security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

bug fixes

This commit is contained in:
Werner Koch 1998-02-27 17:51:28 +00:00
parent 4e8c3794b3
commit b13e238a19
24 changed files with 466 additions and 260 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog
View File

@ -1,3 +1,7 @@
Fri Feb 27 13:14:17 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (--disable-m-guard): New.
Thu Feb 26 17:09:27 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in, acinclude.m4, intl/, po/: New macros taken

15
INSTALL
View File

@ -4,10 +4,10 @@ Please read the Basic Installation section somewhere below.
Configure options for GNUPG
===========================
--with-zlib Forces usage of the local zlib sources. Default is
to use the (sahred) library of the system.
--with-included-zlib Forces usage of the local zlib sources. Default is
to use the (shared) library of the system.
--disable-nls Disable NLS support
--disable-nls Disable NLS support (See ABOUT-NLS)
--enable-m-debug Compile with the integrated malloc debugging stuff.
This makes the program slower but is checks every
@ -18,13 +18,18 @@ Configure options for GNUPG
option "--debug 128" displays a memory statistic after
the program run.
--disable-m-guard Disable the integrated malloc checking code. As a
side-effect, this removes all debugging code and uses
the -O2 flag for all C files.
Problems
========
If you have compile problems, use the configure options "--with-zlib" and
"--disable-nls".
"--disable-nls" (See ABOUT-NLS).
I cant check alls assembles files; so if you have problems assembling them
I cant check all assembler files; so if you have problems assembling them
(or the program crashes), simply delete the files in the mpi/<cpu> directory.
The configure scripts may consider several subdirectories to get all
available assembler files; be sure to delete the correct ones. The

22
NEWS
View File

@ -1,3 +1,25 @@
Noteworthy changes in version 0.2.10
------------------------------------
* Code for the alpha is much faster (about 20 times); the data
was misaligned and the kernel traps this, so nearly all time
was used by system to trap the misalignments and to write
syslog messages. Shame on me and thanks to Ralph for
pointing me at this while drinking some beer yesterday.
* Changed some configure options and add an option
--disable-m-guard to remove the memory checking code
and to compile everthing with optimization on.
* New environment variable GNUPGHOME, which can be used to set
another homedir than ~/.gnupg. Changed default homedir for
Windoze version to c:/gnupg.
* Fixed detached signatures; detached PGP signatures caused a SEGV.
* The Windoze version works (as usual w/o a strong RNG).
Noteworthy changes in version 0.2.9
-----------------------------------

2
VERSION
View File

@ -1 +1 @@
0.2.9
0.2.10

1
acconfig.h
View File

@ -28,6 +28,7 @@
@TOP@
#undef M_DEBUG
#undef M_GUARD
#undef VERSION
#undef PACKAGE
#undef G10_LOCALEDIR

2
checks/Makefile.am
View File

@ -12,7 +12,7 @@ TEST_FILES = pubring.asc secring.asc gnupg.asc plain-1 plain-2 plain-3o.asc \
DATA_FILES = data-500 data-9000 data-32000 data-80000
EXTRA_DIST = $(TESTS) $(TEST_FILES)
EXTRA_DIST = defs.inc $(TESTS) $(TEST_FILES)
CLEANFILES = prepared.stamp x y z out err $(DATA_FILES)
check: prepared.stamp

4
cipher/ChangeLog
View File

@ -1,3 +1,7 @@
Fri Feb 27 16:39:34 1998 Werner Koch (wk@isil.d.shuttle.de)
* md.c (md_enable): No init if called twice.
Thu Feb 26 07:57:02 1998 Werner Koch (wk@isil.d.shuttle.de)
* primegen.c (generate_elg_prime): Changed the progress printing.

