[erlang-patches] [PATCH] crypto: fix a few memleaks/undefined pointer dereferences

Florian Zumbiehl florz@REDACTED
Mon Feb 3 06:38:46 CET 2014


Hi,

> A simple fix to this would be to let the crypto_alloc (in
> crypto_callback.c) to call abort() if the allocation failed as that
> is the strategy otherwise in out-of-memory scenarios. Thus a "nice
> crash" with an "Out of memory" message instead of a segmentation
> violation.

below you find a patch that does just that. I hope it can still make it
into R17? Mind you, pointer arithmetic with and dereference of null
pointers give undefined behaviour, not (necessarily just) a segfault, so
this could have security implications.

Regards, Florian

diff --git a/lib/crypto/c_src/crypto_callback.c b/lib/crypto/c_src/crypto_callback.c
index 81106b4..750e9b1 100644
--- a/lib/crypto/c_src/crypto_callback.c
+++ b/lib/crypto/c_src/crypto_callback.c
@@ -53,11 +53,19 @@ static ErlNifRWLock** lock_vec = NULL; /* Static locks used by openssl */
 
 static void* crypto_alloc(size_t size)
 {
-    return enif_alloc(size);
+    void *ret;
+
+    if (!(ret = enif_alloc(size)) && size)
+	abort();
+    return ret;
 }
 static void* crypto_realloc(void* ptr, size_t size)
 {
-    return enif_realloc(ptr, size);
+    void *ret;
+
+    if (!(ret = enif_realloc(ptr, size)) && size)
+	abort();
+    return ret;
 }
 static void crypto_free(void* ptr)
 {



More information about the erlang-patches mailing list