diff options
| author | Werner Koch <wk@gnupg.org> | 2013-12-12 15:13:09 +0100 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2013-12-12 15:28:06 +0100 |
| commit | 3b30e9840d4b351c4de73b126e561154cb7df4cc (patch) | |
| tree | ef3d2d1127165ef5866840d33ccde9d35a2dee33 | |
| parent | cd548ba2dc777b8b27d8d33182ba733c20222120 (diff) | |
| download | libgcrypt-3b30e9840d4b351c4de73b126e561154cb7df4cc.tar.gz | |
Remove macro hacks for internal vs. external functions. Part 2 and last.
* src/visibility.h: Remove remaining define/undef hacks for symbol
visibility. Add macros to detect the use of the public functions.
Change all affected functions by replacing them by the x-macros.
* src/g10lib.h: Add internal prototypes.
(xtrymalloc, xtrycalloc, xtrymalloc_secure, xtrycalloc_secure)
(xtryrealloc, xtrystrdup, xmalloc, xcalloc, xmalloc_secure)
(xcalloc_secure, xrealloc, xstrdup, xfree): New macros.
--
The use of xmalloc/xtrymalloc/xfree is a more common pattern than the
gcry_free etc. functions. Those functions behave like those defined
by C and thus for better readability we use these macros and not
the underscore prefixed functions.
Signed-off-by: Werner Koch <wk@gnupg.org>
37 files changed, 447 insertions, 440 deletions
diff --git a/cipher/cipher-selftest.c b/cipher/cipher-selftest.c index bc8cf98e..bb33d942 100644 --- a/cipher/cipher-selftest.c +++ b/cipher/cipher-selftest.c @@ -69,7 +69,7 @@ _gcry_selftest_helper_cbc (const char *cipher, gcry_cipher_setkey_t setkey_func, memsize = ctx_aligned_size + (blocksize * 2) + (blocksize * nblocks * 3) + 16; - mem = gcry_calloc (1, memsize); + mem = xtrycalloc (1, memsize); if (!mem) return "failed to allocate memory"; @@ -99,7 +99,7 @@ _gcry_selftest_helper_cbc (const char *cipher, gcry_cipher_setkey_t setkey_func, bulk_cbc_dec (ctx, iv2, plaintext2, ciphertext, 1); if (memcmp (plaintext2, plaintext, blocksize)) { - gcry_free (mem); + xfree (mem); #ifdef HAVE_SYSLOG syslog (LOG_USER|LOG_WARNING, "Libgcrypt warning: " "%s-CBC-%d test failed (plaintext mismatch)", cipher, @@ -110,7 +110,7 @@ _gcry_selftest_helper_cbc (const char *cipher, gcry_cipher_setkey_t setkey_func, if (memcmp (iv2, iv, blocksize)) { - gcry_free (mem); + xfree (mem); #ifdef HAVE_SYSLOG syslog (LOG_USER|LOG_WARNING, "Libgcrypt warning: " "%s-CBC-%d test failed (IV mismatch)", cipher, blocksize * 8); @@ -138,7 +138,7 @@ _gcry_selftest_helper_cbc (const char *cipher, gcry_cipher_setkey_t setkey_func, if (memcmp (plaintext2, plaintext, nblocks * blocksize)) { - gcry_free (mem); + xfree (mem); #ifdef HAVE_SYSLOG syslog (LOG_USER|LOG_WARNING, "Libgcrypt warning: " "%s-CBC-%d test failed (plaintext mismatch, parallel path)", @@ -148,7 +148,7 @@ _gcry_selftest_helper_cbc (const char *cipher, gcry_cipher_setkey_t setkey_func, } if (memcmp (iv2, iv, blocksize)) { - gcry_free (mem); + xfree (mem); #ifdef HAVE_SYSLOG syslog (LOG_USER|LOG_WARNING, "Libgcrypt warning: " "%s-CBC-%d test failed (IV mismatch, parallel path)", @@ -157,7 +157,7 @@ _gcry_selftest_helper_cbc (const char *cipher, gcry_cipher_setkey_t