[openssl] master update
Richard Levitte
levitte at openssl.org
Sat Dec 14 19:57:41 UTC 2019
The branch master has been updated
via 146113827135b4c646531a48f388e43add6ff871 (commit)
via 742ccab318b13a8779d9f9164d479b4a428a6da8 (commit)
from 4e3ee452d091615e52a43e6e7c6db7d09e260353 (commit)
- Log -----------------------------------------------------------------
commit 146113827135b4c646531a48f388e43add6ff871
Author: Rich Salz <rsalz at akamai.com>
Date: Wed Dec 11 10:56:12 2019 -0500
Deprecated crypto-mdebug-backtrace
Reviewed-by: Paul Dale <paul.dale at oracle.com>
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10572)
commit 742ccab318b13a8779d9f9164d479b4a428a6da8
Author: Rich Salz <rsalz at akamai.com>
Date: Wed Dec 4 13:15:08 2019 -0500
Deprecate most of debug-memory
Fixes #8322
The leak-checking (and backtrace option, on some platforms) provided
by crypto-mdebug and crypto-mdebug-backtrace have been mostly neutered;
only the "make malloc fail" capability remains. OpenSSL recommends using
the compiler's leak-detection instead.
The OPENSSL_DEBUG_MEMORY environment variable is no longer used.
CRYPTO_mem_ctrl(), CRYPTO_set_mem_debug(), CRYPTO_mem_leaks(),
CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return a failure code.
CRYPTO_mem_debug_{malloc,realloc,free}() have been removed. All of the
above are now deprecated.
Merge (now really small) mem_dbg.c into mem.c
Reviewed-by: Paul Dale <paul.dale at oracle.com>
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10572)
-----------------------------------------------------------------------
Summary of changes:
CHANGES | 4 +
Configurations/descrip.mms.tmpl | 2 -
Configurations/unix-Makefile.tmpl | 3 +-
Configurations/windows-makefile.tmpl | 1 -
Configure | 21 +-
INSTALL | 14 +-
NEWS | 2 +
apps/openssl.c | 9 -
crypto/build.info | 2 +-
crypto/ex_data.c | 9 +-
crypto/mem.c | 94 ++++---
crypto/mem_dbg.c | 503 -----------------------------------
crypto/objects/o_names.c | 12 +-
crypto/provider_core.c | 1 -
doc/man3/OPENSSL_malloc.pod | 70 ++---
doc/man7/provider-base.pod | 3 +-
include/openssl/core_numbers.h | 2 -
include/openssl/crypto.h | 38 ++-
providers/fips/fipsprov.c | 9 -
providers/fips/selftest.c | 3 -
ssl/ssl_ciph.c | 7 -
test/asynctest.c | 5 +-
test/bio_memleak_test.c | 7 -
test/sslapitest.c | 8 +-
test/sslbuffertest.c | 7 -
test/ssltest_old.c | 11 -
test/testutil/driver.c | 28 --
util/libcrypto.num | 16 +-
28 files changed, 115 insertions(+), 776 deletions(-)
delete mode 100644 crypto/mem_dbg.c
diff --git a/CHANGES b/CHANGES
index 45f97e6740..954c0ab028 100644
--- a/CHANGES
+++ b/CHANGES
@@ -41,6 +41,10 @@
(CVE-2019-1551)
[Andy Polyakov]
+ *) Most memory-debug features have been deprecated, and the functionality
+ replaced with no-ops.
+ [Rich Salz]
+
*) Introduced a new method type and API, OSSL_SERIALIZER, to
represent generic serializers. An implementation is expected to
be able to serialize an object associated with a given name (such
diff --git a/Configurations/descrip.mms.tmpl b/Configurations/descrip.mms.tmpl
index cb1fd9c5b5..f9f3aea4f4 100644
--- a/Configurations/descrip.mms.tmpl
+++ b/Configurations/descrip.mms.tmpl
@@ -446,10 +446,8 @@ test : tests
DEFINE RESULT_D {- builddir(qw(test test-runs)) -}
DEFINE OPENSSL_ENGINES {- builddir("engines") -}
DEFINE OPENSSL_MODULES {- builddir("providers") -}
- DEFINE OPENSSL_DEBUG_MEMORY "on"
IF "$(VERBOSE)" .NES. "" THEN DEFINE VERBOSE "$(VERBOSE)"
$(PERL) {- sourcefile("test", "run_tests.pl") -} $(TESTS)
- DEASSIGN OPENSSL_DEBUG_MEMORY
DEASSIGN OPENSSL_MODULES
DEASSIGN OPENSSL_ENGINES
DEASSIGN BLDTOP
diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl
index c3c83f95cd..b1c087272d 100644
--- a/Configurations/unix-Makefile.tmpl
+++ b/Configurations/unix-Makefile.tmpl
@@ -459,8 +459,7 @@ test: tests
EXE_EXT={- platform->binext() -} \
OPENSSL_ENGINES=`cd ../$(BLDDIR)/engines 2>/dev/null && pwd` \
OPENSSL_MODULES=`cd ../$(BLDDIR)/providers 2>/dev/null && pwd` \
- OPENSSL_DEBUG_MEMORY=on \
- $(PERL) ../$(SRCDIR)/test/run_tests.pl $(TESTS) )
+ $(PERL) ../$(SRCDIR)/test/run_tests.pl $(TESTS) )
@ : {- if ($disabled{tests}) { output_on(); } else { output_off(); } "" -}
@echo "Tests are not supported with your chosen Configure options"
@ : {- output_on() if !$disabled{tests}; "" -}
diff --git a/Configurations/windows-makefile.tmpl b/Configurations/windows-makefile.tmpl
index 7bc09df78d..e25ccd0d5d 100644
--- a/Configurations/windows-makefile.tmpl
+++ b/Configurations/windows-makefile.tmpl
@@ -379,7 +379,6 @@ test: tests
set PERL=$(PERL)
set OPENSSL_ENGINES=$(MAKEDIR)\engines
set OPENSSL_MODULES=$(MAKEDIR)\providers
- set OPENSSL_DEBUG_MEMORY=on
"$(PERL)" "$(SRCDIR)\test\run_tests.pl" $(TESTS)
@{- if ($disabled{tests}) { output_on(); } else { output_off(); } "" -}
@$(ECHO) "Tests are not supported with your chosen Configure options"
diff --git a/Configure b/Configure
index e303d98deb..7ebde1314a 100755
--- a/Configure
+++ b/Configure
@@ -170,10 +170,6 @@ my @cl_devteam_warn = qw(
/WX
);
-# This adds backtrace information to the memory leak info. Is only used
-# when crypto-mdebug-backtrace is enabled.
-my $memleak_devteam_backtrace = "-rdynamic";
-
my $strict_warnings = 0;
# As for $BSDthreads. Idea is to maintain "collective" set of flags,
@@ -345,7 +341,6 @@ my @dtls = qw(dtls1 dtls1_2);
# For developers: keep it sorted alphabetically
my @disablables = (
- "ktls",
"afalgeng",
"aria",
"asan",
@@ -366,7 +361,6 @@ my @disablables = (
"cms",
"comp",
"crypto-mdebug",
- "crypto-mdebug-backtrace",
"ct",
"deprecated",
"des",
@@ -392,6 +386,7 @@ my @disablables = (
"fuzz-afl",
"gost",
"idea",
+ "ktls",
"legacy",
"makedepend",
"md2",
@@ -463,6 +458,7 @@ my @disablables_int = qw(
my %deprecated_disablables = (
"ssl2" => undef,
"buf-freelists" => undef,
+ "crypto-mdebug-backtrace" => undef,
"hw" => "hw", # causes cascade, but no macro
"hw-padlock" => "padlockeng",
"ripemd" => "rmd160",
@@ -1517,19 +1513,6 @@ $config{CFLAGS} = [ map { $_ eq '--ossl-strict-warnings'
: ( $_ ) }
@{$config{CFLAGS}} ];
-unless ($disabled{"crypto-mdebug-backtrace"})
- {
- foreach my $wopt (split /\s+/, $memleak_devteam_backtrace)
- {
- push @{$config{cflags}}, $wopt
- unless grep { $_ eq $wopt } @{$config{cflags}};
- }
- if ($target =~ /^BSD-/)
- {
- push @{$config{ex_libs}}, "-lexecinfo";
- }
- }
-
unless ($disabled{afalgeng}) {
$config{afalgeng}="";
if (grep { $_ eq 'afalgeng' } @{$target{enable}}) {
diff --git a/INSTALL b/INSTALL
index 4dcc452562..36f271787d 100644
--- a/INSTALL
+++ b/INSTALL
@@ -344,19 +344,11 @@
work if the zlib or zlib-dynamic options are also chosen.
enable-crypto-mdebug
- Build support for debugging memory allocated via
- OPENSSL_malloc() or OPENSSL_zalloc().
