xref: /dflybsd-src/lib/libtcplay/safe_mem.c (revision c833cfcf36ab2b2be8e7c3e97072808add9e0e0b) 
10d9ba1e1SAlex Hornung /*
20d9ba1e1SAlex Hornung  * Copyright (c) 2011 Alex Hornung <alex@alexhornung.com>.
30d9ba1e1SAlex Hornung  * All rights reserved.
40d9ba1e1SAlex Hornung  *
50d9ba1e1SAlex Hornung  * Redistribution and use in source and binary forms, with or without
60d9ba1e1SAlex Hornung  * modification, are permitted provided that the following conditions
70d9ba1e1SAlex Hornung  * are met:
80d9ba1e1SAlex Hornung  *
90d9ba1e1SAlex Hornung  * 1. Redistributions of source code must retain the above copyright
100d9ba1e1SAlex Hornung  *    notice, this list of conditions and the following disclaimer.
110d9ba1e1SAlex Hornung  * 2. Redistributions in binary form must reproduce the above copyright
120d9ba1e1SAlex Hornung  *    notice, this list of conditions and the following disclaimer in
130d9ba1e1SAlex Hornung  *    the documentation and/or other materials provided with the
140d9ba1e1SAlex Hornung  *    distribution.
150d9ba1e1SAlex Hornung  *
160d9ba1e1SAlex Hornung  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
170d9ba1e1SAlex Hornung  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
180d9ba1e1SAlex Hornung  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
190d9ba1e1SAlex Hornung  * FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE
200d9ba1e1SAlex Hornung  * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
210d9ba1e1SAlex Hornung  * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
220d9ba1e1SAlex Hornung  * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
230d9ba1e1SAlex Hornung  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
240d9ba1e1SAlex Hornung  * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
250d9ba1e1SAlex Hornung  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
260d9ba1e1SAlex Hornung  * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
270d9ba1e1SAlex Hornung  * SUCH DAMAGE.
280d9ba1e1SAlex Hornung  */
2981b79547SAlex Hornung 
300d9ba1e1SAlex Hornung #include <sys/types.h>
310d9ba1e1SAlex Hornung #include <sys/mman.h>
320d9ba1e1SAlex Hornung #include <stdlib.h>
330d9ba1e1SAlex Hornung #include <stdio.h>
340d9ba1e1SAlex Hornung #include <string.h>
350d9ba1e1SAlex Hornung 
360d9ba1e1SAlex Hornung #include "tcplay.h"
370d9ba1e1SAlex Hornung 
380d9ba1e1SAlex Hornung struct safe_mem_hdr {
390d9ba1e1SAlex Hornung 	struct safe_mem_hdr	*prev;
400d9ba1e1SAlex Hornung 	struct safe_mem_hdr	*next;
410d9ba1e1SAlex Hornung 	struct safe_mem_tail	*tail;
420d9ba1e1SAlex Hornung 	const char	*file;
430d9ba1e1SAlex Hornung 	int		line;
440d9ba1e1SAlex Hornung 	size_t		alloc_sz;
450d9ba1e1SAlex Hornung 	char		sig[8]; /* SAFEMEM */
460d9ba1e1SAlex Hornung };
470d9ba1e1SAlex Hornung 
480d9ba1e1SAlex Hornung struct safe_mem_tail {
490d9ba1e1SAlex Hornung 	char sig[8]; /* SAFEMEM */
500d9ba1e1SAlex Hornung };
510d9ba1e1SAlex Hornung 
520d9ba1e1SAlex Hornung static struct safe_mem_hdr *safe_mem_hdr_first = NULL;
530d9ba1e1SAlex Hornung 
540d9ba1e1SAlex Hornung void *
_alloc_safe_mem(size_t req_sz,const char * file,int line)550d9ba1e1SAlex Hornung _alloc_safe_mem(size_t req_sz, const char *file, int line)
560d9ba1e1SAlex Hornung {
570d9ba1e1SAlex Hornung 	struct safe_mem_hdr *hdr, *hdrp;
