From a242c757c22a27dd34822b0835246a0553d7529d Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Tue, 25 Apr 2023 04:48:15 -0400 Subject: [PATCH 01/16] Document mbedtls_calloc zeroization Signed-off-by: Andrzej Kurek --- include/mbedtls/config.h | 2 +- include/mbedtls/platform.h | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 1381c1fd1..d9835b31d 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -3798,7 +3798,7 @@ /* Platform options */ //#define MBEDTLS_PLATFORM_STD_MEM_HDR /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */ -//#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */ +//#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined. Please note that it should zeroize the buffer after allocation. */ //#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */ //#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */ //#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ diff --git a/include/mbedtls/platform.h b/include/mbedtls/platform.h index 9033852be..121ba3ad7 100644 --- a/include/mbedtls/platform.h +++ b/include/mbedtls/platform.h @@ -140,6 +140,7 @@ extern "C" { /* * The function pointers for calloc and free. + * mbedtls_calloc will allocate and zeroize the buffer. */ #if defined(MBEDTLS_PLATFORM_MEMORY) #if defined(MBEDTLS_PLATFORM_FREE_MACRO) && \ From 97cbff7c0dd9767b2e82c0b313e469fc823c877d Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Tue, 25 Apr 2023 05:51:34 -0400 Subject: [PATCH 02/16] Add a test for calloc zeroization Signed-off-by: Andrzej Kurek --- include/mbedtls/config.h | 2 +- programs/test/selftest.c | 23 +++++++++++++++++++++++ 2 files changed, 24 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index d9835b31d..be6ad83cb 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -3798,7 +3798,7 @@ /* Platform options */ //#define MBEDTLS_PLATFORM_STD_MEM_HDR /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */ -//#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined. Please note that it should zeroize the buffer after allocation. */ +//#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined. Please note that it should zeroize the allocated buffer. */ //#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */ //#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */ //#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ diff --git a/programs/test/selftest.c b/programs/test/selftest.c index 229f0d80a..3adf2e55d 100644 --- a/programs/test/selftest.c +++ b/programs/test/selftest.c @@ -167,6 +167,23 @@ static int run_test_snprintf(void) test_snprintf(5, "123", 3) != 0; } +static int run_test_mbedtls_calloc(void) +{ + unsigned int buf_size = 256; + unsigned char *buf; + int ret = -1; + buf = mbedtls_calloc(buf_size, sizeof(unsigned char)); + for (unsigned int i = 0; i < buf_size; i++) { + if (buf[i] != 0) { + ret = -1; + goto exit; + } + } + ret = 0; +exit: + mbedtls_free(buf); + return ret; +} /* * Check if a seed file is present, and if not create one for the entropy * self-test. If this fails, we attempt the test anyway, so no error is passed @@ -376,6 +393,12 @@ int main(int argc, char *argv[]) mbedtls_exit(MBEDTLS_EXIT_FAILURE); } + /* Make sure that mbedtls_calloc zeroizes the buffer */ + if (run_test_mbedtls_calloc() != 0) { + mbedtls_printf("the calloc implementation does not zeroize the buffer\n"); + mbedtls_exit(MBEDTLS_EXIT_FAILURE); + } + for (argp = argv + (argc >= 1 ? 1 : argc); *argp != NULL; ++argp) { if (strcmp(*argp, "--quiet") == 0 || strcmp(*argp, "-q") == 0) { From dc11cd166897118db1f7b5f96339bef3ea6a8eaf Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Fri, 14 Jul 2023 09:47:05 -0400 Subject: [PATCH 03/16] Extend mbedtls_calloc and mbedtls_free documentation Co-authored-by: Gilles Peskine Signed-off-by: Andrzej Kurek --- include/mbedtls/config.h | 23 +++++++++++++++++++---- include/mbedtls/platform.h | 3 ++- 2 files changed, 21 insertions(+), 5 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index be6ad83cb..aaa150833 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -3798,8 +3798,23 @@ /* Platform options */ //#define MBEDTLS_PLATFORM_STD_MEM_HDR /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */ -//#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined. Please note that it should zeroize the allocated buffer. */ -//#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */ +/** \def MBEDTLS_PLATFORM_STD_CALLOC + * + * Default allocator to use, can be undefined. + * It should initialize the allocated buffer memory to zeroes. + * The size of the buffer is the product of the two parameters. + * The behavior is undefined if the product of the two parameters overflows size_t. + * If the product is 0, the function may either return NULL or a valid pointer to an array of size 0 which is a valid input to the deallocation function. + * The corresponding deallocation function is