3
cipher/md.c
View File

@ -49,14 +49,17 @@ void
md_enable( MD_HANDLE h, int algo )
{
if( algo == DIGEST_ALGO_MD5 ) {
if( !h->use_md5 )
md5_init( &h->md5 );
h->use_md5 = 1;
}
else if( algo == DIGEST_ALGO_RMD160 ) {
if( !h->use_rmd160 )
rmd160_init( &h->rmd160 );
h->use_rmd160 = 1;
}
else if( algo == DIGEST_ALGO_SHA1 ) {
if( !h->use_sha1 )
sha1_init( &h->sha1 );
h->use_sha1 = 1;
}

1
config.h.in
View File

@ -77,6 +77,7 @@
#undef STDC_HEADERS
#undef M_DEBUG
#undef M_GUARD
#undef VERSION
#undef PACKAGE
#undef G10_LOCALEDIR

30
configure.in
View File

@ -27,18 +27,34 @@ AC_SUBST(PACKAGE)
AC_DEFINE_UNQUOTED(VERSION, "$VERSION")
AC_DEFINE_UNQUOTED(PACKAGE, "$PACKAGE")
AC_MSG_CHECKING([whether memory debugging is requested])
AC_ARG_ENABLE(m-debug,
[ --enable-m-debug Enable debugging of memory allocation])
if test "$enableval" = y || test "$enableval" = yes; then
[ --enable-m-debug enable debugging of memory allocation],
use_m_debug=$enableval, use_m_debug=no)
AC_MSG_RESULT($use_m_debug)
if test "$use_m_debug" = yes; then
AC_DEFINE(M_DEBUG)
use_m_guard=yes
else
AC_MSG_CHECKING([whether memory guard is requested])
AC_ARG_ENABLE(m-guard,
[ --disable-m-guard disable memory guard facility],
use_m_guard=$enableval, use_m_guard=yes)
AC_MSG_RESULT($use_m_guard)
fi
if test "$use_m_guard" = yes ; then
AC_DEFINE(M_GUARD)
CFLAGS="-g -Wall"
else
CFLAGS="-O2 -Wall"
fi
AC_ARG_WITH(zlib,
[ --with-zlib link against static zlib],
AC_MSG_CHECKING([whether included zlib is requested])
AC_ARG_WITH(included-zlib,
[ --with-included-zlib use the zlib code included here],
[g10_force_zlib=yes], [g10_force_zlib=no] )
CFLAGS="-g -Wall"
AC_MSG_RESULT($g10_force_zlib)
AC_CANONICAL_SYSTEM

4
doc/gpg.1pod
View File

@ -172,7 +172,8 @@ B<--secret-keyring> I<file>
B<--homedir> I<dir>
Set the name of the home directory to I<dir>. If this
option is not used it defaults to F<~/.gnupg>. It does
not make sense to use this in a options file.
not make sense to use this in a options file. This
also overrides the environment variable C<GNUPGHOME>.
B<--options> I<file>
Read options from I<file> and do not try to read
@ -267,6 +268,7 @@ a signature was bad and other errorcode for fatal errors.
=head1 ENVIRONMENT
C<HOME> Used to locate the default home directory.
C<GNUPGHOME> If set, direcory used instead of F<~/.gnupg>.
=head1 FILES

20
g10/ChangeLog
View File

@ -1,3 +1,23 @@
Fri Feb 27 18:14:03 1998 Werner Koch (wk@isil.d.shuttle.de)
* armor.c (find_header): Removed trailing CR on headers.
Fri Feb 27 18:02:48 1998 Werner Koch (wk@isil.d.shuttle.de)
* ringedit.c (keyring_search) [MINGW32]: Open and close file here
because rename does not work on open files. Chnaged callers.
Fri Feb 27 16:43:11 1998 Werner Koch (wk@isil.d.shuttle.de)
* sig-check.c (do_check): Add an md_enable.
* mainproc.c (do_check_sig): Use md_open in case of detached sig
(proc_tree): Take detached sigs into account.
Fri Feb 27 15:22:46 1998 Werner Koch (wk@isil.d.shuttle.de)
* g10.c (main): Make use of GNUPGHOME envvar.
* g10main.c (main): Ditto.
Wed Feb 25 11:40:04 1998 Werner Koch (wk@isil.d.shuttle.de)
* plaintext.c (ask_for_detached_datafile): add opt.verbose to

2
g10/armor.c
View File

@ -318,6 +318,8 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
if( n < buflen || c == '\n' ) {
if( n && buf[0] != '\r') { /* maybe a header */
if( strchr( buf, ':') ) { /* yes */
if( buf[n-1] == '\r' )
buf[--n] = 0;
if( opt.verbose ) {
log_info("armor header: ");
print_string( stderr, buf, n );

