15e1ed6baSAlex Hornung /*
25e1ed6baSAlex Hornung * Copyright (c) 2011 Alex Hornung <alex@alexhornung.com>.
35e1ed6baSAlex Hornung * All rights reserved.
45e1ed6baSAlex Hornung *
55e1ed6baSAlex Hornung * Redistribution and use in source and binary forms, with or without
65e1ed6baSAlex Hornung * modification, are permitted provided that the following conditions
75e1ed6baSAlex Hornung * are met:
85e1ed6baSAlex Hornung *
95e1ed6baSAlex Hornung * 1. Redistributions of source code must retain the above copyright
105e1ed6baSAlex Hornung * notice, this list of conditions and the following disclaimer.
115e1ed6baSAlex Hornung * 2. Redistributions in binary form must reproduce the above copyright
125e1ed6baSAlex Hornung * notice, this list of conditions and the following disclaimer in
135e1ed6baSAlex Hornung * the documentation and/or other materials provided with the
145e1ed6baSAlex Hornung * distribution.
155e1ed6baSAlex Hornung *
165e1ed6baSAlex Hornung * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
175e1ed6baSAlex Hornung * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
185e1ed6baSAlex Hornung * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
195e1ed6baSAlex Hornung * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
205e1ed6baSAlex Hornung * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
215e1ed6baSAlex Hornung * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
225e1ed6baSAlex Hornung * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
235e1ed6baSAlex Hornung * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
245e1ed6baSAlex Hornung * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
255e1ed6baSAlex Hornung * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
265e1ed6baSAlex Hornung * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
275e1ed6baSAlex Hornung * SUCH DAMAGE.
285e1ed6baSAlex Hornung */
295e1ed6baSAlex Hornung #include <sys/types.h>
305e1ed6baSAlex Hornung #include <sys/mman.h>
315e1ed6baSAlex Hornung #include <stdlib.h>
325e1ed6baSAlex Hornung #include <stdio.h>
335e1ed6baSAlex Hornung #include <string.h>
345e1ed6baSAlex Hornung
355e1ed6baSAlex Hornung #include "safe_mem.h"
365e1ed6baSAlex Hornung
375e1ed6baSAlex Hornung struct safe_mem_hdr {
385e1ed6baSAlex Hornung struct safe_mem_hdr *prev;
395e1ed6baSAlex Hornung struct safe_mem_hdr *next;
405e1ed6baSAlex Hornung struct safe_mem_tail *tail;
415e1ed6baSAlex Hornung const char *file;
425e1ed6baSAlex Hornung int line;
435e1ed6baSAlex Hornung size_t alloc_sz;
445e1ed6baSAlex Hornung char sig[8]; /* SAFEMEM */
455e1ed6baSAlex Hornung };
465e1ed6baSAlex Hornung
475e1ed6baSAlex Hornung struct safe_mem_tail {
485e1ed6baSAlex Hornung char sig[8]; /* SAFEMEM */
495e1ed6baSAlex Hornung };
505e1ed6baSAlex Hornung
515e1ed6baSAlex Hornung static struct safe_mem_hdr *safe_mem_hdr_first = NULL;
525e1ed6baSAlex Hornung
53*d1a5c528SAlex Hornung #pragma weak _alloc_safe_mem
545e1ed6baSAlex Hornung void *