580d9ba1e1SAlex Hornung 	struct safe_mem_tail *tail;
590d9ba1e1SAlex Hornung 	size_t alloc_sz;
600d9ba1e1SAlex Hornung 	char *mem, *user_mem;
610d9ba1e1SAlex Hornung 
620d9ba1e1SAlex Hornung 	alloc_sz = req_sz + sizeof(*hdr) + sizeof(*tail);
630d9ba1e1SAlex Hornung 	if ((mem = malloc(alloc_sz)) == NULL)
640d9ba1e1SAlex Hornung 		return NULL;
650d9ba1e1SAlex Hornung 
660d9ba1e1SAlex Hornung 	if (mlock(mem, alloc_sz) < 0) {
670d9ba1e1SAlex Hornung 		free(mem);
680d9ba1e1SAlex Hornung 		return NULL;
690d9ba1e1SAlex Hornung 	}
700d9ba1e1SAlex Hornung 
710d9ba1e1SAlex Hornung 	memset(mem, 0, alloc_sz);
720d9ba1e1SAlex Hornung 
730d9ba1e1SAlex Hornung 	hdr = (struct safe_mem_hdr *)mem;
740d9ba1e1SAlex Hornung 	tail = (struct safe_mem_tail *)(mem + alloc_sz - sizeof(*tail));
750d9ba1e1SAlex Hornung 	user_mem = mem + sizeof(*hdr);
760d9ba1e1SAlex Hornung 
770d9ba1e1SAlex Hornung 	strcpy(hdr->sig, "SAFEMEM");
780d9ba1e1SAlex Hornung 	strcpy(tail->sig, "SAFEMEM");
790d9ba1e1SAlex Hornung 	hdr->tail = tail;
800d9ba1e1SAlex Hornung 	hdr->alloc_sz = alloc_sz;
810d9ba1e1SAlex Hornung 	hdr->file = file;
820d9ba1e1SAlex Hornung 	hdr->line = line;
830d9ba1e1SAlex Hornung 	hdr->next = NULL;
840d9ba1e1SAlex Hornung 
850d9ba1e1SAlex Hornung 	if (safe_mem_hdr_first == NULL) {
860d9ba1e1SAlex Hornung 		safe_mem_hdr_first = hdr;
870d9ba1e1SAlex Hornung 	} else {
880d9ba1e1SAlex Hornung 		hdrp = safe_mem_hdr_first;
890d9ba1e1SAlex Hornung 		while (hdrp->next != NULL)
900d9ba1e1SAlex Hornung 			hdrp = hdrp->next;
910d9ba1e1SAlex Hornung 		hdr->prev = hdrp;
920d9ba1e1SAlex Hornung 		hdrp->next = hdr;
930d9ba1e1SAlex Hornung 	}
940d9ba1e1SAlex Hornung 
950d9ba1e1SAlex Hornung 	return user_mem;
960d9ba1e1SAlex Hornung }
970d9ba1e1SAlex Hornung 
980d9ba1e1SAlex Hornung void
_free_safe_mem(void * mem_ptr,const char * file,int line)990d9ba1e1SAlex Hornung _free_safe_mem(void *mem_ptr, const char *file, int line)
1000d9ba1e1SAlex Hornung {
1010d9ba1e1SAlex Hornung 	struct safe_mem_hdr *hdr;
1020d9ba1e1SAlex Hornung 	struct safe_mem_tail *tail;
1030d9ba1e1SAlex Hornung 	size_t alloc_sz;
1040d9ba1e1SAlex Hornung 	char *mem = mem_ptr;
1050d9ba1e1SAlex Hornung 
1060d9ba1e1SAlex Hornung 	mem -= sizeof(*hdr);
1070d9ba1e1SAlex Hornung 	hdr = (struct safe_mem_hdr *)mem;
1080d9ba1e1SAlex Hornung 	tail = (struct safe_mem_tail *)(mem + hdr->alloc_sz - sizeof(*tail));
1090d9ba1e1SAlex Hornung 
1100d9ba1e1SAlex Hornung #ifdef DEBUG
1110d9ba1e1SAlex Hornung 	fprintf(stderr, "freeing safe_mem (hdr): %#lx (%s:%d)\n",
1120d9ba1e1SAlex Hornung 		    (unsigned long)(void *)hdr, hdr->file, hdr->line);
1130d9ba1e1SAlex Hornung #endif
1140d9ba1e1SAlex Hornung 
1150d9ba1e1SAlex Hornung 	if (hdr->alloc_sz == 0) {
1160d9ba1e1SAlex Hornung 		fprintf(stderr, "BUG: double-free at %s:%d !!!\n", file, line);
1170d9ba1e1SAlex Hornung 		return;
1180d9ba1e1SAlex Hornung 	}
1190d9ba1e1SAlex Hornung 
1200d9ba1e1SAlex Hornung 	/* Integrity checks */
1210d9ba1e1SAlex Hornung 	if ((memcmp(hdr->sig, "SAFEMEM\0", 8) != 0) ||
1220d9ba1e1SAlex Hornung 	    (memcmp(tail->sig, "SAFEMEM\0", 8) != 0)) {
1230d9ba1e1SAlex Hornung 		fprintf(stderr, "BUG: safe_mem buffer under- or overflow at "
1240d9ba1e1SAlex Hornung 		    "%s:%d !!!\n", file, line);