+ This now only enables the failed-malloc feature.
enable-crypto-mdebug-backtrace
- As for crypto-mdebug, but additionally provide backtrace
- information for allocated memory.
- TO BE USED WITH CARE: this uses GNU C functionality, and
- is therefore not usable for non-GNU config targets. If
- your build complains about the use of '-rdynamic' or the
- lack of header file execinfo.h, this option is not for you.
- ALSO NOTE that even though execinfo.h is available on your
- system (through Gnulib), the functions might just be stubs
- that do nothing.
+ This is a no-op; the project uses the compiler's
+ address/leak sanitizer instead.
no-ct
Don't build support for Certificate Transparency.
diff --git a/NEWS b/NEWS
index 7c11f61db7..3929894f58 100644
--- a/NEWS
+++ b/NEWS
@@ -7,6 +7,8 @@
Major changes between OpenSSL 1.1.1 and OpenSSL 3.0.0 [under development]
+ o enable-crypto-mdebug and enable-crypto-mdebug-backtrace were mostly
+ disabled; the project uses address sanitize/leak-detect instead.
o Added OSSL_SERIALIZER, a generic serializer API.
o Added error raising macros, ERR_raise() and ERR_raise_data().
o Deprecated ERR_put_error().
diff --git a/apps/openssl.c b/apps/openssl.c
index 769555e5e1..d60267d742 100644
--- a/apps/openssl.c
+++ b/apps/openssl.c
@@ -258,11 +258,6 @@ int main(int argc, char *argv[])
setup_trace(getenv("OPENSSL_TRACE"));
#endif
- p = getenv("OPENSSL_DEBUG_MEMORY");
- if (p != NULL && strcmp(p, "on") == 0)
- CRYPTO_set_mem_debug(1);
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-
if (getenv("OPENSSL_FIPS")) {
BIO_printf(bio_err, "FIPS mode not supported.\n");
return 1;
@@ -379,10 +374,6 @@ int main(int argc, char *argv[])
BIO_free(bio_in);
BIO_free_all(bio_out);
apps_shutdown();
-#ifndef OPENSSL_NO_CRYPTO_MDEBUG
- if (CRYPTO_mem_leaks(bio_err) <= 0)
- ret = 1;
-#endif
BIO_free(bio_err);
EXIT(ret);
}
diff --git a/crypto/build.info b/crypto/build.info
index 5beaf528be..758a75ec6b 100644
--- a/crypto/build.info
+++ b/crypto/build.info
@@ -73,7 +73,7 @@ $UTIL_COMMON=\
$UTIL_DEFINE=$CPUIDDEF
SOURCE[../libcrypto]=$UTIL_COMMON \
- mem.c mem_sec.c mem_dbg.c \
+ mem.c mem_sec.c \
cversion.c info.c cpt_err.c ebcdic.c uid.c o_time.c o_dir.c \
o_fopen.c getenv.c o_init.c o_fips.c init.c trace.c provider.c \
$UPLINKSRC
diff --git a/crypto/ex_data.c b/crypto/ex_data.c
index 58614b68a3..3cffef897b 100644
--- a/crypto/ex_data.c
+++ b/crypto/ex_data.c
@@ -38,13 +38,8 @@ static EX_CALLBACKS *get_and_lock(OPENSSL_CTX *ctx, int class_index)
global = openssl_ctx_get_ex_data_global(ctx);
if (global == NULL || global->ex_data_lock == NULL) {
/*
- * This can happen in normal operation when using CRYPTO_mem_leaks().
- * The CRYPTO_mem_leaks() function calls OPENSSL_cleanup() which cleans
- * up the locks. Subsequently the BIO that CRYPTO_mem_leaks() uses gets
- * freed, which also attempts to free the ex_data. However
- * CRYPTO_mem_leaks() ensures that the ex_data is freed early (i.e.
- * before OPENSSL_cleanup() is called), so if we get here we can safely
- * ignore this operation. We just treat it as an error.
+ * If we get here, someone (who?) cleaned up the lock, so just
+ * treat it as an error.
*/
return NULL;
}
diff --git a/crypto/mem.c b/crypto/mem.c
index d3cac29b21..f5e8f2445a 100644
--- a/crypto/mem.c
+++ b/crypto/mem.c
@@ -14,9 +14,6 @@
#include <stdlib.h>
#include <limits.h>
#include <openssl/crypto.h>
-#if !defined(OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE) && !defined(FIPS_MODE)
-# include <execinfo.h>
-#endif
/*
* the following pointers may be changed as long as 'allow_customize' is set
@@ -43,7 +40,6 @@ static char *md_failstring;
static long md_count;
static int md_fail_percent = 0;
static int md_tracefd = -1;
-static int call_malloc_debug = 1;
static void parseit(void);
static int shouldfail(void);
@@ -51,7 +47,6 @@ static int shouldfail(void);
# define FAILTEST() if (shouldfail()) return NULL
#else
-static int call_malloc_debug = 0;
# define INCREMENT(x) /* empty */
# define FAILTEST() /* empty */
@@ -73,14 +68,6 @@ int CRYPTO_set_mem_functions(
return 1;
}
-int CRYPTO_set_mem_debug(int flag)
-{
- if (!allow_customize)
- return 0;
- call_malloc_debug = flag;
- return 1;
-}
-
void CRYPTO_get_mem_functions(
void *(**m)(size_t, const char *, int),
void *(**r)(void *, size_t, const char *, int),
@@ -209,18 +196,8 @@ void *CRYPTO_malloc(size_t num, const char *file, int line)
*/
allow_customize = 0;
}
-#if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODE)
- if (call_malloc_debug) {
- CRYPTO_mem_debug_malloc(NULL, num, 0, file, line);
- ret = malloc(num);
- CRYPTO_mem_debug_malloc(ret, num, 1, file, line);
- } else {
- ret = malloc(num);
- }
-#else
(void)(file); (void)(line);
ret = malloc(num);
-#endif
return ret;
}
@@ -250,17 +227,7 @@ void *CRYPTO_realloc(void *str, size_t num, const char *file, int line)
return NULL;
}
-#if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODE)
- if (call_malloc_debug) {
- void *ret;
- CRYPTO_mem_debug_realloc(str, NULL, num, 0, file, line);
- ret = realloc(str, num);
- CRYPTO_mem_debug_realloc(str, ret, num, 1, file, line);
- return ret;
- }
-#else
(void)(file); (void)(line);
-#endif
return realloc(str, num);
}
@@ -300,17 +267,7 @@ void CRYPTO_free(void *str, const char *file, int line)
return;
}
-#if !defined(OPENSSL_NO_CRYPTO_MDEBUG) && !defined(FIPS_MODE)
- if (call_malloc_debug) {
- CRYPTO_mem_debug_free(str, 0, file, line);
- free(str);
- CRYPTO_mem_debug_free(str, 1, file, line);
- } else {
- free(str);
- }
-#else
free(str);
-#endif
}
void CRYPTO_clear_free(void *str, size_t num, const char *file, int line)
@@ -321,3 +278,54 @@ void CRYPTO_clear_free(void *str, size_t num, const char *file, int line)
OPENSSL_cleanse(str, num);
CRYPTO_free(str, file, line);
}
+
+#if !defined(OPENSSL_NO_CRYPTO_MDEBUG)
+
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+int CRYPTO_mem_ctrl(int mode)
+{
+ (void)mode;
+ return -1;
+}
+
+int CRYPTO_set_mem_debug(int flag)
+{
+ (void)flag;
+ return -1;
+}
+
+int CRYPTO_mem_debug_push(const char *info, const char *file, int line)
+{
+ (void)info; (void)file; (void)line;
+ return -1;
+}
+
+int CRYPTO_mem_debug_pop(void)
+{
+ return -1;
+}
+
+int CRYPTO_mem_leaks(BIO *b)
+{
+ (void)b;
+ return -1;
+}
+
+# ifndef OPENSSL_NO_STDIO
+int CRYPTO_mem_leaks_fp(FILE *fp)
+{
+ (void)fp;
+ return -1;
+}
+# endif
+
+int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
+ void *u)
+{
+ (void)cb; (void)u;
+ return -1;
+}
+
+# endif
+
+#endif
diff --git a/crypto/mem_dbg.c b/crypto/mem_dbg.c
deleted file mode 100644
index 561dd80437..0000000000
--- a/crypto/mem_dbg.c
+++ /dev/null
@@ -1,503 +0,0 @@
-/*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <time.h>
-#include "internal/cryptlib.h"
-#include "internal/thread_once.h"
-#include <openssl/crypto.h>
-#include <openssl/buffer.h>
-#include "internal/bio.h"
-#include <openssl/lhash.h>
-
-#ifndef OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
-# include <execinfo.h>
-#endif
-
-/*
- * The state changes to CRYPTO_MEM_CHECK_ON | CRYPTO_MEM_CHECK_ENABLE when
- * the application asks for it (usually after library initialisation for
- * which no book-keeping is desired). State CRYPTO_MEM_CHECK_ON exists only
- * temporarily when the library thinks that certain allocations should not be
- * checked (e.g. the data structures used for memory checking). It is not
- * suitable as an initial state: the library will unexpectedly enable memory
- * checking when it executes one of those sections that want to disable
- * checking temporarily. State CRYPTO_MEM_CHECK_ENABLE without ..._ON makes
- * no sense whatsoever.