MBEDTLS_PLATFORM_STD_FREE. + */ +//#define MBEDTLS_PLATFORM_STD_CALLOC calloc +/** \def MBEDTLS_PLATFORM_STD_FREE + * + * Default free to use, can be undefined. + * NULL is a valid parameter, and the function must do nothing. + * A non-null parameter will always be a pointer previously returned by MBEDTLS_PLATFORM_STD_CALLOC and not yet freed. + */ +//#define MBEDTLS_PLATFORM_STD_FREE free //#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */ //#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ //#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use, can be undefined */ @@ -3814,8 +3829,8 @@ /* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */ /* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */ -//#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */ +//#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_CALLOC for requirements. */ +//#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_FREE for requirements. */ //#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */ //#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ //#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ diff --git a/include/mbedtls/platform.h b/include/mbedtls/platform.h index 121ba3ad7..08c0172e0 100644 --- a/include/mbedtls/platform.h +++ b/include/mbedtls/platform.h @@ -140,7 +140,8 @@ extern "C" { /* * The function pointers for calloc and free. - * mbedtls_calloc will allocate and zeroize the buffer. + * please see MBEDTLS_PLATFORM_STD_CALLOC and MBEDTLS_PLATFORM_STD_FREE + * in mbedtls_config.h for more information about behaviour and requirements. */ #if defined(MBEDTLS_PLATFORM_MEMORY) #if defined(MBEDTLS_PLATFORM_FREE_MACRO) && \ From 5ffea9dc77a676b8d8dbe43cfc2fee2cad398ac0 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Fri, 14 Jul 2023 09:53:08 -0400 Subject: [PATCH 04/16] Rework the calloc buffer initialization test in selftest.c This way it's more in line with development. Signed-off-by: Andrzej Kurek --- programs/test/selftest.c | 68 ++++++++++++++++++++++++---------------- 1 file changed, 41 insertions(+), 27 deletions(-) diff --git a/programs/test/selftest.c b/programs/test/selftest.c index 3adf2e55d..be97a586f 100644 --- a/programs/test/selftest.c +++ b/programs/test/selftest.c @@ -77,23 +77,49 @@ static int calloc_self_test(int verbose) void *empty2 = mbedtls_calloc(0, 1); void *buffer1 = mbedtls_calloc(1, 1); void *buffer2 = mbedtls_calloc(1, 1); + unsigned int buf_size = 256; + unsigned char *buffer3 = mbedtls_calloc(buf_size, sizeof(unsigned char)); if (empty1 == NULL && empty2 == NULL) { if (verbose) { - mbedtls_printf(" CALLOC(0): passed (NULL)\n"); + mbedtls_printf(" CALLOC(0,1): passed (NULL)\n"); } } else if (empty1 == NULL || empty2 == NULL) { if (verbose) { - mbedtls_printf(" CALLOC(0): failed (mix of NULL and non-NULL)\n"); + mbedtls_printf(" CALLOC(0,1): failed (mix of NULL and non-NULL)\n"); } ++failures; } else if (empty1 == empty2) { if (verbose) { - mbedtls_printf(" CALLOC(0): passed (same non-null)\n"); + mbedtls_printf(" CALLOC(0,1): passed (same non-null)\n"); } } else { if (verbose) { - mbedtls_printf(" CALLOC(0): passed (distinct non-null)\n"); + mbedtls_printf(" CALLOC(0,1): passed (distinct non-null)\n"); + } + } + + mbedtls_free(empty1); + mbedtls_free(empty2); + + empty1 = mbedtls_calloc(1, 0); + empty2 = mbedtls_calloc(1, 0); + if (empty1 == NULL && empty2 == NULL) { + if (verbose) { + mbedtls_printf(" CALLOC(1,0): passed (NULL)\n"); + } + } else if (empty1 == NULL || empty2 == NULL) { + if (verbose) { + mbedtls_printf(" CALLOC(1,0): failed (mix of NULL and non-NULL)\n"); + } + ++failures; + } else if (empty1 == empty2) { + if (verbose) { + mbedtls_printf(" CALLOC(1,0): passed (same non-null)\n"); + } + } else { + if (verbose) { + mbedtls_printf(" CALLOC(1,0): passed (distinct non-null)\n"); } } @@ -126,6 +152,16 @@ static int calloc_self_test(int verbose) } } + for (unsigned int i = 0; i < buf_size; i++) { + if (buffer3[i] != 0) { + ++failures; + if (verbose) { + mbedtls_printf(" CALLOC(%u): failed (memory not initialized to 0)\n", buf_size); + } + break; + } + } + if (verbose) { mbedtls_printf("\n"); } @@ -133,6 +169,7 @@ static int calloc_self_test(int verbose) mbedtls_free(empty2); mbedtls_free(buffer1); mbedtls_free(buffer2); + mbedtls_free(buffer3); return failures; } #endif /* MBEDTLS_SELF_TEST */ @@ -167,23 +204,6 @@ static int run_test_snprintf(void) test_snprintf(5, "123", 3) != 0; } -static int run_test_mbedtls_calloc(void) -{ - unsigned int buf_size = 256; - unsigned char *buf; - int ret = -1; - buf = mbedtls_calloc(buf_size, sizeof(unsigned char)); - for (unsigned int i = 0; i < buf_size; i++) { - if (buf[i] != 0) { - ret = -1; - goto exit; - } - } - ret = 0; -exit: - mbedtls_free(buf); - return ret; -} /* * Check if a seed file is present, and if not create one for the entropy * self-test. If this fails, we attempt the test anyway, so no error is passed @@ -393,12 +413,6 @@ int main(int argc, char *argv[]) mbedtls_exit(MBEDTLS_EXIT_FAILURE); } - /* Make sure that mbedtls_calloc zeroizes the buffer */ - if (run_test_mbedtls_calloc() != 0) { - mbedtls_printf("the calloc implementation does not zeroize the buffer\n"); - mbedtls_exit(MBEDTLS_EXIT_FAILURE); - } - for (argp = argv + (argc >= 1 ? 