OPENSSL11
int check_openssl_compatibility() int check_openssl_compatibility()
{ {
return 0; return 0;
@ -26,23 +32,15 @@ int check_openssl_compatibility()
#else #else
#include <openssl/evp.h> #include <openssl/evp.h>
#ifdef HAVE_OPENSSL11 static uint testing, alloc_size, alloc_count;
typedef void *(*CRYPTO_malloc_t)(size_t, const char *, int);
#endif
#ifdef HAVE_OPENSSL10 static void *coc_malloc(size_t size, const char *, int)
typedef void *(*CRYPTO_malloc_t)(size_t);
#define CRYPTO_malloc malloc
#define CRYPTO_realloc realloc
#define CRYPTO_free free
#endif
static uint allocated_size, allocated_count;
static void *coc_malloc(size_t size)
{ {
allocated_size+= size; if (unlikely(testing))
allocated_count++; {
alloc_size+= size;
alloc_count++;
}
return malloc(size); return malloc(size);
} }
@ -51,21 +49,23 @@ int check_openssl_compatibility()
EVP_CIPHER_CTX *evp_ctx; EVP_CIPHER_CTX *evp_ctx;
EVP_MD_CTX *md5_ctx; EVP_MD_CTX *md5_ctx;
CRYPTO_set_mem_functions((CRYPTO_malloc_t)coc_malloc, CRYPTO_realloc, CRYPTO_free); if (!CRYPTO_set_mem_functions(coc_malloc, CRYPTO_realloc, CRYPTO_free))
return 1;
allocated_size= allocated_count= 0; testing= 1;
alloc_size= alloc_count= 0;
evp_ctx= EVP_CIPHER_CTX_new(); evp_ctx= EVP_CIPHER_CTX_new();
EVP_CIPHER_CTX_free(evp_ctx); EVP_CIPHER_CTX_free(evp_ctx);
if (allocated_count > 1 || allocated_size > EVP_CIPHER_CTX_SIZE) if (alloc_count != 1 || !alloc_size || alloc_size > EVP_CIPHER_CTX_SIZE)
return 1; return 1;
allocated_size= allocated_count= 0; alloc_size= alloc_count= 0;
md5_ctx= EVP_MD_CTX_create(); md5_ctx= EVP_MD_CTX_create();
EVP_MD_CTX_destroy(md5_ctx); EVP_MD_CTX_destroy(md5_ctx);
if (allocated_count > 1 || allocated_size > EVP_MD_CTX_SIZE) if (alloc_count != 1 || !alloc_size || alloc_size > EVP_MD_CTX_SIZE)
return 1; return 1;
CRYPTO_set_mem_functions(CRYPTO_malloc, CRYPTO_realloc, CRYPTO_free); testing= 0;
return 0; return 0;
} }
#endif #endif