- */
-#ifndef OPENSSL_NO_CRYPTO_MDEBUG
-static int mh_mode = CRYPTO_MEM_CHECK_OFF;
-#endif
-
-#ifndef OPENSSL_NO_CRYPTO_MDEBUG
-static unsigned long order = 0; /* number of memory requests */
-
-static CRYPTO_ONCE memdbg_init = CRYPTO_ONCE_STATIC_INIT;
-CRYPTO_RWLOCK *memdbg_lock;
-static CRYPTO_RWLOCK *long_memdbg_lock;
-
-/* memory-block description */
-struct mem_st {
- void *addr;
- int num;
- const char *file;
- int line;
- CRYPTO_THREAD_ID threadid;
- unsigned long order;
- time_t time;
-#ifndef OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
- void *array[30];
- size_t array_siz;
-#endif
-};
-
-/*
- * hash-table of memory requests (address as * key); access requires
- * long_memdbg_lock lock
- */
-static LHASH_OF(MEM) *mh = NULL;
-
-/* num_disable > 0 iff mh_mode == CRYPTO_MEM_CHECK_ON (w/o ..._ENABLE) */
-static unsigned int num_disable = 0;
-
-/*
- * Valid iff num_disable > 0. long_memdbg_lock is locked exactly in this
- * case (by the thread named in disabling_thread).
- */
-static CRYPTO_THREAD_ID disabling_threadid;
-
-DEFINE_RUN_ONCE_STATIC(do_memdbg_init)
-{
- memdbg_lock = CRYPTO_THREAD_lock_new();
- long_memdbg_lock = CRYPTO_THREAD_lock_new();
- if (memdbg_lock == NULL || long_memdbg_lock == NULL) {
- CRYPTO_THREAD_lock_free(memdbg_lock);
- memdbg_lock = NULL;
- CRYPTO_THREAD_lock_free(long_memdbg_lock);
- long_memdbg_lock = NULL;
- return 0;
- }
- return 1;
-}
-
-#endif
-
-int CRYPTO_mem_ctrl(int mode)
-{
-#ifdef OPENSSL_NO_CRYPTO_MDEBUG
- return mode - mode;
-#else
- int ret = mh_mode;
-
- if (!RUN_ONCE(&memdbg_init, do_memdbg_init))
- return -1;
-
- CRYPTO_THREAD_write_lock(memdbg_lock);
- switch (mode) {
- default:
- break;
-
- case CRYPTO_MEM_CHECK_ON:
- mh_mode = CRYPTO_MEM_CHECK_ON | CRYPTO_MEM_CHECK_ENABLE;
- num_disable = 0;
- break;
-
- case CRYPTO_MEM_CHECK_OFF:
- mh_mode = 0;
- num_disable = 0;
- break;
-
- /* switch off temporarily (for library-internal use): */
- case CRYPTO_MEM_CHECK_DISABLE:
- if (mh_mode & CRYPTO_MEM_CHECK_ON) {
- CRYPTO_THREAD_ID cur = CRYPTO_THREAD_get_current_id();
- /* see if we don't have long_memdbg_lock already */
- if (!num_disable
- || !CRYPTO_THREAD_compare_id(disabling_threadid, cur)) {
- /*
- * Long-time lock long_memdbg_lock must not be claimed
- * while we're holding memdbg_lock, or we'll deadlock
- * if somebody else holds long_memdbg_lock (and cannot
- * release it because we block entry to this function). Give
- * them a chance, first, and then claim the locks in
- * appropriate order (long-time lock first).
- */
- CRYPTO_THREAD_unlock(memdbg_lock);
- /*
- * Note that after we have waited for long_memdbg_lock and
- * memdbg_lock, we'll still be in the right "case" and
- * "if" branch because MemCheck_start and MemCheck_stop may
- * never be used while there are multiple OpenSSL threads.
- */
- CRYPTO_THREAD_write_lock(long_memdbg_lock);
- CRYPTO_THREAD_write_lock(memdbg_lock);
- mh_mode &= ~CRYPTO_MEM_CHECK_ENABLE;
- disabling_threadid = cur;
- }
- num_disable++;
- }
- break;
-
- case CRYPTO_MEM_CHECK_ENABLE:
- if (mh_mode & CRYPTO_MEM_CHECK_ON) {
- if (num_disable) { /* always true, or something is going wrong */
- num_disable--;
- if (num_disable == 0) {
- mh_mode |= CRYPTO_MEM_CHECK_ENABLE;
- CRYPTO_THREAD_unlock(long_memdbg_lock);
- }
- }
- }
- break;
- }
- CRYPTO_THREAD_unlock(memdbg_lock);
- return ret;
-#endif
-}
-
-#ifndef OPENSSL_NO_CRYPTO_MDEBUG
-
-static int mem_check_on(void)
-{
- int ret = 0;
- CRYPTO_THREAD_ID cur;
-
- if (mh_mode & CRYPTO_MEM_CHECK_ON) {
- if (!RUN_ONCE(&memdbg_init, do_memdbg_init))
- return 0;
-
- cur = CRYPTO_THREAD_get_current_id();
- CRYPTO_THREAD_read_lock(memdbg_lock);
-
- ret = (mh_mode & CRYPTO_MEM_CHECK_ENABLE)
- || !CRYPTO_THREAD_compare_id(disabling_threadid, cur);
-
- CRYPTO_THREAD_unlock(memdbg_lock);
- }
- return ret;
-}
-
-static int mem_cmp(const MEM *a, const MEM *b)
-{
-#ifdef _WIN64
- const char *ap = (const char *)a->addr, *bp = (const char *)b->addr;
- if (ap == bp)
- return 0;
- else if (ap > bp)
- return 1;
- else
- return -1;
-#else
- return (const char *)a->addr - (const char *)b->addr;
-#endif
-}
-
-static unsigned long mem_hash(const MEM *a)
-{
- size_t ret;
-
- ret = (size_t)a->addr;
-
- ret = ret * 17851 + (ret >> 14) * 7 + (ret >> 4) * 251;
- return ret;
-}
-
-#ifndef OPENSSL_NO_DEPRECATED_3_0
-int CRYPTO_mem_debug_push(const char *info, const char *file, int line)
-{
- return 0;
-}
-
-int CRYPTO_mem_debug_pop(void)
-{
- return 0;
-}
-#endif
-
-static unsigned long break_order_num = 0;
-
-void CRYPTO_mem_debug_malloc(void *addr, size_t num, int before_p,
- const char *file, int line)
-{
- MEM *m, *mm;
-
- switch (before_p & 127) {
- case 0:
- break;
- case 1:
- if (addr == NULL)
- break;
-
- if (mem_check_on()) {
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE);
-
- if (!RUN_ONCE(&memdbg_init, do_memdbg_init)
- || (m = OPENSSL_malloc(sizeof(*m))) == NULL) {
- OPENSSL_free(addr);
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE);
- return;
- }
- if (mh == NULL) {
- if ((mh = lh_MEM_new(mem_hash, mem_cmp)) == NULL) {
- OPENSSL_free(addr);
- OPENSSL_free(m);
- addr = NULL;
- goto err;
- }
- }
-
