1e1051a39Sopenharmony_ci=pod
2e1051a39Sopenharmony_ci
3e1051a39Sopenharmony_ci=head1 NAME
4e1051a39Sopenharmony_ci
5e1051a39Sopenharmony_ciOPENSSL_malloc_init,
6e1051a39Sopenharmony_ciOPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free,
7e1051a39Sopenharmony_ciOPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse,
8e1051a39Sopenharmony_ciCRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free,
9e1051a39Sopenharmony_ciOPENSSL_strdup, OPENSSL_strndup,
10e1051a39Sopenharmony_ciOPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat,
11e1051a39Sopenharmony_ciCRYPTO_strdup, CRYPTO_strndup,
12e1051a39Sopenharmony_ciOPENSSL_mem_debug_push, OPENSSL_mem_debug_pop,
13e1051a39Sopenharmony_ciCRYPTO_mem_debug_push, CRYPTO_mem_debug_pop,
14e1051a39Sopenharmony_ciCRYPTO_clear_realloc, CRYPTO_clear_free,
15e1051a39Sopenharmony_ciCRYPTO_malloc_fn, CRYPTO_realloc_fn, CRYPTO_free_fn,
16e1051a39Sopenharmony_ciCRYPTO_get_mem_functions, CRYPTO_set_mem_functions,
17e1051a39Sopenharmony_ciCRYPTO_get_alloc_counts,
18e1051a39Sopenharmony_ciCRYPTO_set_mem_debug, CRYPTO_mem_ctrl,
19e1051a39Sopenharmony_ciCRYPTO_mem_leaks, CRYPTO_mem_leaks_fp, CRYPTO_mem_leaks_cb,
20e1051a39Sopenharmony_ciOPENSSL_MALLOC_FAILURES,
21e1051a39Sopenharmony_ciOPENSSL_MALLOC_FD
22e1051a39Sopenharmony_ci- Memory allocation functions
23e1051a39Sopenharmony_ci
24e1051a39Sopenharmony_ci=head1 SYNOPSIS
25e1051a39Sopenharmony_ci
26e1051a39Sopenharmony_ci #include <openssl/crypto.h>
27e1051a39Sopenharmony_ci
28e1051a39Sopenharmony_ci int OPENSSL_malloc_init(void);
29e1051a39Sopenharmony_ci
30e1051a39Sopenharmony_ci void *OPENSSL_malloc(size_t num);
31e1051a39Sopenharmony_ci void *OPENSSL_zalloc(size_t num);
32e1051a39Sopenharmony_ci void *OPENSSL_realloc(void *addr, size_t num);
33e1051a39Sopenharmony_ci void OPENSSL_free(void *addr);
34e1051a39Sopenharmony_ci char *OPENSSL_strdup(const char *str);
35e1051a39Sopenharmony_ci char *OPENSSL_strndup(const char *str, size_t s);
36e1051a39Sopenharmony_ci size_t OPENSSL_strlcat(char *dst, const char *src, size_t size);
37e1051a39Sopenharmony_ci size_t OPENSSL_strlcpy(char *dst, const char *src, size_t size);
38e1051a39Sopenharmony_ci void *OPENSSL_memdup(void *data, size_t s);
39e1051a39Sopenharmony_ci void *OPENSSL_clear_realloc(void *p, size_t old_len, size_t num);
40e1051a39Sopenharmony_ci void OPENSSL_clear_free(void *str, size_t num);
41e1051a39Sopenharmony_ci void OPENSSL_cleanse(void *ptr, size_t len);
42e1051a39Sopenharmony_ci
43e1051a39Sopenharmony_ci void *CRYPTO_malloc(size_t num, const char *file, int line);
44e1051a39Sopenharmony_ci void *CRYPTO_zalloc(size_t num, const char *file, int line);
45e1051a39Sopenharmony_ci void *CRYPTO_realloc(void *p, size_t num, const char *file, int line);
46e1051a39Sopenharmony_ci void CRYPTO_free(void *str, const char *, int);
47e1051a39Sopenharmony_ci char *CRYPTO_strdup(const char *p, const char *file, int line);
48e1051a39Sopenharmony_ci char *CRYPTO_strndup(const char *p, size_t num, const char *file, int line);
49e1051a39Sopenharmony_ci void *CRYPTO_clear_realloc(void *p, size_t old_len, size_t num,
50e1051a39Sopenharmony_ci                            const char *file, int line);
51e1051a39Sopenharmony_ci void CRYPTO_clear_free(void *str, size_t num, const char *, int);
52e1051a39Sopenharmony_ci
53e1051a39Sopenharmony_ci typedef void *(*CRYPTO_malloc_fn)(size_t num, const char *file, int line);