setkey_func, return "selftest for CBC failed - see syslog for details"; } - gcry_free (mem); + xfree (mem); return NULL; } @@ -186,7 +186,7 @@ _gcry_selftest_helper_cfb (const char *cipher, gcry_cipher_setkey_t setkey_func, memsize = ctx_aligned_size + (blocksize * 2) + (blocksize * nblocks * 3) + 16; - mem = gcry_calloc (1, memsize); + mem = xtrycalloc (1, memsize); if (!mem) return "failed to allocate memory"; @@ -215,7 +215,7 @@ _gcry_selftest_helper_cfb (const char *cipher, gcry_cipher_setkey_t setkey_func, bulk_cfb_dec (ctx, iv2, plaintext2, ciphertext, 1); if (memcmp(plaintext2, plaintext, blocksize)) { - gcry_free(mem); + xfree(mem); #ifdef HAVE_SYSLOG syslog (LOG_USER|LOG_WARNING, "Libgcrypt warning: " "%s-CFB-%d test failed (plaintext mismatch)", cipher, @@ -226,7 +226,7 @@ _gcry_selftest_helper_cfb (const char *cipher, gcry_cipher_setkey_t setkey_func, if (memcmp(iv2, iv, blocksize)) { - gcry_free(mem); + xfree(mem); #ifdef HAVE_SYSLOG syslog (LOG_USER|LOG_WARNING, "Libgcrypt warning: " "%s-CFB-%d test failed (IV mismatch)", cipher, blocksize * 8); @@ -253,7 +253,7 @@ _gcry_selftest_helper_cfb (const char *cipher, gcry_cipher_setkey_t setkey_func, if (memcmp(plaintext2, plaintext, nblocks * blocksize)) { - gcry_free(mem); + xfree(mem); #ifdef HAVE_SYSLOG syslog (LOG_USER|LOG_WARNING, "Libgcrypt warning: " "%s-CFB-%d test failed (plaintext mismatch, parallel path)", @@ -263,7 +263,7 @@ _gcry_selftest_helper_cfb (const char *cipher, gcry_cipher_setkey_t setkey_func, } if (memcmp(iv2, iv, blocksize)) { - gcry_free(mem); + xfree(mem); #ifdef HAVE_SYSLOG syslog (LOG_USER|LOG_WARNING, "Libgcrypt warning: " "%s-CFB-%d test failed (IV mismatch, parallel path)", cipher, @@ -272,7 +272,7 @@ _gcry_selftest_helper_cfb (const char *cipher, gcry_cipher_setkey_t setkey_func, return "selftest for CFB failed - see syslog for details"; } - gcry_free(mem); + xfree(mem); return NULL; } @@ -302,7 +302,7 @@ _gcry_selftest_helper_ctr (const char *cipher, gcry_cipher_setkey_t setkey_func, memsize = ctx_aligned_size + (blocksize * 2) + (blocksize * nblocks * 4) + 16; - mem = gcry_calloc (1, memsize); + mem = xtrycalloc (1, memsize); if (!mem) return "failed to allocate memory"; @@ -339,7 +339,7 @@ _gcry_selftest_helper_ctr (const char *cipher, gcry_cipher_setkey_t setkey_func, if (memcmp (plaintext2, plaintext, blocksize)) { - gcry_free (mem); + xfree (mem); #ifdef HAVE_SYSLOG syslog (LOG_USER|LOG_WARNING, "Libgcrypt warning: " "%s-CTR-%d test failed (plaintext mismatch)", cipher, @@ -350,7 +350,7 @@ _gcry_selftest_helper_ctr (const char *cipher, gcry_cipher_setkey_t setkey_func, if (memcmp (iv2, iv, blocksize)) { - gcry_free (mem); + xfree (mem); #ifdef HAVE_SYSLOG syslog (LOG_USER|LOG_WARNING, "Libgcrypt warning: " "%s-CTR-%d test failed (IV mismatch)", cipher, @@ -392,7 +392,7 @@ _gcry_selftest_helper_ctr (const char *cipher, gcry_cipher_setkey_t setkey_func, if (memcmp (ciphertext2, ciphertext, blocksize * nblocks)) { - gcry_free (mem); + xfree (mem); #ifdef HAVE_SYSLOG syslog (LOG_USER|LOG_WARNING, "Libgcrypt warning: " "%s-CTR-%d test failed (ciphertext mismatch, bulk)", cipher, @@ -402,7 +402,7 @@ _gcry_selftest_helper_ctr (const char *cipher, gcry_cipher_setkey_t setkey_func, } if (memcmp(iv2, iv, blocksize)) { - gcry_free (mem); + xfree (mem); #ifdef HAVE_SYSLOG syslog (LOG_USER|LOG_WARNING, "Libgcrypt warning: " "%s-CTR-%d test failed (IV mismatch, bulk)", cipher, @@ -445,7 +445,7 @@ _gcry_selftest_helper_ctr (const char *cipher, gcry_cipher_setkey_t setkey_func, if (memcmp (plaintext2, plaintext, blocksize * nblocks)) { - gcry_free (mem); + xfree (mem); #ifdef HAVE_SYSLOG syslog (LOG_USER|LOG_WARNING, "Libgcrypt warning: " "%s-CTR-%d test failed (plaintext mismatch, diff: %d)", cipher, @@ -455,7 +455,7 @@ _gcry_selftest_helper_ctr (const char *cipher, gcry_cipher_setkey_t setkey_func, } if (memcmp(iv2, iv, blocksize)) { - gcry_free (mem); + xfree (mem); #ifdef HAVE_SYSLOG syslog (LOG_USER|LOG_WARNING, "Libgcrypt warning: " "%s-CTR-%d test failed (IV mismatch, diff: %d)", cipher, @@ -465,6 +465,6 @@ _gcry_selftest_helper_ctr (const char *cipher, gcry_cipher_setkey_t setkey_func, } } - gcry_free (mem); + xfree (mem); return NULL; } diff --git a/cipher/cipher.c b/cipher/cipher.c index f7f5a46b..8b47abc6 100644 --- a/cipher/cipher.c +++ b/cipher/cipher.c @@ -445,9 +445,9 @@ _gcry_cipher_open_internal (gcry_cipher_hd_t *handle, ); if (secure) - h = gcry_calloc_secure (1, size); + h = xtrycalloc_secure (1, size); else - h = gcry_calloc (1, size); + h = xtrycalloc (1, size); if (! h) err = gpg_err_code_from_syserror (); @@ -568,7 +568,7 @@ _gcry_cipher_close (gcry_cipher_hd_t h) off = h->handle_offset; wipememory (h, h->actual_handle_size); - gcry_free ((char*)h - off); + xfree ((char*)h - off); } diff --git a/cipher/dsa-common.c b/cipher/dsa-common.c index da29dd32..d251eae8 100644 --- a/cipher/dsa-common.c +++ b/cipher/dsa-common.c @@ -53,7 +53,7 @@ _gcry_dsa_gen_k (gcry_mpi_t q, int security_level) { if ( !rndbuf || nbits < 32 ) { - gcry_free (rndbuf); + xfree (rndbuf); rndbuf = _gcry_random_bytes_secure (nbytes, security_level); } else @@ -64,7 +64,7 @@ _gcry_dsa_gen_k (gcry_mpi_t q, int security_level) thus we better use this simple method. */ char *pp = _gcry_random_bytes_secure (4, security_level); memcpy (rndbuf, pp, 4); - gcry_free (pp); + xfree (pp); } _gcry_mpi_set_buffer (k, rndbuf, nbytes, 0); @@ -95,7 +95,7 @@ _gcry_dsa_gen_k (gcry_mpi_t q, int security_level) } break; /* okay */ } - gcry_free (rndbuf); + xfree (rndbuf); return k; } @@ -120,7 +120,7 @@ int2octets (unsigned char **r_frame, gcry_mpi_t value, size_t nbytes) noff = (nframe < nbytes)? nbytes - nframe : 0; n = nframe + noff; - frame = mpi_is_secure (value)? gcry_malloc_secure (n) : gcry_malloc (n); + frame = mpi_is_secure (value)? xtrymalloc_secure (n) : xtrymalloc (n); if (!frame) return gpg_err_code_from_syserror (); if (noff) @@ -129,7 +129,7 @@ int2octets (unsigned char **r_frame, gcry_mpi_t value, size_t nbytes) rc = _gcry_mpi_print (GCRYMPI_FMT_USG, frame+noff, nframe-noff, NULL, value); if (rc) { - gcry_free (frame); + xfree (frame); return rc; } @@ -200,7 +200,7 @@ _gcry_dsa_gen_rfc6979_k (gcry_mpi_t *r_k, return GPG_ERR_DIGEST_ALGO; /* Step b: V = 0x01 0x01 0x01 ... 