7
g10/g10.c
View File

@ -326,7 +326,14 @@ main( int argc, char **argv )
opt.def_digest_algo = DIGEST_ALGO_RMD160;
opt.completes_needed = 1;
opt.marginals_needed = 3;
opt.homedir = getenv("GNUPGHOME");
if( !opt.homedir || !*opt.homedir ) {
#ifdef __MINGW32__
opt.homedir = "c:/gnupg";
#else
opt.homedir = "~/.gnupg";
#endif
}
/* check wether we have a config file on the commandline */
orig_argc = argc;

7
g10/g10maint.c
View File

@ -258,7 +258,14 @@ main( int argc, char **argv )
opt.def_digest_algo = DIGEST_ALGO_RMD160;
opt.completes_needed = 1;
opt.marginals_needed = 3;
opt.homedir = getenv("GNUPGHOME");
if( !opt.homedir || !*opt.homedir ) {
#ifdef __MINGW32__
opt.homedir = "c:/gnupg";
#else
opt.homedir = "~/.gnupg";
#endif
}
/* check wether we have a config file on the commandline */
orig_argc = argc;

11
g10/mainproc.c
View File

@ -272,12 +272,18 @@ do_check_sig( CTX c, KBNODE node )
return rc;
if( sig->sig_class == 0x00 ) {
if( c->mfx.md )
md = md_copy( c->mfx.md );
else /* detached signature */
md = md_open( 0, 0 ); /* signature_check() will enable the md*/
}
else if( sig->sig_class == 0x01 ) {
/* how do we know that we have to hash the (already hashed) text
* in canonical mode ??? (calculating both modes???) */
if( c->mfx.md )
md = md_copy( c->mfx.md );
else /* detached signature */
md = md_open( 0, 0 ); /* signature_check() will enable the md*/
}
else if( (sig->sig_class&~3) == 0x10
|| sig->sig_class == 0x20
@ -620,8 +626,6 @@ proc_tree( CTX c, KBNODE node )
else if( node->pkt->pkttype == PKT_SIGNATURE ) {
PKT_signature *sig = node->pkt->pkt.signature;
if( !c->have_data && (sig->sig_class&~3) == 0x10 ) {
log_info("old style signature\n");
if( !c->have_data ) {
free_md_filter_context( &c->mfx );
c->mfx.md = md_open(digest_algo_from_sig(sig), 0);
@ -632,7 +636,8 @@ proc_tree( CTX c, KBNODE node )
return;
}
}
}
else
log_info("old style signature\n");
check_sig_and_print( c, node );
}