- m->addr = addr;
- m->file = file;
- m->line = line;
- m->num = num;
- m->threadid = CRYPTO_THREAD_get_current_id();
-
- if (order == break_order_num) {
- /* BREAK HERE */
- m->order = order;
- }
- m->order = order++;
-# ifndef OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
- m->array_siz = backtrace(m->array, OSSL_NELEM(m->array));
-# endif
- m->time = time(NULL);
-
- if ((mm = lh_MEM_insert(mh, m)) != NULL)
- OPENSSL_free(mm);
- err:
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE);
- }
- break;
- }
- return;
-}
-
-void CRYPTO_mem_debug_free(void *addr, int before_p,
- const char *file, int line)
-{
- MEM m, *mp;
-
- switch (before_p) {
- case 0:
- if (addr == NULL)
- break;
-
- if (mem_check_on() && (mh != NULL)) {
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE);
- m.addr = addr;
- mp = lh_MEM_delete(mh, &m);
- OPENSSL_free(mp);
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE);
- }
- break;
- case 1:
- break;
- }
-}
-
-void CRYPTO_mem_debug_realloc(void *addr1, void *addr2, size_t num,
- int before_p, const char *file, int line)
-{
- MEM m, *mp;
-
- switch (before_p) {
- case 0:
- break;
- case 1:
- if (addr2 == NULL)
- break;
-
- if (addr1 == NULL) {
- CRYPTO_mem_debug_malloc(addr2, num, 128 | before_p, file, line);
- break;
- }
-
- if (mem_check_on()) {
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE);
-
- m.addr = addr1;
- mp = lh_MEM_delete(mh, &m);
- if (mp != NULL) {
- mp->addr = addr2;
- mp->num = num;
-#ifndef OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
- mp->array_siz = backtrace(mp->array, OSSL_NELEM(mp->array));
-#endif
- (void)lh_MEM_insert(mh, mp);
- }
-
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE);
- }
- break;
- }
- return;
-}
-
-typedef struct mem_leak_st {
- int (*print_cb) (const char *str, size_t len, void *u);
- void *print_cb_arg;
- int chunks;
- long bytes;
-} MEM_LEAK;
-
-static void print_leak(const MEM *m, MEM_LEAK *l)
-{
- char buf[1024];
- char *bufp = buf, *hex;
- size_t len = sizeof(buf);
- int n;
- struct tm *lcl = NULL;
-
- lcl = localtime(&m->time);
- n = BIO_snprintf(bufp, len, "[%02d:%02d:%02d] ",
- lcl->tm_hour, lcl->tm_min, lcl->tm_sec);
- if (n <= 0) {
- bufp[0] = '\0';
- return;
- }
- bufp += n;
- len -= n;
-
- n = BIO_snprintf(bufp, len, "%5lu file=%s, line=%d, ",
- m->order, m->file, m->line);
- if (n <= 0)
- return;
- bufp += n;
- len -= n;
-
- hex = OPENSSL_buf2hexstr((const unsigned char *)&m->threadid,
- sizeof(m->threadid));
- n = BIO_snprintf(bufp, len, "thread=%s, number=%d, address=%p\n",
- hex == NULL ? "<null>" : hex, m->num, m->addr);
- OPENSSL_free(hex);
- if (n <= 0)
- return;
- bufp += n;
- len -= n;
-
- l->print_cb(buf, (size_t)(bufp - buf), l->print_cb_arg);
- l->chunks++;
- l->bytes += m->num;
-
-#ifndef OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
- {
- size_t i;
- char **strings = backtrace_symbols(m->array, m->array_siz);
-
- for (i = 0; i < m->array_siz; i++)
- fprintf(stderr, "##> %s\n", strings[i]);
- free(strings);
- }
-#endif
-}
-
-IMPLEMENT_LHASH_DOALL_ARG_CONST(MEM, MEM_LEAK);
-
-int CRYPTO_mem_leaks_cb(int (*cb) (const char *str, size_t len, void *u),
- void *u)
-{
- MEM_LEAK ml;
-
- /* Ensure all resources are released */
- OPENSSL_cleanup();
-
- if (!RUN_ONCE(&memdbg_init, do_memdbg_init))
- return -1;
-
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE);
-
- ml.print_cb = cb;
- ml.print_cb_arg = u;
- ml.bytes = 0;
- ml.chunks = 0;
- if (mh != NULL)
- lh_MEM_doall_MEM_LEAK(mh, print_leak, &ml);
-
- if (ml.chunks != 0) {
- char buf[256];
-
- BIO_snprintf(buf, sizeof(buf), "%ld bytes leaked in %d chunks\n",
- ml.bytes, ml.chunks);
- cb(buf, strlen(buf), u);
- } else {
- /*
- * Make sure that, if we found no leaks, memory-leak debugging itself
- * does not introduce memory leaks (which might irritate external
- * debugging tools). (When someone enables leak checking, but does not
- * call this function, we declare it to be their fault.)
- */
- int old_mh_mode;
-
- CRYPTO_THREAD_write_lock(memdbg_lock);
-
- /*
- * avoid deadlock when lh_free() uses CRYPTO_mem_debug_free(), which uses
- * mem_check_on
- */
- old_mh_mode = mh_mode;
- mh_mode = CRYPTO_MEM_CHECK_OFF;
-
- lh_MEM_free(mh);
- mh = NULL;
-
- mh_mode = old_mh_mode;
- CRYPTO_THREAD_unlock(memdbg_lock);
- }
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF);
-
- /* Clean up locks etc */
- CRYPTO_THREAD_lock_free(memdbg_lock);
- CRYPTO_THREAD_lock_free(long_memdbg_lock);
- memdbg_lock = NULL;
- long_memdbg_lock = NULL;
-
- return ml.chunks == 0 ? 1 : 0;
-}
-
-static int print_bio(const char *str, size_t len, void *b)
-{
- return BIO_write((BIO *)b, str, len);
-}
-
-int CRYPTO_mem_leaks(BIO *b)
-{
- /*
- * OPENSSL_cleanup() will free the ex_data locks so we can't have any
- * ex_data hanging around
- */
- bio_free_ex_data(b);
-
- return CRYPTO_mem_leaks_cb(print_bio, b);
-}
-
-# ifndef OPENSSL_NO_STDIO
-int CRYPTO_mem_leaks_fp(FILE *fp)
-{
- BIO *b;
- int ret;
-
- /*
- * Need to turn off memory checking when allocated BIOs ... especially as
- * we're creating them at a time when we're trying to check we've not
- * left anything un-free()'d!!