_alloc_safe_mem(size_t req_sz,const char * file,int line)555e1ed6baSAlex Hornung _alloc_safe_mem(size_t req_sz, const char *file, int line)
565e1ed6baSAlex Hornung {
575e1ed6baSAlex Hornung struct safe_mem_hdr *hdr, *hdrp;
585e1ed6baSAlex Hornung struct safe_mem_tail *tail;
595e1ed6baSAlex Hornung size_t alloc_sz;
605e1ed6baSAlex Hornung char *mem, *user_mem;
615e1ed6baSAlex Hornung
625e1ed6baSAlex Hornung alloc_sz = req_sz + sizeof(*hdr) + sizeof(*tail);
635e1ed6baSAlex Hornung if ((mem = malloc(alloc_sz)) == NULL)
645e1ed6baSAlex Hornung return NULL;
655e1ed6baSAlex Hornung
665e1ed6baSAlex Hornung if (mlock(mem, alloc_sz) < 0) {
675e1ed6baSAlex Hornung free(mem);
685e1ed6baSAlex Hornung return NULL;
695e1ed6baSAlex Hornung }
705e1ed6baSAlex Hornung
715e1ed6baSAlex Hornung memset(mem, 0, alloc_sz);
725e1ed6baSAlex Hornung
735e1ed6baSAlex Hornung hdr = (struct safe_mem_hdr *)mem;
745e1ed6baSAlex Hornung tail = (struct safe_mem_tail *)(mem + alloc_sz - sizeof(*tail));
755e1ed6baSAlex Hornung user_mem = mem + sizeof(*hdr);
765e1ed6baSAlex Hornung
775e1ed6baSAlex Hornung strcpy(hdr->sig, "SAFEMEM");
785e1ed6baSAlex Hornung strcpy(tail->sig, "SAFEMEM");
795e1ed6baSAlex Hornung hdr->tail = tail;
805e1ed6baSAlex Hornung hdr->alloc_sz = alloc_sz;
815e1ed6baSAlex Hornung hdr->file = file;
825e1ed6baSAlex Hornung hdr->line = line;
835e1ed6baSAlex Hornung hdr->next = NULL;
845e1ed6baSAlex Hornung
855e1ed6baSAlex Hornung if (safe_mem_hdr_first == NULL) {
865e1ed6baSAlex Hornung safe_mem_hdr_first = hdr;
875e1ed6baSAlex Hornung } else {
885e1ed6baSAlex Hornung hdrp = safe_mem_hdr_first;
895e1ed6baSAlex Hornung while (hdrp->next != NULL)
905e1ed6baSAlex Hornung hdrp = hdrp->next;
915e1ed6baSAlex Hornung hdr->prev = hdrp;
925e1ed6baSAlex Hornung hdrp->next = hdr;
935e1ed6baSAlex Hornung }
945e1ed6baSAlex Hornung
955e1ed6baSAlex Hornung return user_mem;
965e1ed6baSAlex Hornung }
975e1ed6baSAlex Hornung
98*d1a5c528SAlex Hornung #pragma weak _free_safe_mem
995e1ed6baSAlex Hornung void
_free_safe_mem(void * mem_ptr,const char * file,int line)1005e1ed6baSAlex Hornung _free_safe_mem(void *mem_ptr, const char *file, int line)
1015e1ed6baSAlex Hornung {
1025e1ed6baSAlex Hornung struct safe_mem_hdr *hdr;
1035e1ed6baSAlex Hornung struct safe_mem_tail *tail;
1045e1ed6baSAlex Hornung size_t alloc_sz;
1055e1ed6baSAlex Hornung char *mem = mem_ptr;
1065e1ed6baSAlex Hornung
1075e1ed6baSAlex Hornung mem -= sizeof(*hdr);
1085e1ed6baSAlex Hornung hdr = (struct safe_mem_hdr *)mem;
1095e1ed6baSAlex Hornung tail = (struct safe_mem_tail *)(mem + hdr->alloc_sz - sizeof(*tail));
1105e1ed6baSAlex Hornung
1115e1ed6baSAlex Hornung #ifdef DEBUG
1125e1ed6baSAlex Hornung fprintf(stderr, "freeing safe_mem (hdr): %#lx (%s:%d)\n",
1135e1ed6baSAlex Hornung (unsigned long)(void *)hdr, hdr->file, hdr->line);
1145e1ed6baSAlex Hornung #endif
1155e1ed6baSAlex Hornung
1165e1ed6baSAlex Hornung if (hdr->alloc_sz == 0) {
