1e71b7053SJung-uk Kim=pod 2e71b7053SJung-uk Kim 3e71b7053SJung-uk Kim=head1 NAME 4e71b7053SJung-uk Kim 5e71b7053SJung-uk KimOPENSSL_malloc_init, 6e71b7053SJung-uk KimOPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free, 7e71b7053SJung-uk KimOPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse, 8e71b7053SJung-uk KimCRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free, 9e71b7053SJung-uk KimOPENSSL_strdup, OPENSSL_strndup, 10e71b7053SJung-uk KimOPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat, 11e71b7053SJung-uk KimCRYPTO_strdup, CRYPTO_strndup, 12e71b7053SJung-uk KimOPENSSL_mem_debug_push, OPENSSL_mem_debug_pop, 13e71b7053SJung-uk KimCRYPTO_mem_debug_push, CRYPTO_mem_debug_pop, 14e71b7053SJung-uk KimCRYPTO_clear_realloc, CRYPTO_clear_free, 15*b077aed3SPierre ProncheryCRYPTO_malloc_fn, CRYPTO_realloc_fn, CRYPTO_free_fn, 16e71b7053SJung-uk KimCRYPTO_get_mem_functions, CRYPTO_set_mem_functions, 17e71b7053SJung-uk KimCRYPTO_get_alloc_counts, 18e71b7053SJung-uk KimCRYPTO_set_mem_debug, CRYPTO_mem_ctrl, 19e71b7053SJung-uk KimCRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb, 20e71b7053SJung-uk KimOPENSSL_MALLOC_FAILURES, 21e71b7053SJung-uk KimOPENSSL_MALLOC_FD 22e71b7053SJung-uk Kim- Memory allocation functions 23e71b7053SJung-uk Kim 24e71b7053SJung-uk Kim=head1 SYNOPSIS 25e71b7053SJung-uk Kim 26e71b7053SJung-uk Kim #include <openssl/crypto.h> 27e71b7053SJung-uk Kim 28*b077aed3SPierre Pronchery int OPENSSL_malloc_init(void); 29e71b7053SJung-uk Kim 30*b077aed3SPierre Pronchery void *OPENSSL_malloc(size_t num); 31*b077aed3SPierre Pronchery void *OPENSSL_zalloc(size_t num); 32*b077aed3SPierre Pronchery void *OPENSSL_realloc(void *addr, size_t num); 33*b077aed3SPierre Pronchery void OPENSSL_free(void *addr); 34*b077aed3SPierre Pronchery char *OPENSSL_strdup(const char *str); 35*b077aed3SPierre Pronchery char *OPENSSL_strndup(const char *str, size_t s); 36e71b7053SJung-uk Kim size_t OPENSSL_strlcat(char *dst, const char *src, size_t size); 37e71b7053SJung-uk Kim size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size); 38*b077aed3SPierre Pronchery void *OPENSSL_memdup(void *data, size_t s); 39*b077aed3SPierre Pronchery void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num); 40*b077aed3SPierre Pronchery void OPENSSL_clear_free(void *str, size_t num); 41e71b7053SJung-uk Kim void OPENSSL_cleanse(void *ptr, size_t len); 42e71b7053SJung-uk Kim 43*b077aed3SPierre Pronchery void *CRYPTO_malloc(size_t num, const char *file, int line); 44*b077aed3SPierre Pronchery void *CRYPTO_zalloc(size_t num, const char *file, int line); 45*b077aed3SPierre Pronchery void *CRYPTO_realloc(void *p, size_t num, const char *file, int line); 46*b077aed3SPierre Pronchery void CRYPTO_free(void *str, const char *, int); 47*b077aed3SPierre Pronchery char *CRYPTO_strdup(const char *p, const char *file, int line); 48*b077aed3SPierre Pronchery char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line); 49e71b7053SJung-uk Kim void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num, 50*b077aed3SPierre Pronchery const char *file, int line); 51*b077aed3SPierre Pronchery void CRYPTO_clear_free(void *str, size_t num, const char *, int); 52e71b7053SJung-uk Kim 53*b077aed3SPierre Pronchery typedef void *(*CRYPTO_malloc_fn)(size_t num, const char *file, int line); 54*b077aed3SPierre Pronchery typedef void *(*CRYPTO_realloc_fn)(void *addr, size_t num, const char *file, 