1 : argc); *argp != NULL; ++argp) { if (strcmp(*argp, "--quiet") == 0 || strcmp(*argp, "-q") == 0) { From ba16859cc67a27710f638d376237cb880dbb667e Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Fri, 14 Jul 2023 09:56:02 -0400 Subject: [PATCH 05/16] Documentation and cosmetic fixes Signed-off-by: Andrzej Kurek --- include/mbedtls/config.h | 10 +++++----- include/mbedtls/platform.h | 2 +- programs/test/selftest.c | 2 +- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index aaa150833..218bf484a 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -3801,18 +3801,18 @@ /** \def MBEDTLS_PLATFORM_STD_CALLOC * * Default allocator to use, can be undefined. - * It should initialize the allocated buffer memory to zeroes. + * It must initialize the allocated buffer memory to zeroes. * The size of the buffer is the product of the two parameters. - * The behavior is undefined if the product of the two parameters overflows size_t. + * The calloc function returns either a null pointer or a pointer to the allocated space. * If the product is 0, the function may either return NULL or a valid pointer to an array of size 0 which is a valid input to the deallocation function. - * The corresponding deallocation function is MBEDTLS_PLATFORM_STD_FREE. + * The corresponding deallocation function is #MBEDTLS_PLATFORM_STD_FREE. */ //#define MBEDTLS_PLATFORM_STD_CALLOC calloc /** \def MBEDTLS_PLATFORM_STD_FREE * * Default free to use, can be undefined. * NULL is a valid parameter, and the function must do nothing. - * A non-null parameter will always be a pointer previously returned by MBEDTLS_PLATFORM_STD_CALLOC and not yet freed. + * A non-null parameter will always be a pointer previously returned by #MBEDTLS_PLATFORM_STD_CALLOC and not yet freed. */ //#define MBEDTLS_PLATFORM_STD_FREE free //#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */ @@ -3827,7 +3827,7 @@ //#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ //#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */ -/* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */ +/* To use the following function macros, MBEDTLS_PLATFORM_C must be enabled. */ /* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */ //#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_CALLOC for requirements. */ //#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_FREE for requirements. */ diff --git a/include/mbedtls/platform.h b/include/mbedtls/platform.h index 08c0172e0..5e2e490de 100644 --- a/include/mbedtls/platform.h +++ b/include/mbedtls/platform.h @@ -140,7 +140,7 @@ extern "C" { /* * The function pointers for calloc and free. - * please see MBEDTLS_PLATFORM_STD_CALLOC and MBEDTLS_PLATFORM_STD_FREE + * Please see MBEDTLS_PLATFORM_STD_CALLOC and MBEDTLS_PLATFORM_STD_FREE * in mbedtls_config.h for more information about behaviour and requirements. */ #if defined(MBEDTLS_PLATFORM_MEMORY) diff --git a/programs/test/selftest.c b/programs/test/selftest.c index be97a586f..1c6f50b68 100644 --- a/programs/test/selftest.c +++ b/programs/test/selftest.c @@ -78,7 +78,7 @@ static int calloc_self_test(int verbose) void *buffer1 = mbedtls_calloc(1, 1); void *buffer2 = mbedtls_calloc(1, 1); unsigned int buf_size = 256; - unsigned char *buffer3 = mbedtls_calloc(buf_size, sizeof(unsigned char)); + unsigned char *buffer3 = mbedtls_calloc(buf_size, 1); if (empty1 == NULL && empty2 == NULL) { if (verbose) { From c8bf05954bc86fd39cf03ce35c6e6c79f1d41cca Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Thu, 4 May 2023 17:29:55 -0400 Subject: [PATCH 06/16] Add a calloc selftest for more than a page Signed-off-by: Andrzej Kurek --- programs/test/selftest.c | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/programs/test/selftest.c b/programs/test/selftest.c index 1c6f50b68..f45eb8539 100644 --- a/programs/test/selftest.c +++ b/programs/test/selftest.c @@ -77,8 +77,10 @@ static int calloc_self_test(int verbose) void *empty2 = mbedtls_calloc(0, 1); void *buffer1 = mbedtls_calloc(1, 1); void *buffer2 = mbedtls_calloc(1, 1); - unsigned int buf_size = 256; - unsigned char *buffer3 = mbedtls_calloc(buf_size, 1); + unsigned int buffer_3_size = 256; + unsigned int buffer_4_size = 4097; /* Allocate more than the usual page size */ + unsigned char *buffer3 = mbedtls_calloc(buffer_3_size, 1); + unsigned char *buffer4 = mbedtls_calloc(buffer_4_size, 1); if (empty1 == NULL && empty2 == NULL) { if (verbose) { @@ -152,11 +154,23 @@ static int calloc_self_test(int verbose) } } - for (unsigned int i = 0; i < buf_size; i++) { + for (unsigned int i = 0; i < buffer_3_size; i++) { if (buffer3[i] != 0) { ++failures; if (verbose) { - mbedtls_printf(" CALLOC(%u): failed (memory not initialized to 0)\n", buf_size); + mbedtls_printf(" CALLOC(%u): failed (memory not initialized to 0)\n", + buffer_3_size); + } + break; + } + } + + for (unsigned int i = 0; i < buffer_4_size; i++) { + if (buffer4[i] != 0) { + ++failures; + if (verbose) { + mbedtls_printf(" CALLOC(%u): failed (memory not initialized to 0)\n", + buffer_4_size); } break; } @@ -170,6 +184,7 @@ static int calloc_self_test(int verbose) mbedtls_free(buffer1); mbedtls_free(buffer2); mbedtls_free(buffer3); + mbedtls_free(buffer4); return failures; } #endif /* MBEDTLS_SELF_TEST */ From c83d49ebc270ff38589dc8e891071b8b1efdfc95 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Fri, 14 Jul 2023 09:58:17 -0400 Subject: [PATCH 07/16] Add a description of how mbedtls_calloc is determined Signed-off-by: Andrzej Kurek --- include/mbedtls/config.h | 32 +++++++++++++++++++++++++++++++- 1 file changed, 31 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 218bf484a..3792c9b7d 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -3798,9 +3798,39 @@ /* Platform options */ //#define MBEDTLS_PLATFORM_STD_MEM_HDR /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */ + +/* An overview of how the value of mbedtls_calloc is determined: + * + * if !MBEDTLS_PLATFORM_MEMORY + * mbedtls_calloc = calloc + * if MBEDTLS_PLATFORM_MEMORY + * if (MBEDTLS_PLATFORM_CALLOC_MACRO && MBEDTLS_PLATFORM_FREE_MACRO): + * mbedtls_calloc = MBEDTLS_PLATFORM_CALLOC_MACRO + * if !(MBEDTLS_PLATFORM_CALLOC_MACRO && MBEDTLS_PLATFORM_FREE_MACRO): + * Dynamic setup via mbedtls_platform_set_calloc_free is now possible with a default value MBEDTLS_PLATFORM_STD_CALLOC. + * How is MBEDTLS_PLATFORM_STD_CALLOC handled? + * if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS: + * MBEDTLS_PLATFORM_STD_CALLOC is not set to anything; + * MBEDTLS_PLATFORM_STD_MEM_HDR can be included if present; + * if !MBEDTLS_PLATFORM_NO_STD_FUNCTIONS: + * if MBEDTLS_PLATFORM_STD_CALLOC is present: + * User-defined MBEDTLS_PLATFORM_STD_CALLOC is respected; + * if !MBEDTLS_PLATFORM_STD_CALLOC: + * MBEDTLS_PLATFORM_STD_CALLOC = calloc + * + * At this point the presence of MBEDTLS_PLATFORM_STD_CALLOC is checked. + * if !MBEDTLS_PLATFORM_STD_CALLOC + * MBEDTLS_PLATFORM_STD_CALLOC = uninitialized_calloc + * + * mbedtls_calloc = MBEDTLS_PLATFORM_STD_CALLOC. + * + * Defining MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_STD_CALLOC at the same time is not possible. + * MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_FREE_MACRO must both be defined or undefined at the same time. + * MBEDTLS_PLATFORM_STD_CALLOC and MBEDTLS_PLATFORM_STD_FREE do not have to be defined at the same time, as, if they are used, dynamic setup of these functions is possible. See the tree above to see how are they handled in all cases. + */ /** \def MBEDTLS_PLATFORM_STD_CALLOC * - * Default allocator to use, can be undefined. + * Default allocator to use, can be undefined. See the description above for details. * It must initialize the allocated buffer memory to zeroes. * The size of the buffer is the product of the two parameters. * The calloc function returns either a null pointer or a pointer to the allocated space. From 8ca66a0795fa5581e5238b808f0a717078061225 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Fri, 14 Jul 2023 10:01:10 -0400 Subject: [PATCH 08/16] Add an mbedtls_calloc(SIZE_MAX/2, SIZE_MAX/2) test It should return NULL and not a valid pointer. Signed-off-by: Andrzej Kurek --- include/mbedtls/config.h | 5 +++-- programs/test/selftest.c | 13 ++++++++++++- 2 files changed, 15 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 3792c9b7d..7e73c6229 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -3826,7 +3826,8 @@ * * Defining MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_STD_CALLOC at the same time is not possible. * MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_FREE_MACRO must both be defined or undefined at the same time. - * MBEDTLS_PLATFORM_STD_CALLOC and MBEDTLS_PLATFORM_STD_FREE do not have to be defined at the same time, as, if they are used, dynamic setup of these functions is possible. See the tree above to see how are they handled in all cases. + * MBEDTLS_PLATFORM_STD_CALLOC and MBEDTLS_PLATFORM_STD_FREE do not have to be defined at the same time, as, if they are used, + * dynamic setup of these functions is possible. See the tree above to see how are they handled in all cases. */ /** \def MBEDTLS_PLATFORM_STD_CALLOC * @@ -3840,7 +3841,7 @@ //#define MBEDTLS_PLATFORM_STD_CALLOC calloc /** \def MBEDTLS_PLATFORM_STD_FREE * - * Default free to use, can be undefined. + * Default free to use, can be undefined. See the description above for more