54e1051a39Sopenharmony_ci typedef void *(*CRYPTO_realloc_fn)(void *addr, size_t num, const char *file,
55e1051a39Sopenharmony_ci                                    int line);
56e1051a39Sopenharmony_ci typedef void (*CRYPTO_free_fn)(void *addr, const char *file, int line);
57e1051a39Sopenharmony_ci void CRYPTO_get_mem_functions(CRYPTO_malloc_fn *malloc_fn,
58e1051a39Sopenharmony_ci                               CRYPTO_realloc_fn *realloc_fn,
59e1051a39Sopenharmony_ci                               CRYPTO_free_fn *free_fn);
60e1051a39Sopenharmony_ci int CRYPTO_set_mem_functions(CRYPTO_malloc_fn malloc_fn,
61e1051a39Sopenharmony_ci                              CRYPTO_realloc_fn realloc_fn,
62e1051a39Sopenharmony_ci                              CRYPTO_free_fn free_fn);
63e1051a39Sopenharmony_ci
64e1051a39Sopenharmony_ci void CRYPTO_get_alloc_counts(int *mcount, int *rcount, int *fcount);
65e1051a39Sopenharmony_ci
66e1051a39Sopenharmony_ci env OPENSSL_MALLOC_FAILURES=... <application>
67e1051a39Sopenharmony_ci env OPENSSL_MALLOC_FD=... <application>
68e1051a39Sopenharmony_ci
69e1051a39Sopenharmony_ciThe following functions have been deprecated since OpenSSL 3.0, and can be
70e1051a39Sopenharmony_cihidden entirely by defining B<OPENSSL_API_COMPAT> with a suitable version value,
71e1051a39Sopenharmony_cisee L<openssl_user_macros(7)>:
72e1051a39Sopenharmony_ci
73e1051a39Sopenharmony_ci int CRYPTO_mem_leaks(BIO *b);
74e1051a39Sopenharmony_ci int CRYPTO_mem_leaks_fp(FILE *fp);
75e1051a39Sopenharmony_ci int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
76e1051a39Sopenharmony_ci                         void *u);
77e1051a39Sopenharmony_ci
78e1051a39Sopenharmony_ci int CRYPTO_set_mem_debug(int onoff);
79e1051a39Sopenharmony_ci int CRYPTO_mem_ctrl(int mode);
80e1051a39Sopenharmony_ci int OPENSSL_mem_debug_push(const char *info);
81e1051a39Sopenharmony_ci int OPENSSL_mem_debug_pop(void);
82e1051a39Sopenharmony_ci int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
83e1051a39Sopenharmony_ci int CRYPTO_mem_debug_pop(void);
84e1051a39Sopenharmony_ci
85e1051a39Sopenharmony_ci=head1 DESCRIPTION
86e1051a39Sopenharmony_ci
87e1051a39Sopenharmony_ciOpenSSL memory allocation is handled by the B<OPENSSL_xxx> API. These are
88e1051a39Sopenharmony_cigenerally macro's that add the standard C B<__FILE__> and B<__LINE__>
89e1051a39Sopenharmony_ciparameters and call a lower-level B<CRYPTO_xxx> API.
90e1051a39Sopenharmony_ciSome functions do not add those parameters, but exist for consistency.
91e1051a39Sopenharmony_ci
92e1051a39Sopenharmony_ciOPENSSL_malloc_init() does nothing and does not need to be called. It is
93e1051a39Sopenharmony_ciincluded for compatibility with older versions of OpenSSL.
94e1051a39Sopenharmony_ci
95e1051a39Sopenharmony_ciOPENSSL_malloc(), OPENSSL_realloc(), and OPENSSL_free() are like the
96e1051a39Sopenharmony_ciC malloc(), realloc(), and free() functions.
97e1051a39Sopenharmony_ciOPENSSL_zalloc() calls memset() to zero the memory before returning.
98e1051a39Sopenharmony_ci
99e1051a39Sopenharmony_ciOPENSSL_clear_realloc() and OPENSSL_clear_free() should be used
100e1051a39Sopenharmony_ciwhen the buffer at B<addr> holds sensitive information.
101e1051a39Sopenharmony_ciThe old buffer is filled with zero's by calling OPENSSL_cleanse()
102e1051a39Sopenharmony_cibefore ultimately calling OPENSSL_free().