- */
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE);
- b = BIO_new(BIO_s_file());
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE);
- if (b == NULL)
- return -1;
- BIO_set_fp(b, fp, BIO_NOCLOSE);
- ret = CRYPTO_mem_leaks_cb(print_bio, b);
- BIO_free(b);
- return ret;
-}
-# endif
-
-#endif
diff --git a/crypto/objects/o_names.c b/crypto/objects/o_names.c
index 52956ebcd5..5835ab6f50 100644
--- a/crypto/objects/o_names.c
+++ b/crypto/objects/o_names.c
@@ -66,10 +66,8 @@ static int obj_name_cmp(const OBJ_NAME *a, const OBJ_NAME *b);
static CRYPTO_ONCE init = CRYPTO_ONCE_STATIC_INIT;
DEFINE_RUN_ONCE_STATIC(o_names_init)
{
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE);
names_lh = lh_OBJ_NAME_new(obj_name_hash, obj_name_cmp);
obj_lock = CRYPTO_THREAD_lock_new();
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE);
return names_lh != NULL && obj_lock != NULL;
}
@@ -90,11 +88,8 @@ int OBJ_NAME_new_index(unsigned long (*hash_func) (const char *),
CRYPTO_THREAD_write_lock(obj_lock);
- if (name_funcs_stack == NULL) {
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE);
+ if (name_funcs_stack == NULL)
name_funcs_stack = sk_NAME_FUNCS_new_null();
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE);
- }
if (name_funcs_stack == NULL) {
/* ERROR */
goto out;
@@ -102,9 +97,7 @@ int OBJ_NAME_new_index(unsigned long (*hash_func) (const char *),
ret = names_type_num;
names_type_num++;
for (i = sk_NAME_FUNCS_num(name_funcs_stack); i < names_type_num; i++) {
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE);
name_funcs = OPENSSL_zalloc(sizeof(*name_funcs));
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE);
if (name_funcs == NULL) {
OBJerr(OBJ_F_OBJ_NAME_NEW_INDEX, ERR_R_MALLOC_FAILURE);
ret = 0;
@@ -112,10 +105,7 @@ int OBJ_NAME_new_index(unsigned long (*hash_func) (const char *),
}
name_funcs->hash_func = openssl_lh_strcasehash;
name_funcs->cmp_func = obj_strcasecmp;
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE);
-
push = sk_NAME_FUNCS_push(name_funcs_stack, name_funcs);
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE);
if (!push) {
OBJerr(OBJ_F_OBJ_NAME_NEW_INDEX, ERR_R_MALLOC_FAILURE);
diff --git a/crypto/provider_core.c b/crypto/provider_core.c
index c7c579a1c8..c95615f882 100644
--- a/crypto/provider_core.c
+++ b/crypto/provider_core.c
@@ -890,7 +890,6 @@ static const OSSL_DISPATCH core_dispatch_[] = {
{ OSSL_FUNC_CRYPTO_SECURE_ALLOCATED,
(void (*)(void))CRYPTO_secure_allocated },
{ OSSL_FUNC_OPENSSL_CLEANSE, (void (*)(void))OPENSSL_cleanse },
- { OSSL_FUNC_CRYPTO_MEM_CTRL, (void (*)(void))CRYPTO_mem_ctrl },
{ 0, NULL }
};
diff --git a/doc/man3/OPENSSL_malloc.pod b/doc/man3/OPENSSL_malloc.pod
index 198251fcd7..8286b4aba8 100644
--- a/doc/man3/OPENSSL_malloc.pod
+++ b/doc/man3/OPENSSL_malloc.pod
@@ -60,20 +60,18 @@ OPENSSL_MALLOC_FD
void CRYPTO_get_alloc_counts(int *m, int *r, int *f)
- int CRYPTO_set_mem_debug(int onoff)
-
env OPENSSL_MALLOC_FAILURES=... <application>
env OPENSSL_MALLOC_FD=... <application>
- int CRYPTO_mem_ctrl(int mode);
+Deprecated:
int CRYPTO_mem_leaks(BIO *b);
int CRYPTO_mem_leaks_fp(FILE *fp);
int CRYPTO_mem_leaks_cb(int (*cb)(const char *str, size_t len, void *u),
void *u);
-Deprecated:
-
+ int CRYPTO_set_mem_debug(int onoff)
+ int CRYPTO_mem_ctrl(int mode);
int OPENSSL_mem_debug_push(const char *info)
int OPENSSL_mem_debug_pop(void);
int CRYPTO_mem_debug_push(const char *info, const char *file, int line);
@@ -115,37 +113,15 @@ OPENSSL_strlcat() and OPENSSL_strnlen() are equivalents of the common C
library functions and are provided for portability.
If no allocations have been done, it is possible to "swap out" the default
-implementations for OPENSSL_malloc(), OPENSSL_realloc and OPENSSL_free()
-and replace them with alternate versions (hooks).
+implementations for OPENSSL_malloc(), OPENSSL_realloc() and OPENSSL_free()
+and replace them with alternate versions.
CRYPTO_get_mem_functions() function fills in the given arguments with the
function pointers for the current implementations.
With CRYPTO_set_mem_functions(), you can specify a different set of functions.
If any of B<m>, B<r>, or B<f> are NULL, then the function is not changed.
-
-The default implementation can include some debugging capability (if enabled
-at build-time).
-This adds some overhead by keeping a list of all memory allocations, and
-removes items from the list when they are free'd.
-This is most useful for identifying memory leaks.
-CRYPTO_set_mem_debug() turns this tracking on and off. In order to have
-any effect, is must be called before any of the allocation functions
-(e.g., CRYPTO_malloc()) are called, and is therefore normally one of the
-first lines of main() in an application.
-CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking.
-To enable tracking call CRYPTO_mem_ctrl() with a B<mode> argument of
-the B<CRYPTO_MEM_CHECK_ON>.
-To disable tracking call CRYPTO_mem_ctrl() with a B<mode> argument of
-the B<CRYPTO_MEM_CHECK_OFF>.
-
-At the end of the program, calling CRYPTO_mem_leaks() or
-CRYPTO_mem_leaks_fp() will report all "leaked" memory, writing it
-to the specified BIO B<b> or FILE B<fp>. These functions return 1 if
-there are no leaks, 0 if there are leaks and -1 if an error occurred.
-
-CRYPTO_mem_leaks_cb() does the same as CRYPTO_mem_leaks(), but instead
-of writing to a given BIO, the callback function is called for each
-output string with the string, length, and userdata B<u> as the callback
-parameters.
+While it's permitted to swap out only a few and not all the functions
+with CRYPTO_set_mem_functions(), it's recommended to swap them all out
+at once.
If the library is built with the C<crypto-mdebug> option, then one
function, CRYPTO_get_alloc_counts(), and two additional environment
@@ -180,19 +156,12 @@ to use this (will not work on all platforms):
export OPENSSL_MALLOC_FD
...app invocation... 3>/tmp/log$$
-OPENSSL_mem_debug_push(), OPENSSL_mem_debug_pop(),
-CRYPTO_mem_debug_push(), and CRYPTO_mem_debug_pop()
-have been deprecated and replaced with functions that only return zero.
-
=head1 RETURN VALUES
OPENSSL_malloc_init(), OPENSSL_free(), OPENSSL_clear_free()
CRYPTO_free(), CRYPTO_clear_free() and CRYPTO_get_mem_functions()
return no value.
-CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp() and CRYPTO_mem_leaks_cb() return 1 if
-there are no leaks, 0 if there are leaks and -1 if an error occurred.
-
OPENSSL_malloc(), OPENSSL_zalloc(), OPENSSL_realloc(),
OPENSSL_clear_realloc(),
CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_realloc(),
@@ -200,25 +169,24 @@ CRYPTO_clear_realloc(),
OPENSSL_strdup(), and OPENSSL_strndup()
return a pointer to allocated memory or NULL on error.
-CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug()
-return 1 on success or 0 on failure (almost
+CRYPTO_set_mem_functions() returns 1 on success or 0 on failure (almost
always because allocations have already happened).
-CRYPTO_mem_ctrl() returns -1 if an error occurred, otherwise the
-previous value of the mode.
-
-=head1 NOTES
-
-While it's permitted to swap out only a few and not all the functions
-with CRYPTO_set_mem_functions(), it's recommended to swap them all out
-at once, especially if OpenSSL was built with the
-configuration option> C<crypto-mdebug>.
+CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp(), CRYPTO_mem_leaks_cb(),
+CRYPTO_set_mem_debug(), and CRYPTO_mem_ctrl() are deprecated and return -1.
+OPENSSL_mem_debug_push(), OPENSSL_mem_debug_pop(),
+CRYPTO_mem_debug_push(), and CRYPTO_mem_debug_pop()
+are deprecated and return 0.