details (same principles as for MBEDTLS_PLATFORM_STD_CALLOC apply). * NULL is a valid parameter, and the function must do nothing. * A non-null parameter will always be a pointer previously returned by #MBEDTLS_PLATFORM_STD_CALLOC and not yet freed. */ diff --git a/programs/test/selftest.c b/programs/test/selftest.c index f45eb8539..68c712dcc 100644 --- a/programs/test/selftest.c +++ b/programs/test/selftest.c @@ -81,7 +81,10 @@ static int calloc_self_test(int verbose) unsigned int buffer_4_size = 4097; /* Allocate more than the usual page size */ unsigned char *buffer3 = mbedtls_calloc(buffer_3_size, 1); unsigned char *buffer4 = mbedtls_calloc(buffer_4_size, 1); - +#pragma GCC diagnostic push +#pragma GCC diagnostic ignored "-Walloc-size-larger-than=" + unsigned char *buffer5 = mbedtls_calloc(SIZE_MAX/2, SIZE_MAX/2); +#pragma GCC diagnostic pop if (empty1 == NULL && empty2 == NULL) { if (verbose) { mbedtls_printf(" CALLOC(0,1): passed (NULL)\n"); @@ -176,6 +179,13 @@ static int calloc_self_test(int verbose) } } + if (buffer5 != NULL) { + ++failures; + if (verbose) { + mbedtls_printf(" CALLOC(SIZE_MAX/2, SIZE_MAX/2): failed (returned a valid pointer)\n"); + } + } + if (verbose) { mbedtls_printf("\n"); } @@ -185,6 +195,7 @@ static int calloc_self_test(int verbose) mbedtls_free(buffer2); mbedtls_free(buffer3); mbedtls_free(buffer4); + mbedtls_free(buffer5); return failures; } #endif /* MBEDTLS_SELF_TEST */ From f35490e7af248a3624c20a8d913b5c68b13e0bed Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Fri, 14 Jul 2023 10:12:11 -0400 Subject: [PATCH 09/16] Move the overallocation test to test suites This way the compiler does not complain about an overly large allocation made. Signed-off-by: Andrzej Kurek --- programs/test/selftest.c | 13 +------------ tests/suites/test_suite_debug.data | 3 +++ tests/suites/test_suite_debug.function | 12 ++++++++++++ 3 files changed, 16 insertions(+), 12 deletions(-) diff --git a/programs/test/selftest.c b/programs/test/selftest.c index 68c712dcc..f45eb8539 100644 --- a/programs/test/selftest.c +++ b/programs/test/selftest.c @@ -81,10 +81,7 @@ static int calloc_self_test(int verbose) unsigned int buffer_4_size = 4097; /* Allocate more than the usual page size */ unsigned char *buffer3 = mbedtls_calloc(buffer_3_size, 1); unsigned char *buffer4 = mbedtls_calloc(buffer_4_size, 1); -#pragma GCC diagnostic push -#pragma GCC diagnostic ignored "-Walloc-size-larger-than=" - unsigned char *buffer5 = mbedtls_calloc(SIZE_MAX/2, SIZE_MAX/2); -#pragma GCC diagnostic pop + if (empty1 == NULL && empty2 == NULL) { if (verbose) { mbedtls_printf(" CALLOC(0,1): passed (NULL)\n"); @@ -179,13 +176,6 @@ static int calloc_self_test(int verbose) } } - if (buffer5 != NULL) { - ++failures; - if (verbose) { - mbedtls_printf(" CALLOC(SIZE_MAX/2, SIZE_MAX/2): failed (returned a valid pointer)\n"); - } - } - if (verbose) { mbedtls_printf("\n"); } @@ -195,7 +185,6 @@ static int calloc_self_test(int verbose) mbedtls_free(buffer2); mbedtls_free(buffer3); mbedtls_free(buffer4); - mbedtls_free(buffer5); return failures; } #endif /* MBEDTLS_SELF_TEST */ diff --git a/tests/suites/test_suite_debug.data b/tests/suites/test_suite_debug.data index 0092774ee..59526238f 100644 --- a/tests/suites/test_suite_debug.data +++ b/tests/suites/test_suite_debug.data @@ -65,3 +65,6 @@ mbedtls_debug_print_crt:"data_files/server1.crt":"MyFile":999:"PREFIX_":"MyFile( Debug print certificate #2 (EC) depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C mbedtls_debug_print_crt:"data_files/test-ca2.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: C1\:43\:E2\:7E\:62\:43\:CC\:E8\nMyFile(0999)\: issuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: subject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: issued on \: 2019-02-10 14\:44\:00\nMyFile(0999)\: expires on \: 2029-02-10 14\:44\:00\nMyFile(0999)\: signed using \: ECDSA with SHA256\nMyFile(0999)\: EC key size \: 384 bits\nMyFile(0999)\: basic constraints \: CA=true\nMyFile(0999)\: value of 'crt->eckey.Q(X)' (384 bits) is\:\nMyFile(0999)\: c3 da 2b 34 41 37 58 2f 87 56 fe fc 89 ba 29 43\nMyFile(0999)\: 4b 4e e0 6e c3 0e 57 53 33 39 58 d4 52 b4 91 95\nMyFile(0999)\: 39 0b 23 df 5f 17 24 62 48 fc 1a 95 29 ce 2c 2d\nMyFile(0999)\: value of 'crt->eckey.Q(Y)' (384 bits) is\:\nMyFile(0999)\: 87 c2 88 52 80 af d6 6a ab 21 dd b8 d3 1c 6e 58\nMyFile(0999)\: b8 ca e8 b2 69 8e f3 41 ad 29 c3 b4 5f 75 a7 47\nMyFile(0999)\: 6f d5 19 29 55 69 9a 53 3b 20 b4 66 16 60 33 1e\n" + +Check mbedtls_calloc overallocation +check_mbedtls_calloc_overallocation:SIZE_MAX/2:SIZE_MAX/2 diff --git a/tests/suites/test_suite_debug.function b/tests/suites/test_suite_debug.function index cbb3a63f1..227586687 100644 --- a/tests/suites/test_suite_debug.function +++ b/tests/suites/test_suite_debug.function @@ -195,3 +195,15 @@ exit: mbedtls_ssl_config_free(&conf); } /* END_CASE */ + +/* BEGIN_CASE */ +void check_mbedtls_calloc_overallocation(int num, int size) +{ + unsigned char *buf; + buf = mbedtls_calloc((size_t) num, (size_t) size); + TEST_ASSERT(buf == NULL); + +exit: + mbedtls_free(buf); +} +/* END_CASE */ From d95b8edf29f476a2239f83edcb075df9a3041c93 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Tue, 27 Jun 2023 10:02:09 -0400 Subject: [PATCH 10/16] Disable asan errors on null allocation in all.sh Such error was raised in platform tests, and it's a valid test case. Signed-off-by: Andrzej Kurek --- tests/scripts/all.