[erlang-patches] [PATCH] crypto: fix a few memleaks/undefined pointer dereferences

Sverker Eriksson sverker.eriksson@REDACTED
Tue Feb 4 12:30:28 CET 2014


Thanks, I'll include this for 17.0-rc2.

/Sverker

On 02/03/2014 06:38 AM, Florian Zumbiehl wrote:
> Hi,
>
>> A simple fix to this would be to let the crypto_alloc (in
>> crypto_callback.c) to call abort() if the allocation failed as that
>> is the strategy otherwise in out-of-memory scenarios. Thus a "nice
>> crash" with an "Out of memory" message instead of a segmentation
>> violation.
> below you find a patch that does just that. I hope it can still make it
> into R17? Mind you, pointer arithmetic with and dereference of null
> pointers give undefined behaviour, not (necessarily just) a segfault, so
> this could have security implications.
>
> Regards, Florian
>
> diff --git a/lib/crypto/c_src/crypto_callback.c b/lib/crypto/c_src/crypto_callback.c
> index 81106b4..750e9b1 100644
> --- a/lib/crypto/c_src/crypto_callback.c
> +++ b/lib/crypto/c_src/crypto_callback.c
> @@ -53,11 +53,19 @@ static ErlNifRWLock** lock_vec = NULL; /* Static locks used by openssl */
>   
>   static void* crypto_alloc(size_t size)
>   {
> -    return enif_alloc(size);
> +    void *ret;
> +
> +    if (!(ret = enif_alloc(size)) && size)
> +	abort();
> +    return ret;
>   }
>   static void* crypto_realloc(void* ptr, size_t size)
>   {
> -    return enif_realloc(ptr, size);
> +    void *ret;
> +
> +    if (!(ret = enif_realloc(ptr, size)) && size)
> +	abort();
> +    return ret;
>   }
>   static void crypto_free(void* ptr)
>   {




More information about the erlang-patches mailing list