1175e1ed6baSAlex Hornung fprintf(stderr, "BUG: double-free at %s:%d !!!\n", file, line);
1185e1ed6baSAlex Hornung return;
1195e1ed6baSAlex Hornung }
1205e1ed6baSAlex Hornung
1215e1ed6baSAlex Hornung /* Integrity checks */
1225e1ed6baSAlex Hornung if ((memcmp(hdr->sig, "SAFEMEM\0", 8) != 0) ||
1235e1ed6baSAlex Hornung (memcmp(tail->sig, "SAFEMEM\0", 8) != 0)) {
1245e1ed6baSAlex Hornung fprintf(stderr, "BUG: safe_mem buffer under- or overflow at "
1255e1ed6baSAlex Hornung "%s:%d !!!\n", file, line);
1265e1ed6baSAlex Hornung return;
1275e1ed6baSAlex Hornung }
1285e1ed6baSAlex Hornung
1295e1ed6baSAlex Hornung if (safe_mem_hdr_first == NULL) {
1305e1ed6baSAlex Hornung fprintf(stderr, "BUG: safe_mem list should not be empty at "
1315e1ed6baSAlex Hornung "%s:%d !!!\n", file, line);
1325e1ed6baSAlex Hornung return;
1335e1ed6baSAlex Hornung }
1345e1ed6baSAlex Hornung
1355e1ed6baSAlex Hornung if (hdr->prev != NULL)
1365e1ed6baSAlex Hornung hdr->prev->next = hdr->next;
1375e1ed6baSAlex Hornung if (hdr->next != NULL)
1385e1ed6baSAlex Hornung hdr->next->prev = hdr->prev;
1395e1ed6baSAlex Hornung if (safe_mem_hdr_first == hdr)
1405e1ed6baSAlex Hornung safe_mem_hdr_first = hdr->next;
1415e1ed6baSAlex Hornung
1425e1ed6baSAlex Hornung alloc_sz = hdr->alloc_sz;
1435e1ed6baSAlex Hornung memset(mem, 0xFF, alloc_sz);
1445e1ed6baSAlex Hornung memset(mem, 0, alloc_sz);
1455e1ed6baSAlex Hornung
1465e1ed6baSAlex Hornung free(mem);
1475e1ed6baSAlex Hornung }
1485e1ed6baSAlex Hornung
149*d1a5c528SAlex Hornung #pragma weak check_and_purge_safe_mem
1505e1ed6baSAlex Hornung void
check_and_purge_safe_mem(void)1515e1ed6baSAlex Hornung check_and_purge_safe_mem(void)
1525e1ed6baSAlex Hornung {
1535e1ed6baSAlex Hornung struct safe_mem_hdr *hdr;
1545e1ed6baSAlex Hornung char *mem;
15594622976SSascha Wildner #ifdef DEBUG
15694622976SSascha Wildner int ok;
15794622976SSascha Wildner #endif
1585e1ed6baSAlex Hornung
1595e1ed6baSAlex Hornung if (safe_mem_hdr_first == NULL)
1605e1ed6baSAlex Hornung return;
1615e1ed6baSAlex Hornung
1625e1ed6baSAlex Hornung hdr = safe_mem_hdr_first;
1635e1ed6baSAlex Hornung while ((hdr = safe_mem_hdr_first) != NULL) {
16494622976SSascha Wildner #ifdef DEBUG
1655e1ed6baSAlex Hornung if ((hdr->alloc_sz > 0) &&
1665e1ed6baSAlex Hornung (memcmp(hdr->sig, "SAFEMEM\0", 8) == 0) &&
1675e1ed6baSAlex Hornung (memcmp(hdr->tail->sig, "SAFEMEM\0", 8) == 0))
1685e1ed6baSAlex Hornung ok = 1;
1695e1ed6baSAlex Hornung else
1705e1ed6baSAlex Hornung ok = 0;
1715e1ed6baSAlex Hornung
1725e1ed6baSAlex Hornung fprintf(stderr, "un-freed safe_mem: %#lx (%s:%d) [integrity=%s]\n",
1735e1ed6baSAlex Hornung (unsigned long)(void *)hdr, hdr->file, hdr->line,
1745e1ed6baSAlex Hornung ok? "ok" : "failed");
1755e1ed6baSAlex Hornung #endif
1765e1ed6baSAlex Hornung mem = (void *)hdr;
1775e1ed6baSAlex Hornung mem += sizeof(*hdr);
1785e1ed6baSAlex Hornung _free_safe_mem(mem, "check_and_purge_safe_mem", 0);
1795e1ed6baSAlex Hornung }
1805e1ed6baSAlex Hornung }
181