31
g10/ringedit.c
View File

@ -73,7 +73,8 @@ static RESTBL resource_table[MAX_RESOURCES];
static int search( PACKET *pkt, KBPOS *kbpos, int secret );
static int keyring_search( PACKET *pkt, KBPOS *kbpos, IOBUF iobuf );
static int keyring_search( PACKET *pkt, KBPOS *kbpos, IOBUF iobuf,
const char *fname );
static int keyring_search2( PUBKEY_FIND_INFO info, KBPOS *kbpos,
const char *fname);
static int keyring_read( KBPOS *kbpos, KBNODE *ret_root );
@ -113,9 +114,13 @@ add_keyblock_resource( const char *filename, int force, int secret )
if( i == MAX_RESOURCES )
return G10ERR_RESOURCE_LIMIT;
#if __MINGW32__
iobuf = NULL;
#else
iobuf = iobuf_open( filename );
if( !iobuf && !force )
return G10ERR_OPEN_FILE;
#endif
resource_table[i].used = 1;
resource_table[i].secret = !!secret;
resource_table[i].fname = m_strdup(filename);
@ -211,7 +216,8 @@ search( PACKET *pkt, KBPOS *kbpos, int secret )
if( resource_table[i].used && !resource_table[i].secret == !secret ) {
/* note: here we have to add different search functions,
* depending on the type of the resource */
rc = keyring_search( pkt, kbpos, resource_table[i].iobuf );
rc = keyring_search( pkt, kbpos, resource_table[i].iobuf,
resource_table[i].fname );
if( !rc ) {
kbpos->resno = i;
kbpos->fp = NULL;
@ -469,7 +475,7 @@ update_keyblock( KBPOS *kbpos, KBNODE root )
* search one keyring, return 0 if found, -1 if not found or an errorcode.
*/
static int
keyring_search( PACKET *req, KBPOS *kbpos, IOBUF iobuf )
keyring_search( PACKET *req, KBPOS *kbpos, IOBUF iobuf, const char *fname )
{
int rc;
PACKET pkt;
@ -482,11 +488,21 @@ keyring_search( PACKET *req, KBPOS *kbpos, IOBUF iobuf )
init_packet(&pkt);
save_mode = set_packet_list_mode(0);
#if __MINGW32__
assert(!iobuf);
iobuf = iobuf_open( fname );
if( !iobuf ) {
log_error("%s: can't open keyring file\n", fname);
rc = G10ERR_KEYRING_OPEN;
goto leave;
}
#else
if( iobuf_seek( iobuf, 0 ) ) {
log_error("can't rewind keyring file\n");
rc = G10ERR_KEYRING_OPEN;
goto leave;
}
#endif
while( !(rc=search_packet(iobuf, &pkt, pkttype, &offset)) ) {
if( pkt.pkttype == PKT_SECRET_CERT ) {
@ -539,6 +555,9 @@ keyring_search( PACKET *req, KBPOS *kbpos, IOBUF iobuf )
leave:
free_packet(&pkt);
set_packet_list_mode(save_mode);
#if __MINGW32__
iobuf_close(iobuf);
#endif
return rc;
}
@ -872,7 +891,11 @@ keyring_copy( KBPOS *kbpos, int mode, KBNODE root )
}
/* close both files */
iobuf_close(fp);
if( iobuf_close(fp) ) {
log_error("%s: close failed: %s\n", rentry->fname, strerror(errno) );
rc = G10ERR_CLOSE_FILE;
goto leave;
}
if( iobuf_close(newfp) ) {
log_error("%s: close failed: %s\n", tmpfname, strerror(errno) );
rc = G10ERR_CLOSE_FILE;

4
g10/sig-check.c
View File

@ -68,6 +68,9 @@ do_check( PKT_public_cert *pkc, PKT_signature *sig, MD_HANDLE digest )
if( (rc=check_digest_algo(sig->d.elg.digest_algo)) )
goto leave;
/* make sure the digest algo is enabled (in case of a detached
* signature */
md_enable( digest, sig->d.elg.digest_algo );
/* complete the digest */
md_putc( digest, sig->sig_class );
{ u32 a = sig->timestamp;
@ -124,6 +127,7 @@ do_check( PKT_public_cert *pkc, PKT_signature *sig, MD_HANDLE digest )
if( (rc=check_digest_algo(sig->d.rsa.digest_algo)) )
goto leave; /* unsupported algo */
md_enable( digest, sig->d.rsa.digest_algo );
asn = md_asn_oid( sig->d.rsa.digest_algo, &asnlen, &mdlen );
for(i=mdlen,j=asnlen-1; (c=mpi_getbyte(result, i)) != -1 && j >= 0;

5
g10/sign.c
View File

@ -163,6 +163,7 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
iobuf_push_filter( out, encrypt_filter, &efx );
}
if( !detached ) {
/* loop over the secret certificates and build headers */
for( skc_rover = skc_list; skc_rover; skc_rover = skc_rover->next ) {
PKT_secret_cert *skc;
@ -182,10 +183,12 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
rc = build_packet( out, &pkt );
free_packet( &pkt );
if( rc ) {
log_error("build onepass_sig packet failed: %s\n", g10_errstr(rc));
log_error("build onepass_sig packet failed: %s\n",
g10_errstr(rc));
goto leave;
}
}
}
/* setup the inner packet */