=head1 HISTORY
OPENSSL_mem_debug_push(), OPENSSL_mem_debug_pop(),
-CRYPTO_mem_debug_push(), and CRYPTO_mem_debug_pop()
+CRYPTO_mem_debug_push(), CRYPTO_mem_debug_pop(),
+CRYPTO_mem_leaks(), CRYPTO_mem_leaks_fp(),
+CRYPTO_mem_leaks_cb(), CRYPTO_set_mem_debug(), CRYPTO_mem_ctrl()
were deprecated in OpenSSL 3.0.
+The memory-leak checking has been deprecated in OpenSSL 3.0 in favor of
+clang's memory and leak sanitizer.
=head1 COPYRIGHT
diff --git a/doc/man7/provider-base.pod b/doc/man7/provider-base.pod
index 2dc29b37bc..ccc5bf309a 100644
--- a/doc/man7/provider-base.pod
+++ b/doc/man7/provider-base.pod
@@ -108,7 +108,6 @@ provider):
CRYPTO_secure_free OSSL_FUNC_CRYPTO_SECURE_FREE
CRYPTO_secure_clear_free OSSL_FUNC_CRYPTO_SECURE_CLEAR_FREE
CRYPTO_secure_allocated OSSL_FUNC_CRYPTO_SECURE_ALLOCATED
- CRYPTO_mem_ctrl OSSL_FUNC_CRYPTO_MEM_CTRL
BIO_new_file OSSL_FUNC_BIO_NEW_FILE
BIO_new_mem_buf OSSL_FUNC_BIO_NEW_MEMBUF
BIO_read_ex OSSL_FUNC_BIO_READ_EX
@@ -183,7 +182,7 @@ CRYPTO_malloc(), CRYPTO_zalloc(), CRYPTO_memdup(), CRYPTO_strdup(),
CRYPTO_strndup(), CRYPTO_free(), CRYPTO_clear_free(),
CRYPTO_realloc(), CRYPTO_clear_realloc(), CRYPTO_secure_malloc(),
CRYPTO_secure_zalloc(), CRYPTO_secure_free(),
-CRYPTO_secure_clear_free(), CRYPTO_secure_allocated(), CRYPTO_mem_ctrl(),
+CRYPTO_secure_clear_free(), CRYPTO_secure_allocated(),
BIO_new_file(), BIO_new_mem_buf(), BIO_read_ex(), BIO_free(),
BIO_vprintf(), OPENSSL_cleanse(), and OPENSSL_hexstr2buf()
correspond exactly to the public functions with the same name.
diff --git a/include/openssl/core_numbers.h b/include/openssl/core_numbers.h
index cd4b6a687d..6b4a205f1d 100644
--- a/include/openssl/core_numbers.h
+++ b/include/openssl/core_numbers.h
@@ -119,8 +119,6 @@ OSSL_CORE_MAKE_FUNC(int,
#define OSSL_FUNC_OPENSSL_CLEANSE 21
OSSL_CORE_MAKE_FUNC(void,
OPENSSL_cleanse, (void *ptr, size_t len))
-#define OSSL_FUNC_CRYPTO_MEM_CTRL 22
-OSSL_CORE_MAKE_FUNC(int, CRYPTO_mem_ctrl, (int mode))
/* Bio functions provided by the core */
#define OSSL_FUNC_BIO_NEW_FILE 23
diff --git a/include/openssl/crypto.h b/include/openssl/crypto.h
index a6020fdd4c..f2f66a3f0e 100644
--- a/include/openssl/crypto.h
+++ b/include/openssl/crypto.h
@@ -121,8 +121,6 @@ DEFINE_STACK_OF(void)
/* No longer needed, so this is a no-op */
#define OPENSSL_malloc_init() while(0) continue
-int CRYPTO_mem_ctrl(int mode);
-
# define OPENSSL_malloc(num) \
CRYPTO_malloc(num, OPENSSL_FILE, OPENSSL_LINE)
# define OPENSSL_zalloc(num) \
@@ -303,7 +301,6 @@ int CRYPTO_set_mem_functions(
void *(*m) (size_t, const char *, int),
void *(*r) (void *, size_t, const char *, int),
void (*f) (void *, const char *, int));
-int CRYPTO_set_mem_debug(int flag);
void CRYPTO_get_mem_functions(
void *(**m) (size_t, const char *, int),
void *(**r) (void *, size_t, const char *, int),
@@ -335,37 +332,34 @@ size_t CRYPTO_secure_used(void);
void OPENSSL_cleanse(void *ptr, size_t len);
# ifndef OPENSSL_NO_CRYPTO_MDEBUG
+void CRYPTO_get_alloc_counts(int *mcount, int *rcount, int *fcount);
# ifndef OPENSSL_NO_DEPRECATED_3_0
# define OPENSSL_mem_debug_push(info) \
CRYPTO_mem_debug_push(info, OPENSSL_FILE, OPENSSL_LINE)
# define OPENSSL_mem_debug_pop() \
CRYPTO_mem_debug_pop()
# endif
+DEPRECATEDIN_3_0(int CRYPTO_set_mem_debug(int flag))
+DEPRECATEDIN_3_0(int CRYPTO_mem_ctrl(int mode))
DEPRECATEDIN_3_0(int CRYPTO_mem_debug_push(const char *info,
const char *file, int line))
DEPRECATEDIN_3_0(int CRYPTO_mem_debug_pop(void))
-void CRYPTO_get_alloc_counts(int *mcount, int *rcount, int *fcount);
-
-/*-
- * Debugging functions (enabled by CRYPTO_set_mem_debug(1))
- * The flag argument has the following significance:
- * 0: called before the actual memory allocation has taken place
- * 1: called after the actual memory allocation has taken place
- */
-void CRYPTO_mem_debug_malloc(void *addr, size_t num, int flag,
- const char *file, int line);
-void CRYPTO_mem_debug_realloc(void *addr1, void *addr2, size_t num, int flag,
- const char *file, int line);
-void CRYPTO_mem_debug_free(void *addr, int flag,
- const char *file, int line);
-
-int CRYPTO_mem_leaks_cb(int (*cb) (const char *str, size_t len, void *u),
- void *u);
+DEPRECATEDIN_3_0(void CRYPTO_mem_debug_malloc(void *addr, size_t num,
+ int flag,
+ const char *file, int line))
+DEPRECATEDIN_3_0(void CRYPTO_mem_debug_realloc(void *addr1, void *addr2,
+ size_t num, int flag,
+ const char *file, int line))
+DEPRECATEDIN_3_0(void CRYPTO_mem_debug_free(void *addr, int flag,
+ const char *file, int line))
+
+DEPRECATEDIN_3_0(int CRYPTO_mem_leaks_cb(
+ int (*cb)(const char *str, size_t len, void *u), void *u))
# ifndef OPENSSL_NO_STDIO
-int CRYPTO_mem_leaks_fp(FILE *);
+DEPRECATEDIN_3_0(int CRYPTO_mem_leaks_fp(FILE *))
# endif
-int CRYPTO_mem_leaks(BIO *bio);
+DEPRECATEDIN_3_0(int CRYPTO_mem_leaks(BIO *bio))
# endif
/* die if we have to */
diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c
index 6a5ae3a3f1..12c471f325 100644
--- a/providers/fips/fipsprov.c
+++ b/providers/fips/fipsprov.c
@@ -60,7 +60,6 @@ static OSSL_CRYPTO_secure_zalloc_fn *c_CRYPTO_secure_zalloc;
static OSSL_CRYPTO_secure_free_fn *c_CRYPTO_secure_free;
static OSSL_CRYPTO_secure_clear_free_fn *c_CRYPTO_secure_clear_free;
static OSSL_CRYPTO_secure_allocated_fn *c_CRYPTO_secure_allocated;
-static OSSL_CRYPTO_mem_ctrl_fn *c_CRYPTO_mem_ctrl;
typedef struct fips_global_st {
const OSSL_PROVIDER *prov;
@@ -516,9 +515,6 @@ int OSSL_provider_init(const OSSL_PROVIDER *provider,
case OSSL_FUNC_CRYPTO_SECURE_ALLOCATED:
c_CRYPTO_secure_allocated = OSSL_get_CRYPTO_secure_allocated(in);
break;
- case OSSL_FUNC_CRYPTO_MEM_CTRL:
- c_CRYPTO_mem_ctrl = OSSL_get_CRYPTO_mem_ctrl(in);
- break;
case OSSL_FUNC_BIO_NEW_FILE:
selftest_params.bio_new_file_cb = OSSL_get_BIO_new_file(in);
break;
@@ -704,8 +700,3 @@ int CRYPTO_secure_allocated(const void *ptr)
{
return c_CRYPTO_secure_allocated(ptr);
}
-
-int CRYPTO_mem_ctrl(int mode)
-{
- return c_CRYPTO_mem_ctrl(mode);
-}
diff --git a/providers/fips/selftest.c b/providers/fips/selftest.c
index 369a6bab3b..5dcc0adf43 100644
--- a/providers/fips/selftest.c
+++ b/providers/fips/selftest.c
@@ -46,10 +46,7 @@ DEFINE_RUN_ONCE_STATIC(do_fips_self_test_init)
* platform then we just leak it deliberately. So we temporarily disable the
* mem leak checking while we allocate this.