55*b077aed3SPierre Pronchery int line); 56*b077aed3SPierre Pronchery typedef void (*CRYPTO_free_fn)(void *addr, const char *file, int line); 57*b077aed3SPierre Pronchery void CRYPTO_get_mem_functions(CRYPTO_malloc_fn *malloc_fn, 58*b077aed3SPierre Pronchery CRYPTO_realloc_fn *realloc_fn, 59*b077aed3SPierre Pronchery CRYPTO_free_fn *free_fn); 60*b077aed3SPierre Pronchery int CRYPTO_set_mem_functions(CRYPTO_malloc_fn malloc_fn, 61*b077aed3SPierre Pronchery CRYPTO_realloc_fn realloc_fn, 62*b077aed3SPierre Pronchery CRYPTO_free_fn free_fn); 63e71b7053SJung-uk Kim 64*b077aed3SPierre Pronchery void CRYPTO_get_alloc_counts(int *mcount, int *rcount, int *fcount); 65e71b7053SJung-uk Kim 66e71b7053SJung-uk Kim env OPENSSL_MALLOC_FAILURES=... <application> 67e71b7053SJung-uk Kim env OPENSSL_MALLOC_FD=... <application> 68e71b7053SJung-uk Kim 69*b077aed3SPierre ProncheryThe following functions have been deprecated since OpenSSL 3.0, and can be 70*b077aed3SPierre Proncheryhidden entirely by defining B<OPENSSL_API_COMPAT> with a suitable version value, 71*b077aed3SPierre Proncherysee L<openssl_user_macros(7)>: 72e71b7053SJung-uk Kim 73e71b7053SJung-uk Kim int CRYPTO_mem_leaks(BIO *b); 74e71b7053SJung-uk Kim int CRYPTO_mem_leaks_fp(FILE *fp); 75e71b7053SJung-uk Kim int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u), 76e71b7053SJung-uk Kim void *u); 77e71b7053SJung-uk Kim 78*b077aed3SPierre Pronchery int CRYPTO_set_mem_debug(int onoff); 79*b077aed3SPierre Pronchery int CRYPTO_mem_ctrl(int mode); 80*b077aed3SPierre Pronchery int OPENSSL_mem_debug_push(const char *info); 81*b077aed3SPierre Pronchery int OPENSSL_mem_debug_pop(void); 82*b077aed3SPierre Pronchery int CRYPTO_mem_debug_push(const char *info, const char *file, int line); 83*b077aed3SPierre Pronchery int CRYPTO_mem_debug_pop(void); 84*b077aed3SPierre Pronchery 85e71b7053SJung-uk Kim=head1 DESCRIPTION 86e71b7053SJung-uk Kim 87e71b7053SJung-uk KimOpenSSL memory allocation is handled by the B<OPENSSL_xxx> API. These are 88e71b7053SJung-uk Kimgenerally macro's that add the standard C B<__FILE__> and B<__LINE__> 89e71b7053SJung-uk Kimparameters and call a lower-level B<CRYPTO_xxx> API. 90e71b7053SJung-uk KimSome functions do not add those parameters, but exist for consistency. 91e71b7053SJung-uk Kim 926935a639SJung-uk KimOPENSSL_malloc_init() does nothing and does not need to be called. It is 936935a639SJung-uk Kimincluded for compatibility with older versions of OpenSSL. 94e71b7053SJung-uk Kim 95e71b7053SJung-uk KimOPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the 96e71b7053SJung-uk KimC malloc(), realloc(), and free() functions. 97e71b7053SJung-uk KimOPENSSL_zalloc() calls memset() to zero the memory before returning. 98e71b7053SJung-uk Kim 99e71b7053SJung-uk KimOPENSSL_clear_realloc() and OPENSSL_clear_free() should be used 100e71b7053SJung-uk Kimwhen the buffer at B<addr> holds sensitive information. 101e71b7053SJung-uk KimThe old buffer is filled with zero's by calling OPENSSL_cleanse() 102e71b7053SJung-uk Kimbefore ultimately calling OPENSSL_free(). 103e71b7053SJung-uk Kim 104e71b7053SJung-uk KimOPENSSL_cleanse() fills B<ptr> of size B<len> with a string of 0's. 105e71b7053SJung-uk KimUse OPENSSL_cleanse() with care if the memory is a mapping of a file. 10688e852c0SJung-uk KimIf the storage controller uses write compression, then it's possible 107e71b7053SJung-uk Kimthat sensitive tail bytes will survive zeroization because the block of 108e71b7053SJung-uk Kimzeros will be compressed. If the storage controller uses wear leveling, 109e71b7053SJung-uk Kimthen the old sensitive data will not be overwritten; rather, a block of 110e71b7053SJung-uk Kim0's will be written at a new physical location. 