[openssl-commits] [openssl] master update

Rich Salz rsalz at openssl.org
Sun May 21 01:02:43 UTC 2017 

The branch master has been updated
       via  c8e89d58a5d44b9dd657d6d13a5a10d1d4d30733 (commit)
      from  2117a737f379166856723546eba569e8f1050891 (commit)


- Log -----------------------------------------------------------------
commit c8e89d58a5d44b9dd657d6d13a5a10d1d4d30733
Author: Todd Short <tshort at akamai.com>
Date:   Fri May 12 16:46:39 2017 -0400

    Tweak sec_mem tests
    
    Remove assertion when mmap() fails.
    Only run the 1<<31 limit test on Linux
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/3455)

-----------------------------------------------------------------------

Summary of changes:
 crypto/mem_sec.c  |  1 -
 test/secmemtest.c | 25 ++++++++++++++++++++++---
 2 files changed, 22 insertions(+), 4 deletions(-)

diff --git a/crypto/mem_sec.c b/crypto/mem_sec.c
index 774b696..6fc1aca 100644
--- a/crypto/mem_sec.c
+++ b/crypto/mem_sec.c
@@ -425,7 +425,6 @@ static int sh_init(size_t size, int minsize)
             close(fd);
         }
     }
-    OPENSSL_assert(sh.map_result != MAP_FAILED);
     if (sh.map_result == MAP_FAILED)
         goto err;
     sh.arena = (char *)(sh.map_result + pgsize);
diff --git a/test/secmemtest.c b/test/secmemtest.c
index c92db50..e9be8f3 100644
--- a/test/secmemtest.c
+++ b/test/secmemtest.c
@@ -75,12 +75,31 @@ static int test_sec_mem(void)
     TEST_ptr_null(OPENSSL_secure_malloc((size_t)-1));
     TEST_true(CRYPTO_secure_malloc_done());
 
+    /*-
+     * There was also a possible infinite loop when the number of
+     * elements was 1<<31, as |int i| was set to that, which is a
+     * negative number. However, it requires minimum input values:
+     *
+     * CRYPTO_secure_malloc_init((size_t)1<<34, (size_t)1<<4);
+     *
+     * Which really only works on 64-bit systems, and even then the
+     * code attempts to allocate 16 GB secure memory arena. Linux
+     * can deal with this better than other Unixy OS's (e.g. MacOS)
+     * but we don't want to push the system too hard during a unit
+     * test. In addition, trying to allocate 16GB will cause the
+     * mlock() call to fail, so that was at least changed to no
+     * longer be an assert. If the reader of this comment really
+     * wants to make sure that infinite loop is fixed, they can
+     * enable the code below.
+     */
+# if 0
+    /* This test should only be run under Linux... runner beware */
     if (sizeof(size_t) > 4) {
         TEST_info("Possible infinite loop: 1<<31 limit");
-        if (!TEST_true(CRYPTO_secure_malloc_init((size_t)1<<34, (size_t)1<<4) != 0))
-            goto end;
-        TEST_true(CRYPTO_secure_malloc_done());
+        if (TEST_true(CRYPTO_secure_malloc_init((size_t)1<<34, (size_t)1<<4) != 0))
+            TEST_true(CRYPTO_secure_malloc_done());
     }
+# endif
     
     /* this can complete - it was not really secure */
     testresult = 1;

More information about the openssl-commits mailing list