*/
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE);
self_test_lock = CRYPTO_THREAD_lock_new();
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE);
-
return self_test_lock != NULL;
}
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index ffdc4eab5b..f9fbc5954f 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -461,7 +461,6 @@ DEFINE_RUN_ONCE_STATIC(do_load_builtin_compressions)
SSL_COMP *comp = NULL;
COMP_METHOD *method = COMP_zlib();
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE);
ssl_comp_methods = sk_SSL_COMP_new(sk_comp_cmp);
if (COMP_get_type(method) != NID_undef && ssl_comp_methods != NULL) {
@@ -474,7 +473,6 @@ DEFINE_RUN_ONCE_STATIC(do_load_builtin_compressions)
sk_SSL_COMP_sort(ssl_comp_methods);
}
}
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE);
return 1;
}
@@ -1986,10 +1984,8 @@ int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
return 1;
}
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE);
comp = OPENSSL_malloc(sizeof(*comp));
if (comp == NULL) {
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE);
SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, ERR_R_MALLOC_FAILURE);
return 1;
}
@@ -1999,18 +1995,15 @@ int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
load_builtin_compressions();
if (ssl_comp_methods && sk_SSL_COMP_find(ssl_comp_methods, comp) >= 0) {
OPENSSL_free(comp);
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE);
SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,
SSL_R_DUPLICATE_COMPRESSION_ID);
return 1;
}
if (ssl_comp_methods == NULL || !sk_SSL_COMP_push(ssl_comp_methods, comp)) {
OPENSSL_free(comp);
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE);
SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, ERR_R_MALLOC_FAILURE);
return 1;
}
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE);
return 0;
}
#endif
diff --git a/test/asynctest.c b/test/asynctest.c
index 3ce190fb1b..dc357da8b7 100644
--- a/test/asynctest.c
+++ b/test/asynctest.c
@@ -312,10 +312,7 @@ int main(int argc, char **argv)
fprintf(stderr,
"OpenSSL build is not ASYNC capable - skipping async tests\n");
} else {
- CRYPTO_set_mem_debug(1);
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-
- if ( !test_ASYNC_init_thread()
+ if (!test_ASYNC_init_thread()
|| !test_ASYNC_callback_status()
|| !test_ASYNC_start_job()
|| !test_ASYNC_get_current_job()
diff --git a/test/bio_memleak_test.c b/test/bio_memleak_test.c
index dab61f6f9a..49ee712a49 100644
--- a/test/bio_memleak_test.c
+++ b/test/bio_memleak_test.c
@@ -221,13 +221,6 @@ finish:
return ok;
}
-int global_init(void)
-{
- CRYPTO_set_mem_debug(1);
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
- return 1;
-}
-
int setup_tests(void)
{
ADD_TEST(test_bio_memleak);
diff --git a/test/sslapitest.c b/test/sslapitest.c
index 2442b6967d..46e490a417 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -691,7 +691,7 @@ static int execute_test_large_message(const SSL_METHOD *smeth,
/*
* Calling SSL_clear() first is not required but this tests that SSL_clear()
- * doesn't leak (when using enable-crypto-mdebug).
+ * doesn't leak.
*/
if (!TEST_true(SSL_clear(serverssl)))
goto end;
@@ -2116,8 +2116,7 @@ static int test_ssl_set_bio(int idx)
/*
* This test is checking that the ref counting for SSL_set_bio is correct.
* If we get here and we did too many frees then we will fail in the above
- * functions. If we haven't done enough then this will only be detected in
- * a crypto-mdebug build
+ * functions.
*/
SSL_free(serverssl);
SSL_free(clientssl);
@@ -2144,8 +2143,7 @@ static int execute_test_ssl_bio(int pop_ssl, bio_change_t change_bio)
BIO_set_ssl(sslbio, ssl, BIO_CLOSE);
/*
- * If anything goes wrong here then we could leak memory, so this will
- * be caught in a crypto-mdebug build
+ * If anything goes wrong here then we could leak memory.
*/
BIO_push(sslbio, membio1);
diff --git a/test/sslbuffertest.c b/test/sslbuffertest.c
index e8293f7def..163beafb2f 100644
--- a/test/sslbuffertest.c
+++ b/test/sslbuffertest.c
@@ -150,13 +150,6 @@ static int test_func(int test)
return result;
}
-int global_init(void)
-{
- CRYPTO_set_mem_debug(1);
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
- return 1;
-}
-
OPT_TEST_DECLARE_USAGE("certfile privkeyfile\n")
int setup_tests(void)
diff --git a/test/ssltest_old.c b/test/ssltest_old.c
index 050470d33e..0c0aa6046a 100644
--- a/test/ssltest_old.c
+++ b/test/ssltest_old.c
@@ -884,7 +884,6 @@ int main(int argc, char *argv[])
int server_auth = 0, i;
struct app_verify_arg app_verify_arg =
{ APP_CALLBACK_STRING, 0 };
- char *p;
SSL_CTX *c_ctx = NULL;
const SSL_METHOD *meth = NULL;
SSL *c_ssl, *s_ssl;
@@ -922,12 +921,6 @@ int main(int argc, char *argv[])
debug = 0;
bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
-
- p = getenv("OPENSSL_DEBUG_MEMORY");
- if (p != NULL && strcmp(p, "on") == 0)
- CRYPTO_set_mem_debug(1);
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
-
bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT);
s_cctx = SSL_CONF_CTX_new();
@@ -1860,10 +1853,6 @@ int main(int argc, char *argv[])
SSL_SESSION_free(server_sess);
SSL_SESSION_free(client_sess);
-#ifndef OPENSSL_NO_CRYPTO_MDEBUG
- if (CRYPTO_mem_leaks(bio_err) <= 0)
- ret = EXIT_FAILURE;
-#endif
BIO_free(bio_err);
EXIT(ret);
}
diff --git a/test/testutil/driver.c b/test/testutil/driver.c
index 2ced5634bc..030fb1544c 100644
--- a/test/testutil/driver.c
+++ b/test/testutil/driver.c
@@ -81,22 +81,6 @@ int subtest_level(void)
return level;
}
-#ifndef OPENSSL_NO_CRYPTO_MDEBUG
-static int should_report_leaks(void)
-{
- /*
- * When compiled with enable-crypto-mdebug, OPENSSL_DEBUG_MEMORY=0
- * can be used to disable leak checking at runtime.
- * Note this only works when running the test binary manually;
- * the test harness always enables OPENSSL_DEBUG_MEMORY.