111e71b7053SJung-uk Kim 112e71b7053SJung-uk KimOPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the 113e71b7053SJung-uk Kimequivalent C functions, except that memory is allocated by calling the 114e71b7053SJung-uk KimOPENSSL_malloc() and should be released by calling OPENSSL_free(). 115e71b7053SJung-uk Kim 116e71b7053SJung-uk KimOPENSSL_strlcpy(), 117e71b7053SJung-uk KimOPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C 118e71b7053SJung-uk Kimlibrary functions and are provided for portability. 119e71b7053SJung-uk Kim 120e71b7053SJung-uk KimIf no allocations have been done, it is possible to "swap out" the default 121*b077aed3SPierre Proncheryimplementations for OPENSSL_malloc(), OPENSSL_realloc() and OPENSSL_free() 122*b077aed3SPierre Proncheryand replace them with alternate versions. 123e71b7053SJung-uk KimCRYPTO_get_mem_functions() function fills in the given arguments with the 124e71b7053SJung-uk Kimfunction pointers for the current implementations. 125e71b7053SJung-uk KimWith CRYPTO_set_mem_functions(), you can specify a different set of functions. 126*b077aed3SPierre ProncheryIf any of B<malloc_fn>, B<realloc_fn>, or B<free_fn> are NULL, then 127*b077aed3SPierre Proncherythe function is not changed. 128*b077aed3SPierre ProncheryWhile it's permitted to swap out only a few and not all the functions 129*b077aed3SPierre Proncherywith CRYPTO_set_mem_functions(), it's recommended to swap them all out 130*b077aed3SPierre Proncheryat once. 131e71b7053SJung-uk Kim 132e71b7053SJung-uk KimIf the library is built with the C<crypto-mdebug> option, then one 133e71b7053SJung-uk Kimfunction, CRYPTO_get_alloc_counts(), and two additional environment 134e71b7053SJung-uk Kimvariables, B<OPENSSL_MALLOC_FAILURES> and B<OPENSSL_MALLOC_FD>, 135e71b7053SJung-uk Kimare available. 136e71b7053SJung-uk Kim 137e71b7053SJung-uk KimThe function CRYPTO_get_alloc_counts() fills in the number of times 138e71b7053SJung-uk Kimeach of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been 139e71b7053SJung-uk Kimcalled, into the values pointed to by B<mcount>, B<rcount>, and B<fcount>, 140e71b7053SJung-uk Kimrespectively. If a pointer is NULL, then the corresponding count is not stored. 141e71b7053SJung-uk Kim 142e71b7053SJung-uk KimThe variable 143e71b7053SJung-uk KimB<OPENSSL_MALLOC_FAILURES> controls how often allocations should fail. 144e71b7053SJung-uk KimIt is a set of fields separated by semicolons, which each field is a count 145e71b7053SJung-uk Kim(defaulting to zero) and an optional atsign and percentage (defaulting 146e71b7053SJung-uk Kimto 100). If the count is zero, then it lasts forever. For example, 147e71b7053SJung-uk KimC<100;@25> or C<100@0;0@25> means the first 100 allocations pass, then all 148e71b7053SJung-uk Kimother allocations (until the program exits or crashes) have a 25% chance of 149e71b7053SJung-uk Kimfailing. 150e71b7053SJung-uk Kim 151e71b7053SJung-uk KimIf the variable B<OPENSSL_MALLOC_FD> is parsed as a positive integer, then 152*b077aed3SPierre Proncheryit is taken as an open file descriptor. This is used in conjunction with 153*b077aed3SPierre ProncheryB<OPENSSL_MALLOC_FAILURES> described above. For every allocation it will log 154*b077aed3SPierre Proncherydetails about how many allocations there have been so far, what percentage 155*b077aed3SPierre Proncherychance there is for this allocation failing, and whether it has actually failed. 