9
include/memory.h
View File

@ -33,7 +33,7 @@
#define m_realloc(n,m) m_debug_realloc((n),(m), M_DBGINFO(__LINE__) )
#define m_free(n) m_debug_free((n), M_DBGINFO(__LINE__) )
#define m_check(n) m_debug_check((n), M_DBGINFO(__LINE__) )
#define m_copy(a) m_debug_copy((a), M_DBGINFO(__LINE__) )
/*#define m_copy(a) m_debug_copy((a), M_DBGINFO(__LINE__) )*/
#define m_strdup(a) m_debug_strdup((a), M_DBGINFO(__LINE__) )
void *m_debug_alloc( size_t n, const char *info );
@ -43,7 +43,7 @@ void *m_debug_alloc_secure_clear( size_t n, const char *info );
void *m_debug_realloc( void *a, size_t n, const char *info );
void m_debug_free( void *p, const char *info );
void m_debug_check( const void *a, const char *info );
void *m_debug_copy( const void *a, const char *info );
/*void *m_debug_copy( const void *a, const char *info );*/
char *m_debug_strdup( const char *a, const char *info );
#else
@ -54,18 +54,19 @@ void *m_alloc_secure_clear( size_t n );
void *m_realloc( void *a, size_t n );
void m_free( void *p );
void m_check( const void *a );
void *m_copy( const void *a );
/*void *m_copy( const void *a );*/
char *m_strdup( const char * a);
#endif
size_t m_size( const void *a );
int m_is_secure( const void *p );
/*-- secmem.c --*/
void secmem_init( size_t npool );
void secmem_term( void );
void *secmem_malloc( size_t size );
void *secmem_realloc( void *a, size_t newsize );
void secmem_free( void *a );
int m_is_secure( const void *p );
void secmem_dump_stats(void);
void secmem_set_flags( unsigned flags );
unsigned secmem_get_flags(void);

8
util/ChangeLog
View File

@ -1,3 +1,11 @@
Fri Feb 27 10:20:03 1998 Werner Koch (wk@isil.d.shuttle.de)
* memory.c (m_is_secure): Removed.
* secmem.c (m_is_secure): Moved to here.
* secmem.c (secmem_realloc): New.
* memory.c (M_GUARD,EXTRA_ALIGN): New (all functions).
Thu Feb 26 14:36:51 1998 Werner Koch (wk@isil.d.shuttle.de)
* secmem.c (lock_pool): No error if EAGAIN is returned instead