1250d9ba1e1SAlex Hornung 		return;
1260d9ba1e1SAlex Hornung 	}
1270d9ba1e1SAlex Hornung 
1280d9ba1e1SAlex Hornung 	if (safe_mem_hdr_first == NULL) {
1290d9ba1e1SAlex Hornung 		fprintf(stderr, "BUG: safe_mem list should not be empty at "
1300d9ba1e1SAlex Hornung 		    "%s:%d !!!\n", file, line);
1310d9ba1e1SAlex Hornung 		return;
1320d9ba1e1SAlex Hornung 	}
1330d9ba1e1SAlex Hornung 
1340d9ba1e1SAlex Hornung 	if (hdr->prev != NULL)
1350d9ba1e1SAlex Hornung 		hdr->prev->next = hdr->next;
1360d9ba1e1SAlex Hornung 	if (hdr->next != NULL)
1370d9ba1e1SAlex Hornung 		hdr->next->prev = hdr->prev;
1380d9ba1e1SAlex Hornung 	if (safe_mem_hdr_first == hdr)
1390d9ba1e1SAlex Hornung 		safe_mem_hdr_first = hdr->next;
1400d9ba1e1SAlex Hornung 
1410d9ba1e1SAlex Hornung 	alloc_sz = hdr->alloc_sz;
1420d9ba1e1SAlex Hornung 	memset(mem, 0xFF, alloc_sz);
1430d9ba1e1SAlex Hornung 	memset(mem, 0, alloc_sz);
1440d9ba1e1SAlex Hornung 
1450d9ba1e1SAlex Hornung 	free(mem);
1460d9ba1e1SAlex Hornung }
1470d9ba1e1SAlex Hornung 
148*c833cfcfSAlex Hornung void *
_strdup_safe_mem(const char * in,const char * file,int line)149*c833cfcfSAlex Hornung _strdup_safe_mem(const char *in, const char *file, int line)
150*c833cfcfSAlex Hornung {
151*c833cfcfSAlex Hornung 	char *out;
152*c833cfcfSAlex Hornung 	size_t sz;
153*c833cfcfSAlex Hornung 
154*c833cfcfSAlex Hornung 	sz = strlen(in)+1;
155*c833cfcfSAlex Hornung 
156*c833cfcfSAlex Hornung 	if ((out = _alloc_safe_mem(sz, file, line)) == NULL) {
157*c833cfcfSAlex Hornung 		return NULL;
158*c833cfcfSAlex Hornung 	}
159*c833cfcfSAlex Hornung 
160*c833cfcfSAlex Hornung 	memcpy(out, in, sz);
161*c833cfcfSAlex Hornung 	out[sz-1] = '\0';
162*c833cfcfSAlex Hornung 
163*c833cfcfSAlex Hornung 	return out;
164*c833cfcfSAlex Hornung }
165*c833cfcfSAlex Hornung 
1660d9ba1e1SAlex Hornung void
check_and_purge_safe_mem(void)1670d9ba1e1SAlex Hornung check_and_purge_safe_mem(void)
1680d9ba1e1SAlex Hornung {
1690d9ba1e1SAlex Hornung 	struct safe_mem_hdr *hdr;
1700d9ba1e1SAlex Hornung 	char *mem;
171495ab2bdSSascha Wildner #ifdef DEBUG
172495ab2bdSSascha Wildner 	int ok;
173495ab2bdSSascha Wildner #endif
1740d9ba1e1SAlex Hornung 
1750d9ba1e1SAlex Hornung 	if (safe_mem_hdr_first == NULL)
1760d9ba1e1SAlex Hornung 		return;
1770d9ba1e1SAlex Hornung 
1780d9ba1e1SAlex Hornung 	hdr = safe_mem_hdr_first;
1790d9ba1e1SAlex Hornung 	while ((hdr = safe_mem_hdr_first) != NULL) {
180495ab2bdSSascha Wildner #ifdef DEBUG
1810d9ba1e1SAlex Hornung 		if ((hdr->alloc_sz > 0) &&
1820d9ba1e1SAlex Hornung 		    (memcmp(hdr->sig, "SAFEMEM\0", 8) == 0) &&
1830d9ba1e1SAlex Hornung 		    (memcmp(hdr->tail->sig, "SAFEMEM\0", 8) == 0))
1840d9ba1e1SAlex Hornung 			ok = 1;
1850d9ba1e1SAlex Hornung 		else
1860d9ba1e1SAlex Hornung 			ok = 0;
1870d9ba1e1SAlex Hornung 
1880d9ba1e1SAlex Hornung 		fprintf(stderr, "un-freed safe_mem: %#lx (%s:%d) [integrity=%s]\n",
1890d9ba1e1SAlex Hornung 		    (unsigned long)(void *)hdr, hdr->file, hdr->line,
1900d9ba1e1SAlex Hornung 		    ok? "ok" : "failed");
1910d9ba1e1SAlex Hornung #endif
1920d9ba1e1SAlex Hornung 		mem = (void *)hdr;
1930d9ba1e1SAlex Hornung 		mem += sizeof(*hdr);
1940d9ba1e1SAlex Hornung 		_free_safe_mem(mem, "check_and_purge_safe_mem", 0);
1950d9ba1e1SAlex Hornung 	}
1960d9ba1e1SAlex Hornung }
197