156*b077aed3SPierre ProncheryThe following example in classic shell syntax shows how to use this (will not 157*b077aed3SPierre Proncherywork on all platforms): 158e71b7053SJung-uk Kim 159e71b7053SJung-uk Kim OPENSSL_MALLOC_FAILURES='200;@10' 160e71b7053SJung-uk Kim export OPENSSL_MALLOC_FAILURES 161e71b7053SJung-uk Kim OPENSSL_MALLOC_FD=3 162e71b7053SJung-uk Kim export OPENSSL_MALLOC_FD 163e71b7053SJung-uk Kim ...app invocation... 3>/tmp/log$$ 164e71b7053SJung-uk Kim 165e71b7053SJung-uk Kim=head1 RETURN VALUES 166e71b7053SJung-uk Kim 167e71b7053SJung-uk KimOPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free() 168e71b7053SJung-uk KimCRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions() 169e71b7053SJung-uk Kimreturn no value. 170e71b7053SJung-uk Kim 171e71b7053SJung-uk KimOPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(), 172e71b7053SJung-uk KimOPENSSL_clear_realloc(), 173e71b7053SJung-uk KimCRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(), 174e71b7053SJung-uk KimCRYPTO_clear_realloc(), 175e71b7053SJung-uk KimOPENSSL_strdup(), and OPENSSL_strndup() 176e71b7053SJung-uk Kimreturn a pointer to allocated memory or NULL on error. 177e71b7053SJung-uk Kim 178*b077aed3SPierre ProncheryCRYPTO_set_mem_functions() returns 1 on success or 0 on failure (almost 179e71b7053SJung-uk Kimalways because allocations have already happened). 180e71b7053SJung-uk Kim 181*b077aed3SPierre ProncheryCRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp(), CRYPTO_mem_leaks_cb(), 182*b077aed3SPierre ProncheryCRYPTO_set_mem_debug(), and CRYPTO_mem_ctrl() are deprecated and are no-ops that 183*b077aed3SPierre Proncheryalways return -1. 184*b077aed3SPierre ProncheryOPENSSL_mem_debug_push(), OPENSSL_mem_debug_pop(), 185*b077aed3SPierre ProncheryCRYPTO_mem_debug_push(), and CRYPTO_mem_debug_pop() 186*b077aed3SPierre Proncheryare deprecated and are no-ops that always return 0. 187e71b7053SJung-uk Kim 188*b077aed3SPierre Pronchery=head1 HISTORY 189e71b7053SJung-uk Kim 190*b077aed3SPierre ProncheryOPENSSL_mem_debug_push(), OPENSSL_mem_debug_pop(), 191*b077aed3SPierre ProncheryCRYPTO_mem_debug_push(), CRYPTO_mem_debug_pop(), 192*b077aed3SPierre ProncheryCRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp(), 193*b077aed3SPierre ProncheryCRYPTO_mem_leaks_cb(), CRYPTO_set_mem_debug(), CRYPTO_mem_ctrl() 194*b077aed3SPierre Proncherywere deprecated in OpenSSL 3.0. 195*b077aed3SPierre ProncheryThe memory-leak checking has been deprecated in OpenSSL 3.0 in favor of 196*b077aed3SPierre Proncheryclang's memory and leak sanitizer. 197e71b7053SJung-uk Kim 198e71b7053SJung-uk Kim 199e71b7053SJung-uk Kim=head1 COPYRIGHT 200e71b7053SJung-uk Kim 201*b077aed3SPierre ProncheryCopyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved. 202e71b7053SJung-uk Kim 203*b077aed3SPierre ProncheryLicensed under the Apache License 2.0 (the "License"). You may not use 204e71b7053SJung-uk Kimthis file except in compliance with the License. You can obtain a copy 205e71b7053SJung-uk Kimin the file LICENSE in the source distribution or at 206e71b7053SJung-uk KimL<https://www.openssl.org/source/license.html>. 207e71b7053SJung-uk Kim 208e71b7053SJung-uk Kim=cut 209