135
util/memory.c
View File

@ -4,13 +4,11 @@
* We use our own memory allocation functions instead of plain malloc(),
* so that we can provide some special enhancements:
* a) functions to provide memory from a secure memory.
* Don't know how to handle it yet, but it may be possible to
* use memory which can't be swapped out.
* b) By looking at the requested allocation size we
* can reuse memory very quickly (e.g. MPI storage)
* c) A controlbyte gives us the opportunity to use only one
* free() function and do some overflow checking.
* d) memory checking and reporting if compiled with M_DEBUG
* (really needed?)
* c) memory usage reporting if compiled with M_DEBUG
* d) memory checking if compiled with M_GUARD
*
* This file is part of GNUPG.
*
@ -44,9 +42,18 @@
#define MAGIC_SEC_BYTE 0xcc
#define MAGIC_END_BYTE 0xaa
#if SIZEOF_UNSIGNED_LONG == 8
#define EXTRA_ALIGN 4
#else
#define EXTRA_ALIGN 0
#endif
const void membug( const char *fmt, ... );
#ifdef M_DEBUG
#ifndef M_GUARD
#define M_GUARD 1
#endif
#undef m_alloc
#undef m_alloc_clear
#undef m_alloc_secure
@ -64,10 +71,10 @@ const void membug( const char *fmt, ... );
#define FNAME(a) m_ ##a
#define FNAMEPRT
#define FNAMEARG
#define store_len(p,n,m) do { ((byte*)p)[0] = n; \
((byte*)p)[1] = n >> 8 ; \
((byte*)p)[2] = n >> 16 ; \
((byte*)p)[3] = m? MAGIC_SEC_BYTE \
#define store_len(p,n,m) do { ((byte*)p)[EXTRA_ALIGN+0] = n; \
((byte*)p)[EXTRA_ALIGN+1] = n >> 8 ; \
((byte*)p)[EXTRA_ALIGN+2] = n >> 16 ; \
((byte*)p)[EXTRA_ALIGN+3] = m? MAGIC_SEC_BYTE \
: MAGIC_NOR_BYTE; \
} while(0)
#endif
@ -196,24 +203,29 @@ check_mem( const byte *p, const char *info )
unsigned n;
struct memtbl_entry *e;
n = p[0];
n |= p[1] << 8;
n |= p[2] << 16;
n = p[EXTRA_ALIGN+0];
n |= p[EXTRA_ALIGN+1] << 8;
n |= p[EXTRA_ALIGN+2] << 16;
if( n >= memtbl_len )
membug("memory at %p corrupted: index=%u table_len=%u (%s)\n",
p+4, n, memtbl_len, info );
p+EXTRA_ALIGN+4, n, memtbl_len, info );
e = memtbl+n;
if( e->user_p != p+4 )
membug("memory at %p corrupted: reference mismatch (%s)\n", p+4, info );
if( e->user_p != p+EXTRA_ALIGN+4 )
membug("memory at %p corrupted: reference mismatch (%s)\n",
p+EXTRA_ALIGN+4, info );
if( !e->inuse )
membug("memory at %p corrupted: marked as free (%s)\n", p+4, info );
membug("memory at %p corrupted: marked as free (%s)\n",
p+EXTRA_ALIGN+4, info );
if( !(p[3] == MAGIC_NOR_BYTE || p[3] == MAGIC_SEC_BYTE) )
membug("memory at %p corrupted: underflow=%02x (%s)\n", p+4, p[3], info );
if( p[4+e->user_n] != MAGIC_END_BYTE )
membug("memory at %p corrupted: overflow=%02x (%s)\n", p+4, p[4+e->user_n], info );
if( !(p[EXTRA_ALIGN+3] == MAGIC_NOR_BYTE
|| p[EXTRA_ALIGN+3] == MAGIC_SEC_BYTE) )
membug("memory at %p corrupted: underflow=%02x (%s)\n",
p+EXTRA_ALIGN+4, p[EXTRA_ALIGN+3], info );
if( p[EXTRA_ALIGN+4+e->user_n] != MAGIC_END_BYTE )
membug("memory at %p corrupted: overflow=%02x (%s)\n",
p+EXTRA_ALIGN+4, p[EXTRA_ALIGN+4+e->user_n], info );
return e;
}
@ -233,10 +245,10 @@ free_entry( byte *p, const char *info )
log_debug( "%s frees %u bytes alloced by %s\n",
info, e->user_n, e->info->info );
if( !e->inuse ) {
if( e->user_p == p + 4 )
membug("freeing an already freed pointer at %p\n", p+4 );
if( e->user_p == p + EXTRA_ALIGN+ 4 )
membug("freeing an already freed pointer at %p\n", p+EXTRA_ALIGN+4 );
else
membug("freeing pointer %p which is flagged as freed\n", p+4 );
membug("freeing pointer %p which is flagged as freed\n", p+EXTRA_ALIGN+4 );
}
e->inuse = 0;
@ -298,7 +310,7 @@ check_allmem( const char *info )
for( e = memtbl, n = 0; n < memtbl_len; n++, e++ )
if( e->inuse )
check_mem(e->user_p-4, info);