103e1051a39Sopenharmony_ci
104e1051a39Sopenharmony_ciOPENSSL_cleanse() fills B<ptr> of size B<len> with a string of 0's.
105e1051a39Sopenharmony_ciUse OPENSSL_cleanse() with care if the memory is a mapping of a file.
106e1051a39Sopenharmony_ciIf the storage controller uses write compression, then it's possible
107e1051a39Sopenharmony_cithat sensitive tail bytes will survive zeroization because the block of
108e1051a39Sopenharmony_cizeros will be compressed. If the storage controller uses wear leveling,
109e1051a39Sopenharmony_cithen the old sensitive data will not be overwritten; rather, a block of
110e1051a39Sopenharmony_ci0's will be written at a new physical location.
111e1051a39Sopenharmony_ci
112e1051a39Sopenharmony_ciOPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the
113e1051a39Sopenharmony_ciequivalent C functions, except that memory is allocated by calling the
114e1051a39Sopenharmony_ciOPENSSL_malloc() and should be released by calling OPENSSL_free().
115e1051a39Sopenharmony_ci
116e1051a39Sopenharmony_ciOPENSSL_strlcpy(),
117e1051a39Sopenharmony_ciOPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C
118e1051a39Sopenharmony_cilibrary functions and are provided for portability.
119e1051a39Sopenharmony_ci
120e1051a39Sopenharmony_ciIf no allocations have been done, it is possible to "swap out" the default
121e1051a39Sopenharmony_ciimplementations for OPENSSL_malloc(), OPENSSL_realloc() and OPENSSL_free()
122e1051a39Sopenharmony_ciand replace them with alternate versions.
123e1051a39Sopenharmony_ciCRYPTO_get_mem_functions() function fills in the given arguments with the
124e1051a39Sopenharmony_cifunction pointers for the current implementations.
125e1051a39Sopenharmony_ciWith CRYPTO_set_mem_functions(), you can specify a different set of functions.
126e1051a39Sopenharmony_ciIf any of B<malloc_fn>, B<realloc_fn>, or B<free_fn> are NULL, then
127e1051a39Sopenharmony_cithe function is not changed.
128e1051a39Sopenharmony_ciWhile it's permitted to swap out only a few and not all the functions
129e1051a39Sopenharmony_ciwith CRYPTO_set_mem_functions(), it's recommended to swap them all out
130e1051a39Sopenharmony_ciat once.
131e1051a39Sopenharmony_ci
132e1051a39Sopenharmony_ciIf the library is built with the C<crypto-mdebug> option, then one
133e1051a39Sopenharmony_cifunction, CRYPTO_get_alloc_counts(), and two additional environment
134e1051a39Sopenharmony_civariables, B<OPENSSL_MALLOC_FAILURES> and B<OPENSSL_MALLOC_FD>,
135e1051a39Sopenharmony_ciare available.
136e1051a39Sopenharmony_ci
137e1051a39Sopenharmony_ciThe function CRYPTO_get_alloc_counts() fills in the number of times
138e1051a39Sopenharmony_cieach of CRYPTO_malloc(), CRYPTO_realloc(), and CRYPTO_free() have been
139e1051a39Sopenharmony_cicalled, into the values pointed to by B<mcount>, B<rcount>, and B<fcount>,
140e1051a39Sopenharmony_cirespectively.  If a pointer is NULL, then the corresponding count is not stored.
141e1051a39Sopenharmony_ci
142e1051a39Sopenharmony_ciThe variable
143e1051a39Sopenharmony_ciB<OPENSSL_MALLOC_FAILURES> controls how often allocations should fail.
144e1051a39Sopenharmony_ciIt is a set of fields separated by semicolons, which each field is a count
145e1051a39Sopenharmony_ci(defaulting to zero) and an optional atsign and percentage (defaulting
146e1051a39Sopenharmony_cito 100).  If the count is zero, then it lasts forever.  For example,
147e1051a39Sopenharmony_ciC<100;@25> or C<100@0;0@25> means the first 100 allocations pass, then all
148e1051a39Sopenharmony_ciother allocations (until the program exits or crashes) have a 25% chance of
149e1051a39Sopenharmony_cifailing.