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 87defc0ce..8356ab978 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -188,6 +188,9 @@ pre_initialize_variables () { # default to -O2, use -Ox _after_ this if you want another level ASAN_CFLAGS='-O2 -Werror -fsanitize=address,undefined -fno-sanitize-recover=all' + # Platform tests have an allocation that returns null + export ASAN_OPTIONS="allocator_may_return_null=1" + # Gather the list of available components. These are the functions # defined in this script whose name starts with "component_". # Parse the script with sed. This way we get the functions in the order From 33b1222c88d953b50b7f99609356df7ad88b7070 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Fri, 14 Jul 2023 10:14:29 -0400 Subject: [PATCH 11/16] Enable certain documented defines only when generating doxygen Avoid an "unrecognized define" error. Signed-off-by: Andrzej Kurek --- doxygen/mbedtls.doxyfile | 1 + include/mbedtls/config.h | 2 ++ include/mbedtls/platform.h | 9 +++++++++ 3 files changed, 12 insertions(+) diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile index 78299ed5b..6cb51132e 100644 --- a/doxygen/mbedtls.doxyfile +++ b/doxygen/mbedtls.doxyfile @@ -51,4 +51,5 @@ PREDEFINED = "MBEDTLS_CHECK_RETURN_CRITICAL=" \ "MBEDTLS_CHECK_RETURN_TYPICAL=" \ "MBEDTLS_CHECK_RETURN_OPTIONAL=" \ "MBEDTLS_PRINTF_ATTRIBUTE(a,b)=" \ + "__DOXYGEN__" \ diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 7e73c6229..9cd833b78 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -3829,6 +3829,7 @@ * MBEDTLS_PLATFORM_STD_CALLOC and MBEDTLS_PLATFORM_STD_FREE do not have to be defined at the same time, as, if they are used, * dynamic setup of these functions is possible. See the tree above to see how are they handled in all cases. */ + /** \def MBEDTLS_PLATFORM_STD_CALLOC * * Default allocator to use, can be undefined. See the description above for details. @@ -3839,6 +3840,7 @@ * The corresponding deallocation function is #MBEDTLS_PLATFORM_STD_FREE. */ //#define MBEDTLS_PLATFORM_STD_CALLOC calloc + /** \def MBEDTLS_PLATFORM_STD_FREE * * Default free to use, can be undefined. See the description above for more details (same principles as for MBEDTLS_PLATFORM_STD_CALLOC apply). diff --git a/include/mbedtls/platform.h b/include/mbedtls/platform.h index 5e2e490de..5d4e69eeb 100644 --- a/include/mbedtls/platform.h +++ b/include/mbedtls/platform.h @@ -135,6 +135,15 @@ extern "C" { #endif #endif /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */ +/* Enable certain documented defines only when generating doxygen to avoid + * an "unrecognized define" error. */ +#if defined(__DOXYGEN__) && !defined(MBEDTLS_PLATFORM_STD_CALLOC) +#define MBEDTLS_PLATFORM_STD_CALLOC +#endif + +#if defined(__DOXYGEN__) && !defined(MBEDTLS_PLATFORM_STD_FREE) +#define MBEDTLS_PLATFORM_STD_FREE +#endif /** \} name SECTION: Module settings */ From f1e61fcb09352c40080ea84f158ce5ee4b4297fd Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Fri, 14 Jul 2023 10:16:00 -0400 Subject: [PATCH 12/16] Add a dummy usage of a pointer in tests This way clang with O1 doesn't optimize it. Signed-off-by: Andrzej Kurek --- tests/suites/test_suite_debug.function | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/suites/test_suite_debug.function b/tests/suites/test_suite_debug.function index 227586687..617dd8885 100644 --- a/tests/suites/test_suite_debug.function +++ b/tests/suites/test_suite_debug.function @@ -201,6 +201,8 @@ void check_mbedtls_calloc_overallocation(int num, int size) { unsigned char *buf; buf = mbedtls_calloc((size_t) num, (size_t) size); + /* Dummy usage of the pointer to prevent optimizing it */ + mbedtls_printf("calloc pointer : %p\n", buf); TEST_ASSERT(buf == NULL); exit: From 6e4a9beb2bb4e88c3a6d3f426b454ac252e42bf5 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Wed, 5 Jul 2023 08:32:43 -0400 Subject: [PATCH 13/16] Disable msan errors on null allocation in all.sh Such error was raised in platform tests, and it's a valid test case. Signed-off-by: Andrzej Kurek --- tests/scripts/all.