- */
- char *mem_debug_env = getenv("OPENSSL_DEBUG_MEMORY");
-
- return mem_debug_env == NULL
- || (strcmp(mem_debug_env, "0") && strcmp(mem_debug_env, ""));
-}
-#endif
-
static int gcd(int a, int b)
{
while (b != 0) {
@@ -128,13 +112,6 @@ int setup_test_framework(int argc, char *argv[])
if (test_seed != NULL)
set_seed(atoi(test_seed));
-#ifndef OPENSSL_NO_CRYPTO_MDEBUG
- if (should_report_leaks()) {
- CRYPTO_set_mem_debug(1);
- CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
- }
-#endif
-
#if defined(OPENSSL_SYS_VMS) && defined(__DECC)
argv = copy_argv(&argc, argv);
#elif defined(_WIN32)
@@ -256,11 +233,6 @@ end:
int pulldown_test_framework(int ret)
{
set_test_title(NULL);
-#ifndef OPENSSL_NO_CRYPTO_MDEBUG
- if (should_report_leaks()
- && CRYPTO_mem_leaks_cb(openssl_error_cb, NULL) <= 0)
- return EXIT_FAILURE;
-#endif
return ret;
}
diff --git a/util/libcrypto.num b/util/libcrypto.num
index c4f1b94cb8..9c17fc5e25 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -1036,7 +1036,7 @@ X509_VERIFY_PARAM_get0 1062 3_0_0 EXIST::FUNCTION:
EVP_MD_meth_get_input_blocksize 1063 3_0_0 EXIST::FUNCTION:
TS_ACCURACY_get_micros 1064 3_0_0 EXIST::FUNCTION:TS
PKCS12_SAFEBAG_create_cert 1065 3_0_0 EXIST::FUNCTION:
-CRYPTO_mem_debug_malloc 1066 3_0_0 EXIST::FUNCTION:CRYPTO_MDEBUG
+CRYPTO_mem_debug_malloc 1066 3_0_0 EXIST::FUNCTION:CRYPTO_MDEBUG,DEPRECATEDIN_3_0
RAND_seed 1067 3_0_0 EXIST::FUNCTION:
NETSCAPE_SPKAC_free 1068 3_0_0 EXIST::FUNCTION:
X509_CRL_diff 1069 3_0_0 EXIST::FUNCTION:
@@ -1308,7 +1308,7 @@ TS_REQ_set_nonce 1336 3_0_0 EXIST::FUNCTION:TS
Camellia_ctr128_encrypt 1337 3_0_0 EXIST::FUNCTION:CAMELLIA
X509_LOOKUP_new 1338 3_0_0 EXIST::FUNCTION:
AUTHORITY_INFO_ACCESS_new 1339 3_0_0 EXIST::FUNCTION:
-CRYPTO_mem_leaks_fp 1340 3_0_0 EXIST::FUNCTION:CRYPTO_MDEBUG,STDIO
+CRYPTO_mem_leaks_fp 1340 3_0_0 EXIST::FUNCTION:CRYPTO_MDEBUG,DEPRECATEDIN_3_0,STDIO
DES_set_key_unchecked 1341 3_0_0 EXIST::FUNCTION:DES
BN_free 1342 3_0_0 EXIST::FUNCTION:
EVP_aes_128_cfb1 1343 3_0_0 EXIST::FUNCTION:
@@ -1438,7 +1438,7 @@ d2i_ASN1_BIT_STRING 1471 3_0_0 EXIST::FUNCTION:
OCSP_CERTSTATUS_new 1472 3_0_0 EXIST::FUNCTION:OCSP
ENGINE_register_RAND 1473 3_0_0 EXIST::FUNCTION:ENGINE
X509V3_section_free 1474 3_0_0 EXIST::FUNCTION:
-CRYPTO_mem_debug_free 1475 3_0_0 EXIST::FUNCTION:CRYPTO_MDEBUG
+CRYPTO_mem_debug_free 1475 3_0_0 EXIST::FUNCTION:CRYPTO_MDEBUG,DEPRECATEDIN_3_0
d2i_OCSP_REQUEST 1476 3_0_0 EXIST::FUNCTION:OCSP
ENGINE_get_cipher_engine 1477 3_0_0 EXIST::FUNCTION:ENGINE
SHA384_Final 1478 3_0_0 EXIST::FUNCTION:
@@ -2470,7 +2470,7 @@ PKCS12_parse 2521 3_0_0 EXIST::FUNCTION:
BN_GF2m_mod_div 2522 3_0_0 EXIST::FUNCTION:EC2M
i2d_USERNOTICE 2523 3_0_0 EXIST::FUNCTION:
d2i_NETSCAPE_SPKI 2524 3_0_0 EXIST::FUNCTION:
-CRYPTO_mem_leaks 2525 3_0_0 EXIST::FUNCTION:CRYPTO_MDEBUG
+CRYPTO_mem_leaks 2525 3_0_0 EXIST::FUNCTION:CRYPTO_MDEBUG,DEPRECATEDIN_3_0
BN_get_rfc3526_prime_1536 2526 3_0_0 EXIST::FUNCTION:
DSA_sign 2527 3_0_0 EXIST::FUNCTION:DSA
RAND_egd 2528 3_0_0 EXIST::FUNCTION:EGD
@@ -2787,7 +2787,7 @@ d2i_X509_CRL_bio 2847 3_0_0 EXIST::FUNCTION:
PKCS12_SAFEBAG_get1_cert 2848 3_0_0 EXIST::FUNCTION:
ASN1_UNIVERSALSTRING_free 2849 3_0_0 EXIST::FUNCTION:
EC_KEY_precompute_mult 2850 3_0_0 EXIST::FUNCTION:EC
-CRYPTO_mem_debug_realloc 2851 3_0_0 EXIST::FUNCTION:CRYPTO_MDEBUG
+CRYPTO_mem_debug_realloc 2851 3_0_0 EXIST::FUNCTION:CRYPTO_MDEBUG,DEPRECATEDIN_3_0
PKCS7_new 2852 3_0_0 EXIST::FUNCTION:
BASIC_CONSTRAINTS_it 2853 3_0_0 EXIST::FUNCTION:
ASN1_generate_v3 2854 3_0_0 EXIST::FUNCTION:
@@ -3212,7 +3212,7 @@ EVP_aes_256_cfb8 3278 3_0_0 EXIST::FUNCTION:
d2i_DSA_PUBKEY_bio 3279 3_0_0 EXIST::FUNCTION:DSA
X509_NAME_get_text_by_OBJ 3280 3_0_0 EXIST::FUNCTION:
RSA_padding_check_none 3281 3_0_0 EXIST::FUNCTION:RSA
-CRYPTO_set_mem_debug 3282 3_0_0 EXIST::FUNCTION:
+CRYPTO_set_mem_debug 3282 3_0_0 EXIST::FUNCTION:CRYPTO_MDEBUG,DEPRECATEDIN_3_0
TS_VERIFY_CTX_init 3283 3_0_0 EXIST::FUNCTION:TS
OCSP_cert_id_new 3284 3_0_0 EXIST::FUNCTION:OCSP
GENERAL_SUBTREE_new 3285 3_0_0 EXIST::FUNCTION:
@@ -3595,7 +3595,7 @@ DES_ede3_cbc_encrypt 3674 3_0_0 EXIST::FUNCTION:DES
X509v3_asid_canonize 3675 3_0_0 EXIST::FUNCTION:RFC3779
i2d_ASIdOrRange 3676 3_0_0 EXIST::FUNCTION:RFC3779
OCSP_url_svcloc_new 3677 3_0_0 EXIST::FUNCTION:OCSP
-CRYPTO_mem_ctrl 3678 3_0_0 EXIST::FUNCTION:
+CRYPTO_mem_ctrl 3678 3_0_0 EXIST::FUNCTION:CRYPTO_MDEBUG,DEPRECATEDIN_3_0
ASN1_verify 3679 3_0_0 EXIST::FUNCTION:
DSA_generate_parameters_ex 3680 3_0_0 EXIST::FUNCTION:DSA
X509_sign 3681 3_0_0 EXIST::FUNCTION:
@@ -4124,7 +4124,7 @@ INT64_it 4212 3_0_0 EXIST::FUNCTION:
ZUINT32_it 4213 3_0_0 EXIST::FUNCTION:
UINT32_it 4214 3_0_0 EXIST::FUNCTION:
ZINT64_it 4215 3_0_0 EXIST::FUNCTION:
-CRYPTO_mem_leaks_cb 4216 3_0_0 EXIST::FUNCTION:CRYPTO_MDEBUG
+CRYPTO_mem_leaks_cb 4216 3_0_0 EXIST::FUNCTION:CRYPTO_MDEBUG,DEPRECATEDIN_3_0
BIO_lookup_ex 4217 3_0_0 EXIST::FUNCTION:SOCK
X509_CRL_print_ex 4218 3_0_0 EXIST::FUNCTION:
X509_SIG_INFO_get 4219 3_0_0 EXIST::FUNCTION:
More information about the openssl-commits
mailing list