diff options
| author | Matt Caswell <matt@openssl.org> | 2019-09-19 11:52:45 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2019-11-29 16:14:44 +0000 |
| commit | cc38e643cbfb6da84fb2bb6a188698d0bc082a20 (patch) | |
| tree | d07a3fcee80701c7511f7c54a696224282a0fdef /providers | |
| parent | 14a684bfb091b12aa3094a6097932f76f799990a (diff) | |
Disable mem leak checking for the self test lock
The fips self test lock is deallocated in platform specific ways that may
occur after we do mem leak checking. If we don't know how to free it for
a particular platform then we just leak it deliberately. So we
temporarily disable the mem leak checking while we allocate the lock.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9939)
Diffstat (limited to 'providers')
| -rw-r--r-- | providers/fips/fipsprov.c | 9 | ||||
| -rw-r--r-- | providers/fips/selftest.c | 8 |
2 files changed, 17 insertions, 0 deletions
diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c index 12c471f325..6a5ae3a3f1 100644 --- a/providers/fips/fipsprov.c +++ b/providers/fips/fipsprov.c @@ -60,6 +60,7 @@ static OSSL_CRYPTO_secure_zalloc_fn *c_CRYPTO_secure_zalloc; static OSSL_CRYPTO_secure_free_fn *c_CRYPTO_secure_free; static OSSL_CRYPTO_secure_clear_free_fn *c_CRYPTO_secure_clear_free; static OSSL_CRYPTO_secure_allocated_fn *c_CRYPTO_secure_allocated; +static OSSL_CRYPTO_mem_ctrl_fn *c_CRYPTO_mem_ctrl; typedef struct fips_global_st { const OSSL_PROVIDER *prov; @@ -515,6 +516,9 @@ int OSSL_provider_init(const OSSL_PROVIDER *provider, case OSSL_FUNC_CRYPTO_SECURE_ALLOCATED: c_CRYPTO_secure_allocated = OSSL_get_CRYPTO_secure_allocated(in); break; + case OSSL_FUNC_CRYPTO_MEM_CTRL: + c_CRYPTO_mem_ctrl = OSSL_get_CRYPTO_mem_ctrl(in); + break; case OSSL_FUNC_BIO_NEW_FILE: selftest_params.bio_new_file_cb = OSSL_get_BIO_new_file(in); break; @@ -700,3 +704,8 @@ int CRYPTO_secure_allocated(const void *ptr) { return c_CRYPTO_secure_allocated(ptr); } + +int CRYPTO_mem_ctrl(int mode) +{ + return c_CRYPTO_mem_ctrl(mode); +} diff --git a/providers/fips/selftest.c b/providers/fips/selftest.c index ad7dab2021..369a6bab3b 100644 --- a/providers/fips/selftest.c +++ b/providers/fips/selftest.c @@ -40,7 +40,15 @@ static unsigned char fixed_key[32] = { 0 }; static CRYPTO_ONCE fips_self_test_init = CRYPTO_ONCE_STATIC_INIT; DEFINE_RUN_ONCE_STATIC(do_fips_self_test_init) { + /* + * This lock gets freed in platform specific ways that may occur after we + * do mem leak checking. If we don't know how to free it for a particular + * platform then we just leak it deliberately. So we temporarily disable the + * mem leak checking while we allocate this. + */ + CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE); self_test_lock = CRYPTO_THREAD_lock_new(); + CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE); return self_test_lock != NULL; } |