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 8356ab978..fb929b1c0 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -190,6 +190,7 @@ pre_initialize_variables () { # Platform tests have an allocation that returns null export ASAN_OPTIONS="allocator_may_return_null=1" + export MSAN_OPTIONS="allocator_may_return_null=1" # Gather the list of available components. These are the functions # defined in this script whose name starts with "component_". From 710e54e2d61f78b1491c5a50e30b9d3d5780be13 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Fri, 14 Jul 2023 10:17:32 -0400 Subject: [PATCH 14/16] Add msan and asan env variables to .travis.yml This way the CI tests don't fail on a null allocation. Signed-off-by: Andrzej Kurek --- .travis.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.travis.yml b/.travis.yml index ada8fc5c6..0ffe249a5 100644 --- a/.travis.yml +++ b/.travis.yml @@ -34,6 +34,10 @@ jobs: packages: - clang-10 - gnutls-bin + env: + # Platform tests have an allocation that returns null + - ASAN_OPTIONS="allocator_may_return_null=1" + - MSAN_OPTIONS="allocator_may_return_null=1" script: # Do a manual build+test sequence rather than using all.sh, # because there's no all.sh component that does what we want, From 3f87d63c71ca443a17ce6dd5b41af33ed78d22bf Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Fri, 14 Jul 2023 10:22:34 -0400 Subject: [PATCH 15/16] Improve the documentation of MBEDTLS_PLATFORM_MEMORY Introduce requests from review comments. Signed-off-by: Andrzej Kurek --- include/mbedtls/config.h | 75 +++++++++++++++++++++------------------- 1 file changed, 40 insertions(+), 35 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 9cd833b78..4651e267c 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -167,15 +167,47 @@ * This allows different allocators (self-implemented or provided) to be * provided to the platform abstraction layer. * - * Enabling MBEDTLS_PLATFORM_MEMORY without the + * Enabling #MBEDTLS_PLATFORM_MEMORY without the * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and * free() function pointer at runtime. * - * Enabling MBEDTLS_PLATFORM_MEMORY and specifying + * Enabling #MBEDTLS_PLATFORM_MEMORY and specifying * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the * alternate function at compile time. * + * An overview of how the value of mbedtls_calloc is determined: + * + * - if !MBEDTLS_PLATFORM_MEMORY + * - mbedtls_calloc = calloc + * - if MBEDTLS_PLATFORM_MEMORY + * - if (MBEDTLS_PLATFORM_CALLOC_MACRO && MBEDTLS_PLATFORM_FREE_MACRO): + * - mbedtls_calloc = MBEDTLS_PLATFORM_CALLOC_MACRO + * - if !(MBEDTLS_PLATFORM_CALLOC_MACRO && MBEDTLS_PLATFORM_FREE_MACRO): + * - Dynamic setup via mbedtls_platform_set_calloc_free is now possible with a default value MBEDTLS_PLATFORM_STD_CALLOC. + * - How is MBEDTLS_PLATFORM_STD_CALLOC handled? + * - if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS: + * - MBEDTLS_PLATFORM_STD_CALLOC is not set to anything; + * - MBEDTLS_PLATFORM_STD_MEM_HDR can be included if present; + * - if !MBEDTLS_PLATFORM_NO_STD_FUNCTIONS: + * - if MBEDTLS_PLATFORM_STD_CALLOC is present: + * - User-defined MBEDTLS_PLATFORM_STD_CALLOC is respected; + * - if !MBEDTLS_PLATFORM_STD_CALLOC: + * - MBEDTLS_PLATFORM_STD_CALLOC = calloc + * + * - At this point the presence of MBEDTLS_PLATFORM_STD_CALLOC is checked. + * - if !MBEDTLS_PLATFORM_STD_CALLOC + * - MBEDTLS_PLATFORM_STD_CALLOC = uninitialized_calloc + * + * - mbedtls_calloc = MBEDTLS_PLATFORM_STD_CALLOC. + * + * Defining MBEDTLS_PLATFORM_CALLOC_MACRO and #MBEDTLS_PLATFORM_STD_CALLOC at the same time is not possible. + * MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_FREE_MACRO must both be defined or undefined at the same time. + * #MBEDTLS_PLATFORM_STD_CALLOC and #MBEDTLS_PLATFORM_STD_FREE do not have to be defined at the same time, as, if they are used, + * dynamic setup of these functions is possible. See the tree above to see how are they handled in all cases. + * An uninitialized #MBEDTLS_PLATFORM_STD_CALLOC always fails, returning a null pointer. + * An uninitialized #MBEDTLS_PLATFORM_STD_FREE does not do anything. + * * Requires: MBEDTLS_PLATFORM_C * * Enable this layer to allow use of alternative memory allocators. @@ -3799,53 +3831,26 @@ /* Platform options */ //#define MBEDTLS_PLATFORM_STD_MEM_HDR /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */ -/* An overview of how the value of mbedtls_calloc is determined: - * - * if !MBEDTLS_PLATFORM_MEMORY - * mbedtls_calloc = calloc - * if MBEDTLS_PLATFORM_MEMORY - * if (MBEDTLS_PLATFORM_CALLOC_MACRO && MBEDTLS_PLATFORM_FREE_MACRO): - * mbedtls_calloc = MBEDTLS_PLATFORM_CALLOC_MACRO - * if !