150e1051a39Sopenharmony_ci
151e1051a39Sopenharmony_ciIf the variable B<OPENSSL_MALLOC_FD> is parsed as a positive integer, then
152e1051a39Sopenharmony_ciit is taken as an open file descriptor. This is used in conjunction with
153e1051a39Sopenharmony_ciB<OPENSSL_MALLOC_FAILURES> described above. For every allocation it will log
154e1051a39Sopenharmony_cidetails about how many allocations there have been so far, what percentage
155e1051a39Sopenharmony_cichance there is for this allocation failing, and whether it has actually failed.
156e1051a39Sopenharmony_ciThe following example in classic shell syntax shows how to use this (will not
157e1051a39Sopenharmony_ciwork on all platforms):
158e1051a39Sopenharmony_ci
159e1051a39Sopenharmony_ci  OPENSSL_MALLOC_FAILURES='200;@10'
160e1051a39Sopenharmony_ci  export OPENSSL_MALLOC_FAILURES
161e1051a39Sopenharmony_ci  OPENSSL_MALLOC_FD=3
162e1051a39Sopenharmony_ci  export OPENSSL_MALLOC_FD
163e1051a39Sopenharmony_ci  ...app invocation... 3>/tmp/log$$
164e1051a39Sopenharmony_ci
165e1051a39Sopenharmony_ci=head1 RETURN VALUES
166e1051a39Sopenharmony_ci
167e1051a39Sopenharmony_ciOPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free()
168e1051a39Sopenharmony_ciCRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions()
169e1051a39Sopenharmony_cireturn no value.
170e1051a39Sopenharmony_ci
171e1051a39Sopenharmony_ciOPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(),
172e1051a39Sopenharmony_ciOPENSSL_clear_realloc(),
173e1051a39Sopenharmony_ciCRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(),
174e1051a39Sopenharmony_ciCRYPTO_clear_realloc(),
175e1051a39Sopenharmony_ciOPENSSL_strdup(), and OPENSSL_strndup()
176e1051a39Sopenharmony_cireturn a pointer to allocated memory or NULL on error.
177e1051a39Sopenharmony_ci
178e1051a39Sopenharmony_ciCRYPTO_set_mem_functions() returns 1 on success or 0 on failure (almost
179e1051a39Sopenharmony_cialways because allocations have already happened).
180e1051a39Sopenharmony_ci
181e1051a39Sopenharmony_ciCRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp(), CRYPTO_mem_leaks_cb(),
182e1051a39Sopenharmony_ciCRYPTO_set_mem_debug(), and CRYPTO_mem_ctrl() are deprecated and are no-ops that
183e1051a39Sopenharmony_cialways return -1.
184e1051a39Sopenharmony_ciOPENSSL_mem_debug_push(), OPENSSL_mem_debug_pop(),
185e1051a39Sopenharmony_ciCRYPTO_mem_debug_push(), and CRYPTO_mem_debug_pop()
186e1051a39Sopenharmony_ciare deprecated and are no-ops that always return 0.
187e1051a39Sopenharmony_ci
188e1051a39Sopenharmony_ci=head1 HISTORY
189e1051a39Sopenharmony_ci
190e1051a39Sopenharmony_ciOPENSSL_mem_debug_push(), OPENSSL_mem_debug_pop(),
191e1051a39Sopenharmony_ciCRYPTO_mem_debug_push(), CRYPTO_mem_debug_pop(),
192e1051a39Sopenharmony_ciCRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp(),
193e1051a39Sopenharmony_ciCRYPTO_mem_leaks_cb(), CRYPTO_set_mem_debug(), CRYPTO_mem_ctrl()
194e1051a39Sopenharmony_ciwere deprecated in OpenSSL 3.0.
195e1051a39Sopenharmony_ciThe memory-leak checking has been deprecated in OpenSSL 3.0 in favor of
196e1051a39Sopenharmony_ciclang's memory and leak sanitizer.
197e1051a39Sopenharmony_ci
198e1051a39Sopenharmony_ci
199e1051a39Sopenharmony_ci=head1 COPYRIGHT
200e1051a39Sopenharmony_ci
201e1051a39Sopenharmony_ciCopyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
202e1051a39Sopenharmony_ci
203e1051a39Sopenharmony_ciLicensed under the Apache License 2.0 (the "License").  You may not use
204e1051a39Sopenharmony_cithis file except in compliance with the License.  You can obtain a copy
205e1051a39Sopenharmony_ciin the file LICENSE in the source distribution or at
206e1051a39Sopenharmony_ciL<https://www.openssl.org/source/license.html>.
207e1051a39Sopenharmony_ci
208e1051a39Sopenharmony_ci=cut
209