check_mem(e->user_p-4-EXTRA_ALIGN, info);
}
#endif /* M_DEBUG */
@ -337,11 +349,17 @@ FNAME(alloc)( size_t n FNAMEPRT )
{
char *p;
if( !(p = malloc( n + 5 )) )
#ifdef M_GUARD
if( !(p = malloc( n + EXTRA_ALIGN+5 )) )
out_of_core(n,0);
store_len(p,n,0);
p[4+n] = MAGIC_END_BYTE; /* need to add the length somewhere */
return p+4;
p[4+EXTRA_ALIGN+n] = MAGIC_END_BYTE;
return p+EXTRA_ALIGN+4;
#else
if( !(p = malloc( n )) )
out_of_core(n,0);
return p;
#endif
}
/****************
@ -353,11 +371,17 @@ FNAME(alloc_secure)( size_t n FNAMEPRT )
{
char *p;
if( !(p = secmem_malloc( n + 5 )) )
#ifdef M_GUARD
if( !(p = secmem_malloc( n +EXTRA_ALIGN+ 5 )) )
out_of_core(n,1);
store_len(p,n,1);
p[4+n] = MAGIC_END_BYTE;
return p+4;
p[4+EXTRA_ALIGN+n] = MAGIC_END_BYTE;
return p+EXTRA_ALIGN+4;
#else
if( !(p = secmem_malloc( n )) )
out_of_core(n,1);
return p;
#endif
}
void *
@ -384,7 +408,8 @@ FNAME(alloc_secure_clear)( size_t n FNAMEPRT)
*/
void *
FNAME(realloc)( void *a, size_t n FNAMEPRT )
{ /* FIXME: should be optimized :-) */
{
#ifdef M_GUARD
unsigned char *p = a;
void *b;
size_t len = m_size(a);
@ -398,6 +423,18 @@ FNAME(realloc)( void *a, size_t n FNAMEPRT )
FNAME(check)(NULL FNAMEARG);
memcpy(b, a, len );
FNAME(free)(p FNAMEARG);
#else
void *b;
if( m_is_secure(a) ) {
if( !(b = secmem_realloc( a, n )) )
out_of_core(n,1);
}
else {
if( !(b = realloc( a, n )) )
out_of_core(n,0);
}
#endif
return b;
}
@ -414,13 +451,18 @@ FNAME(free)( void *a FNAMEPRT )
if( !p )
return;
#ifdef M_DEBUG
free_entry(p-4, info);
#else
free_entry(p-EXTRA_ALIGN-4, info);
#elif M_GUARD
m_check(p);
if( m_is_secure(a) )
secmem_free(p-4);
secmem_free(p-EXTRA_ALIGN-4);
else
free(p-4);
free(p-EXTRA_ALIGN-4);
#else
if( m_is_secure(a) )
secmem_free(p);
else
free(p);
#endif
}
@ -428,11 +470,12 @@ FNAME(free)( void *a FNAMEPRT )
void
FNAME(check)( const void *a FNAMEPRT )
{
#ifdef M_GUARD
const byte *p = a;
#ifdef M_DEBUG
if( p )
check_mem(p-4, info);
check_mem(p-EXTRA_ALIGN-4, info);
else
check_allmem(info);
#else
@ -443,33 +486,33 @@ FNAME(check)( const void *a FNAMEPRT )
else if( p[m_size(p)] != MAGIC_END_BYTE )
membug("memory at %p corrupted (overflow=%02x)\n", p, p[-1] );
#endif
#endif
}
size_t
m_size( const void *a )
{
#ifndef M_GUARD
log_debug("Ooops, m_size called\n");
return 0;
#else
const byte *p = a;
size_t n;
#ifdef M_DEBUG
n = check_mem(p-4, "m_size")->user_n;
n = check_mem(p-EXTRA_ALIGN-4, "m_size")->user_n;
#else
n = ((byte*)p)[-4];
n |= ((byte*)p)[-3] << 8;
n |= ((byte*)p)[-2] << 16;
#endif
return n;
#endif
}
int
m_is_secure( const void *p )
{
return p && ((byte*)p)[-1] == MAGIC_SEC_BYTE;
}
#if 0 /* not used */
/****************
* Make a copy of the memory block at a
*/
@ -482,7 +525,7 @@ FNAME(copy)( const void *a FNAMEPRT )
if( !a )
return NULL;
n = m_size(a);
n = m_size(a); Aiiiih woher nehmen
if( m_is_secure(a) )
b = FNAME(alloc_secure)(n FNAMEARG);
else
@ -490,7 +533,7 @@ FNAME(copy)( const void *a FNAMEPRT )
memcpy(b, a, n );
return b;
}
#endif
char *
FNAME(strdup)( const char *a FNAMEPRT )

25
util/secmem.c
View File

@ -219,6 +219,25 @@ secmem_malloc( size_t size )
}
void *
secmem_realloc( void *p, size_t newsize )
{
MEMBLOCK *mb;
size_t size;
void *a;
mb = (MEMBLOCK*)((char*)p - ((size_t) &((MEMBLOCK*)0)->u.d));
size = mb->size;
if( newsize < size )
return p; /* it is easier not to shrink the memory */
a = secmem_malloc( newsize );
memcpy(a, p, size);
memset(a+size, 0, newsize-size);
secmem_free(p);
return a;
}
void
secmem_free( void *a )
{
@ -241,6 +260,12 @@ secmem_free( void *a )
cur_alloced -= size;
}
int
m_is_secure( const void *p )
{
return p >= pool && p < (pool+poolsize);
}
void
secmem_term()
{