(MBEDTLS_PLATFORM_CALLOC_MACRO && MBEDTLS_PLATFORM_FREE_MACRO): - * Dynamic setup via mbedtls_platform_set_calloc_free is now possible with a default value MBEDTLS_PLATFORM_STD_CALLOC. - * How is MBEDTLS_PLATFORM_STD_CALLOC handled? - * if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS: - * MBEDTLS_PLATFORM_STD_CALLOC is not set to anything; - * MBEDTLS_PLATFORM_STD_MEM_HDR can be included if present; - * if !MBEDTLS_PLATFORM_NO_STD_FUNCTIONS: - * if MBEDTLS_PLATFORM_STD_CALLOC is present: - * User-defined MBEDTLS_PLATFORM_STD_CALLOC is respected; - * if !MBEDTLS_PLATFORM_STD_CALLOC: - * MBEDTLS_PLATFORM_STD_CALLOC = calloc - * - * At this point the presence of MBEDTLS_PLATFORM_STD_CALLOC is checked. - * if !MBEDTLS_PLATFORM_STD_CALLOC - * MBEDTLS_PLATFORM_STD_CALLOC = uninitialized_calloc - * - * mbedtls_calloc = MBEDTLS_PLATFORM_STD_CALLOC. - * - * Defining MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_STD_CALLOC at the same time is not possible. - * MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_FREE_MACRO must both be defined or undefined at the same time. - * MBEDTLS_PLATFORM_STD_CALLOC and MBEDTLS_PLATFORM_STD_FREE do not have to be defined at the same time, as, if they are used, - * dynamic setup of these functions is possible. See the tree above to see how are they handled in all cases. - */ - /** \def MBEDTLS_PLATFORM_STD_CALLOC * - * Default allocator to use, can be undefined. See the description above for details. + * Default allocator to use, can be undefined. * It must initialize the allocated buffer memory to zeroes. * The size of the buffer is the product of the two parameters. * The calloc function returns either a null pointer or a pointer to the allocated space. * If the product is 0, the function may either return NULL or a valid pointer to an array of size 0 which is a valid input to the deallocation function. + * An uninitialized #MBEDTLS_PLATFORM_STD_CALLOC always fails, returning a null pointer. + * See the description of #MBEDTLS_PLATFORM_MEMORY for more details. * The corresponding deallocation function is #MBEDTLS_PLATFORM_STD_FREE. */ //#define MBEDTLS_PLATFORM_STD_CALLOC calloc /** \def MBEDTLS_PLATFORM_STD_FREE * - * Default free to use, can be undefined. See the description above for more details (same principles as for MBEDTLS_PLATFORM_STD_CALLOC apply). + * Default free to use, can be undefined. * NULL is a valid parameter, and the function must do nothing. * A non-null parameter will always be a pointer previously returned by #MBEDTLS_PLATFORM_STD_CALLOC and not yet freed. + * An uninitialized #MBEDTLS_PLATFORM_STD_FREE does not do anything. + * See the description of #MBEDTLS_PLATFORM_MEMORY for more details (same principles as for MBEDTLS_PLATFORM_STD_CALLOC apply). */ //#define MBEDTLS_PLATFORM_STD_FREE free //#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */ From 0841b5a17832ea5adb5492be8a5ca976cc9146a2 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Fri, 14 Jul 2023 15:16:35 -0400 Subject: [PATCH 16/16] Add a workaround for max test suite parameter sizes int isn't enough for SIZE_MAX/2. Hardcoding the value will make the compilers complain. Signed-off-by: Andrzej Kurek --- tests/suites/test_suite_debug.data | 2 +- tests/suites/test_suite_debug.function | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_debug.data b/tests/suites/test_suite_debug.data index 59526238f..87ec67c8c 100644 --- a/tests/suites/test_suite_debug.data +++ b/tests/suites/test_suite_debug.data @@ -67,4 +67,4 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MB mbedtls_debug_print_crt:"data_files/test-ca2.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: C1\:43\:E2\:7E\:62\:43\:CC\:E8\nMyFile(0999)\: issuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: subject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: issued on \: 2019-02-10 14\:44\:00\nMyFile(0999)\: expires on \: 2029-02-10 14\:44\:00\nMyFile(0999)\: signed using \: ECDSA with SHA256\nMyFile(0999)\: EC key size \: 384 bits\nMyFile(0999)\: basic constraints \: CA=true\nMyFile(0999)\: value of 'crt->eckey.Q(X)' (384 bits) is\:\nMyFile(0999)\: c3 da 2b 34 41 37 58 2f 87 56 fe fc 89 ba 29 43\nMyFile(0999)\: 4b 4e e0 6e c3 0e 57 53 33 39 58 d4 52 b4 91 95\nMyFile(0999)\: 39 0b 23 df 5f 17 24 62 48 fc 1a 95 29 ce 2c 2d\nMyFile(0999)\: value of 'crt->eckey.Q(Y)' (384 bits) is\:\nMyFile(0999)\: 87 c2 88 52 80 af d6 6a ab 21 dd b8 d3 1c 6e 58\nMyFile(0999)\: b8 ca e8 b2 69 8e f3 41 ad 29 c3 b4 5f 75 a7 47\nMyFile(0999)\: 6f d5 19 29 55 69 9a 53 3b 20 b4 66 16 60 33 1e\n" Check mbedtls_calloc overallocation -check_mbedtls_calloc_overallocation:SIZE_MAX/2:SIZE_MAX/2 +check_mbedtls_calloc_overallocation:1:1 diff --git a/tests/suites/test_suite_debug.function b/tests/suites/test_suite_debug.function index 617dd8885..34e006f10 100644 --- a/tests/suites/test_suite_debug.function +++ b/tests/suites/test_suite_debug.function @@ -200,7 +200,7 @@ exit: void check_mbedtls_calloc_overallocation(int num, int size) { unsigned char *buf; - buf = mbedtls_calloc((size_t) num, (size_t) size); + buf = mbedtls_calloc((size_t) num * SIZE_MAX/2, (size_t) size * SIZE_MAX/2); /* Dummy usage of the pointer to prevent optimizing it */ mbedtls_printf("calloc pointer : %p\n", buf); TEST_ASSERT(buf == NULL);