0x01 */ - V = gcry_malloc (hlen); + V = xtrymalloc (hlen); if (!V) { rc = gpg_err_code_from_syserror (); @@ -210,7 +210,7 @@ _gcry_dsa_gen_rfc6979_k (gcry_mpi_t *r_k, V[i] = 1; /* Step c: K = 0x00 0x00 0x00 ... 0x00 */ - K = gcry_calloc (1, hlen); + K = xtrycalloc (1, hlen); if (!K) { rc = gpg_err_code_from_syserror (); @@ -265,7 +265,7 @@ _gcry_dsa_gen_rfc6979_k (gcry_mpi_t *r_k, memcpy (V, _gcry_md_read (hd, 0), hlen); /* Step h. */ - t = gcry_malloc ((qbits+7)/8+hlen); + t = xtrymalloc ((qbits+7)/8+hlen); if (!t) { rc = gpg_err_code_from_syserror (); @@ -346,12 +346,12 @@ _gcry_dsa_gen_rfc6979_k (gcry_mpi_t *r_k, /* log_mpidump (" k", k); */ leave: - gcry_free (t); + xfree (t); _gcry_md_close (hd); - gcry_free (h1_buf); - gcry_free (x_buf); - gcry_free (K); - gcry_free (V); + xfree (h1_buf); + xfree (x_buf); + xfree (K); + xfree (V); if (rc) mpi_free (k); diff --git a/cipher/dsa.c b/cipher/dsa.c index d5ff5ba7..5d29ba42 100644 --- a/cipher/dsa.c +++ b/cipher/dsa.c @@ -296,14 +296,14 @@ generate (DSA_secret_key *sk, unsigned int nbits, unsigned int qbits, { /* Change only some of the higher bits (= 2 bytes)*/ char *r = _gcry_random_bytes_secure (2, random_level); memcpy(rndbuf, r, 2 ); - gcry_free(r); + xfree(r); } _gcry_mpi_set_buffer( x, rndbuf, (qbits+7)/8, 0 ); mpi_clear_highbit( x, qbits+1 ); } while ( !( mpi_cmp_ui( x, 0 )>0 && mpi_cmp( x, h )<0 ) ); - gcry_free(rndbuf); + xfree(rndbuf); mpi_free( e ); mpi_free( h ); @@ -518,7 +518,7 @@ generate_fips186 (DSA_secret_key *sk, unsigned int nbits, unsigned int qbits, if (ec) { *r_counter = 0; - gcry_free (*r_seed); *r_seed = NULL; + xfree (*r_seed); *r_seed = NULL; *r_seedlen = 0; _gcry_mpi_release (*r_h); *r_h = NULL; } @@ -846,7 +846,7 @@ dsa_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey) rc = sexp_build (&seedinfo, NULL, "(seed-values(counter %d)(seed %b)(h %m))", counter, (int)seedlen, seed, h_value); - gcry_free (seed); + xfree (seed); _gcry_mpi_release (h_value); } } @@ -871,7 +871,7 @@ dsa_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey) /* Allocate space for the format string: "(misc-key-info%S(pm1-factors%m))" with one "%m" for each factor and construct it. */ - format = gcry_malloc (50 + 2*nfactors); + format = xtrymalloc (50 + 2*nfactors); if (!format) rc = gpg_err_code_from_syserror (); else @@ -891,7 +891,7 @@ dsa_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey) /* Allocate space for the list of factors plus one for the seedinfo s-exp plus an extra NULL entry for safety and fill it with the factors. */ - arg_list = gcry_calloc (nfactors+1+1, sizeof *arg_list); + arg_list = xtrycalloc (nfactors+1+1, sizeof *arg_list); if (!arg_list) rc = gpg_err_code_from_syserror (); else @@ -907,8 +907,8 @@ dsa_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey) } } - gcry_free (arg_list); - gcry_free (format); + xfree (arg_list); + xfree (format); } if (!rc) @@ -942,7 +942,7 @@ dsa_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey) gcry_mpi_t *mp; for (mp = factors; *mp; mp++) mpi_free (*mp); - gcry_free (factors); + xfree (factors); } return rc; } diff --git a/cipher/ecc-curves.c b/cipher/ecc-curves.c index 85ebdd3f..ed629fcb 100644 --- a/cipher/ecc-curves.c +++ b/cipher/ecc-curves.c @@ -468,13 +468,13 @@ _gcry_ecc_update_curve_param (const char *name, len += strlen (domain_parms[idx].g_x+2); len += strlen (domain_parms[idx].g_y+2); len++; - buf = gcry_malloc (len); + buf = xtrymalloc (len); if (!buf) return gpg_err_code_from_syserror (); strcpy (stpcpy (stpcpy (buf, "0x04"), domain_parms[idx].g_x+2), domain_parms[idx].g_y+2); *g = scanval (buf); - gcry_free (buf); + xfree (buf); } if (model) *model = domain_parms[idx].model; @@ -545,7 +545,7 @@ _gcry_ecc_get_curve (gcry_sexp_t keyparms, int iterator, unsigned int *r_nbits) goto leave; /* Name missing or out of core. */ idx = find_domain_parms_idx (name); - gcry_free (name); + xfree (name); if (idx >= 0) /* Curve found. */ { result = domain_parms[idx].desc; @@ -674,14 +674,14 @@ point_from_keyparam (gcry_mpi_point_t *r_a, gcry_mpi_t y = NULL; gcry_mpi_t z = NULL; - tmpname = gcry_malloc (strlen (name) + 2 + 1); + tmpname = xtrymalloc (strlen (name) + 2 + 1); if (!tmpname) return gpg_err_code_from_syserror (); strcpy (stpcpy (tmpname, name), ".x"); rc = mpi_from_keyparam (&x, keyparam, tmpname); if (rc) { - gcry_free (tmpname); + xfree (tmpname); return rc; } strcpy (stpcpy (tmpname, name), ".y"); @@ -689,7 +689,7 @@ point_from_keyparam (gcry_mpi_point_t *r_a, if (rc) { mpi_free (x); - gcry_free (tmpname); + xfree (tmpname); return rc; } strcpy (stpcpy (tmpname, name), ".z"); @@ -698,7 +698,7 @@ point_from_keyparam (gcry_mpi_point_t *r_a, { mpi_free (y); mpi_free (x); - gcry_free (tmpname); + xfree (tmpname); return rc; } if (!z) @@ -712,7 +712,7 @@ point_from_keyparam (gcry_mpi_point_t *r_a, mpi_free (z); point = NULL; } - gcry_free (tmpname); + xfree (tmpname); } if (point) @@ -810,19 +810,19 @@ _gcry_mpi_ec_new (gcry_ctx_t *r_ctx, else name = NULL; - E = gcry_calloc (1, sizeof *E); + E = xtrycalloc (1, sizeof *E); if (!E) { errc = gpg_err_code_from_syserror (); - gcry_free (name); + xfree (name); goto leave; } errc = _gcry_ecc_fill_in_curve (0, name? name : curvename, E, NULL); - gcry_free (name); + xfree (name); if (errc) { - gcry_free (E); + xfree (E); goto leave; } @@ -857,7 +857,7 @@ _gcry_mpi_ec_new (gcry_ctx_t *r_ctx, E->n = NULL; } _gcry_ecc_curve_free (E); - gcry_free (E); + xfree (E); } diff --git a/cipher/ecc-eddsa.c b/cipher/ecc-eddsa.c index 17c1f731..d08a84fc 100644 --- a/cipher/ecc-eddsa.c +++ b/cipher/ecc-eddsa.c @@ -324,7 +324,7 @@ _gcry_ecc_eddsa_decodepoint (gcry_mpi_t pk, mpi_ec_t ctx, mpi_point_t result, } /* EdDSA compressed point. */ - rawmpi = gcry_malloc (rawmpilen? rawmpilen:1); + rawmpi = xtrymalloc (rawmpilen? rawmpilen:1); if (!rawmpi) return gpg_err_code_from_syserror (); memcpy (rawmpi, buf, rawmpilen); @@ -359,7 +359,7 @@ _gcry_ecc_eddsa_decodepoint (gcry_mpi_t pk, mpi_ec_t ctx, mpi_point_t result, *r_encpklen = rawmpilen; } else - gcry_free (rawmpi); + xfree (rawmpi); rc = _gcry_ecc_eddsa_recover_x (result->x, result->y, sign, ctx); mpi_set_ui (result->z, 1); @@ -396,7 +396,7 @@ _gcry_ecc_eddsa_compute_h_d (unsigned char **r_digest, /* Note that we clear DIGEST so we can use it as input to left pad the key with zeroes for hashing. */ - digest = gcry_calloc_secure (2, b); + digest = xtrycalloc_secure (2, b); if (!digest) return gpg_err_code_from_syserror (); @@ -405,7 +405,7 @@ _gcry_ecc_eddsa_compute_h_d (unsigned char **r_digest, rawmpi = _gcry_mpi_get_buffer (d, 0, &rawmpilen, NULL); if (!rawmpi) { - gcry_free (digest); + xfree (digest); return gpg_err_code_from_syserror (); } @@ -416,10 +416,10 @@ _gcry_ecc_eddsa_compute_h_d (unsigned char **r_digest, hvec[1].off = 0; hvec[1].len = rawmpilen; rc = _gcry_md_hash_buffers (hashalgo, 0, digest, hvec, 2); - gcry_free (rawmpi); + xfree (rawmpi); if (rc) { - gcry_free (digest); + xfree (digest); return rc; } @@ -455,7 +455,7 @@ _gcry_ecc_eddsa_genkey (ECC_secret_key *sk, elliptic_curve_t *E, mpi_ec_t ctx, y = mpi_new (0); /* Generate a secret. */ - hash_d = gcry_malloc_secure (2*b); + hash_d = xtrymalloc_secure (2*b); if (!hash_d) { rc = gpg_error_from_syserror (); @@ -476,7 +476,7 @@ _gcry_ecc_eddsa_genkey (ECC_secret_key *sk, elliptic_curve_t *E, mpi_ec_t ctx, hash_d[0] = (hash_d[0] & 0x7f) | 0x40; hash_d[31] &= 0xf8; _gcry_mpi_set_buffer (a, hash_d, 32, 0); - gcry_free (hash_d); hash_d = NULL; + xfree (hash_d); hash_d = NULL; /* log_printmpi ("ecgen a", a); */ /* Compute Q. */ @@ -501,7 +501,7 @@ _gcry_ecc_eddsa_genkey (ECC_secret_key *sk, elliptic_curve_t *E, mpi_ec_t ctx, _gcry_mpi_release (a); _gcry_mpi_release (x); _gcry_mpi_release (y); - gcry_free (hash_d); + xfree (hash_d); return rc; } @@ -657,12 +657,12 @@ _gcry_ecc_eddsa_sign (gcry_mpi_t input, ECC_secret_key *skey, _gcry_mpi_release (x); _gcry_mpi_release (y); _gcry_mpi_release (r); - gcry_free (digest); + xfree (digest); _gcry_mpi_ec_free (ctx); point_free (&I); point_free (&Q); - gcry_free (encpk); - gcry_free (rawmpi); + xfree (encpk); + xfree (rawmpi); return rc; } @@ -772,7 +772,7 @@ _gcry_ecc_eddsa_verify (gcry_mpi_t input, ECC_public_key *pkey, if (DBG_CIPHER) log_printhex (" s", sbuf, slen); _gcry_mpi_set_buffer (s, sbuf, slen, 0); - gcry_free (sbuf); + xfree (sbuf); if (slen != b) { rc = GPG_ERR_INV_LENGTH; @@ -796,8 +796,8 @@ _gcry_ecc_eddsa_verify (gcry_mpi_t input, ECC_public_key *pkey, rc = 0; leave: - gcry_free (encpk); - gcry_free (tbuf); + xfree (encpk); + xfree (tbuf); _gcry_mpi_ec_free (ctx); _gcry_mpi_release (s); _gcry_mpi_release (h); diff --git a/cipher/ecc-misc.c b/cipher/ecc-misc.c index ae3e4f04..7b750c01 100644 --- a/cipher/ecc-misc.c +++ b/cipher/ecc-misc.c @@ -110,7 +110,7 @@ _gcry_ecc_ec2os (gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t p) unsigned char *buf, *ptr; gcry_mpi_t result; - buf = gcry_xmalloc ( 1 + 2*pbytes ); + buf = xmalloc ( 1 + 2*pbytes ); *buf = 04; /* Uncompressed point. */ ptr = buf+1; rc = _gcry_mpi_print (GCRYMPI_FMT_USG, ptr, pbytes, &n, x); @@ -134,7 +134,7 @@ _gcry_ecc_ec2os (gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t p) rc = _gcry_mpi_scan (&result, GCRYMPI_FMT_USG, buf, 1+2*pbytes, NULL); if (rc) log_fatal ("mpi_scan failed: %s\n", gpg_strerror (rc)); - gcry_free (buf); + xfree (buf); return result; } @@ -185,11 +185,11 @@ _gcry_ecc_os2ec (mpi_point_t result, gcry_mpi_t value) else { n = (mpi_get_nbits (value)+7)/8; - buf_memory= gcry_xmalloc (n); + buf_memory = xmalloc (n); rc = _gcry_mpi_print (GCRYMPI_FMT_USG, buf_memory, n, &n, value); if (rc) { - gcry_free (buf_memory); + xfree (buf_memory); return rc; } buf = buf_memory; @@ -197,28 +197,28 @@ _gcry_ecc_os2ec (mpi_point_t result, gcry_mpi_t value) if (n < 1) { - gcry_free (buf_memory); + xfree (buf_memory); return GPG_ERR_INV_OBJ; } if (*buf != 4) { - gcry_free (buf_memory); + xfree (buf_memory); return GPG_ERR_NOT_IMPLEMENTED; /* No support for point compression. */ } if ( ((n-1)%2) ) { - gcry_free (buf_memory); + xfree (buf_memory); return GPG_ERR_INV_OBJ; } n = (n-1)/2; rc = _gcry_mpi_scan (&x, GCRYMPI_FMT_USG, buf+1, n, NULL); if (rc) { - gcry_free (buf_memory); + xfree (buf_memory); return rc; } rc = _gcry_mpi_scan (&y, GCRYMPI_FMT_USG, buf+1+n, n, NULL); - gcry_free (buf_memory); + xfree (buf_memory); if (rc) { mpi_free (x); @@ -266,7 +266,7 @@ _gcry_ecc_compute_public (mpi_point_t Q, mpi_ec_t ec, a = mpi_snew (0); _gcry_mpi_set_buffer (a, digest, 32, 0); - gcry_free (digest); + xfree (digest); /* And finally the public key. */ if (!Q) diff --git a/cipher/ecc.c b/cipher/ecc.c index e3c49cee..06bfb476 100644 --- a/cipher/ecc.c +++ b/cipher/ecc.c @@ -127,7 +127,7 @@ nist_generate_key (ECC_secret_key *sk, elliptic_curve_t *E, mpi_ec_t ctx, rndbuf[0] |= 0x40; /* Set bit 254. */ rndbuf[31] &= 0xf8; /* Clear bits 2..0 so that d mod 8 == 0 */ _gcry_mpi_set_buffer (sk->d, rndbuf, 32, 0); - gcry_free (rndbuf); + xfree (rndbuf); } else sk->d = _gcry_dsa_gen_k (E->n, random_level); @@ -444,7 +444,7 @@ ecc_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey) return GPG_ERR_NO_OBJ; /* No NBITS parameter. */ rc = _gcry_ecc_fill_in_curve (nbits, curve_name, &E, &nbits); - gcry_free (curve_name); curve_name = NULL; + xfree (curve_name); curve_name = NULL; if (rc) goto leave; @@ -705,7 +705,7 @@ ecc_check_secret_key (gcry_sexp_t keyparms) _gcry_mpi_release (mpi_q); point_free (&sk.Q); _gcry_mpi_release (sk.d); - gcry_free (curvename); + xfree (curvename); sexp_release (l1); if (DBG_CIPHER) log_debug ("ecc_testkey => %s\n", gpg_strerror (rc)); @@ -844,7 +844,7 @@ ecc_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms) _gcry_mpi_release (sk.d); _gcry_mpi_release (sig_r); _gcry_mpi_release (sig_s); - gcry_free (curvename); + xfree (curvename); _gcry_mpi_release (data); sexp_release (l1); _gcry_pk_util_free_encoding_ctx (&ctx); @@ -1042,7 +1042,7 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms) _gcry_mpi_release (data); _gcry_mpi_release (sig_r); _gcry_mpi_release (sig_s); - gcry_free (curvename); + xfree (curvename); sexp_release (l1); _gcry_pk_util_free_encoding_ctx (&ctx); if (DBG_CIPHER) @@ -1225,7 +1225,7 @@ ecc_encrypt_raw (gcry_sexp_t *r_ciph, gcry_sexp_t s_data, gcry_sexp_t keyparms) _gcry_mpi_release (data); _gcry_mpi_release (mpi_s); _gcry_mpi_release (mpi_e); - gcry_free (curvename); + xfree (curvename); _gcry_mpi_ec_free (ec); _gcry_pk_util_free_encoding_ctx (&ctx); if (DBG_CIPHER) @@ -1388,7 +1388,7 @@ ecc_decrypt_raw (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms) _gcry_mpi_release (sk.E.n); _gcry_mpi_release (sk.d); _gcry_mpi_release (data_e); - _gcry_free (curvename); + xfree (curvename); sexp_release (l1); _gcry_mpi_ec_free (ec); _gcry_pk_util_free_encoding_ctx (&ctx); @@ -1435,7 +1435,7 @@ ecc_get_nbits (gcry_sexp_t parms) if (_gcry_ecc_fill_in_curve (0, curve, NULL, &nbits)) nbits = 0; - gcry_free (curve); + xfree (curve); } else { @@ -1595,12 +1595,12 @@ compute_keygrip (gcry_md_hd_t md, gcry_sexp_t keyparms) _gcry_md_write (md, buf, strlen (buf)); _gcry_md_write (md, rawmpi, rawmpilen); _gcry_md_write (md, ")", 1); - gcry_free (rawmpi); + xfree (rawmpi); } } leave: - gcry_free (curvename); + xfree (curvename); sexp_release (l1); for (idx = 0; idx < N_COMPONENTS; idx++) _gcry_mpi_release (values[idx]); diff --git a/cipher/elgamal.c b/cipher/elgamal.c index beef8e4e..3645e7d5 100644 --- a/cipher/elgamal.c +++ b/cipher/elgamal.c @@ -216,7 +216,7 @@ gen_k( gcry_mpi_t p, int small_k ) { if( !rndbuf || nbits < 32 ) { - gcry_free(rndbuf); + xfree(rndbuf); rndbuf = _gcry_random_bytes_secure( nbytes, GCRY_STRONG_RANDOM ); } else @@ -228,7 +228,7 @@ gen_k( gcry_mpi_t p, int small_k ) highly inlikely that we will ever reach this code. */ char *pp = _gcry_random_bytes_secure( 4, GCRY_STRONG_RANDOM ); memcpy( rndbuf, pp, 4 ); - gcry_free(pp); + xfree(pp); } _gcry_mpi_set_buffer( k, rndbuf, nbytes, 0 ); @@ -254,7 +254,7 @@ gen_k( gcry_mpi_t p, int small_k ) } } found: - gcry_free(rndbuf); + xfree (rndbuf); if( DBG_CIPHER ) progress('\n'); mpi_free(p_1); @@ -315,7 +315,7 @@ generate ( ELG_secret_key *sk, unsigned int nbits, gcry_mpi_t **ret_factors ) { /* Change only some of the higher bits */ if( xbits < 16 ) /* should never happen ... */ { - gcry_free(rndbuf); + xfree(rndbuf); rndbuf = _gcry_random_bytes_secure ((xbits+7)/8, GCRY_VERY_STRONG_RANDOM); } @@ -323,7 +323,7 @@ generate ( ELG_secret_key *sk, unsigned int nbits, gcry_mpi_t **ret_factors ) { char *r = _gcry_random_bytes_secure (2, GCRY_VERY_STRONG_RANDOM); memcpy(rndbuf, r, 2 ); - gcry_free(r); + xfree (r); } } else @@ -335,7 +335,7 @@ generate ( ELG_secret_key *sk, unsigned int nbits, gcry_mpi_t **ret_factors ) mpi_clear_highbit( x, xbits+1 ); } while( !( mpi_cmp_ui( x, 0 )>0 && mpi_cmp( x, p_min1 )<0 ) ); - gcry_free(rndbuf); + xfree(rndbuf); y = mpi_new (nbits); mpi_powm( y, g, x, p ); @@ -673,17 +673,17 @@ elg_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey) for (nfac = 0; factors[nfac]; nfac++) ; - arg_list = gcry_calloc (nfac+1, sizeof *arg_list); + arg_list = xtrycalloc (nfac+1, sizeof *arg_list); if (!arg_list) { rc = gpg_err_code_from_syserror (); goto leave; } - buffer = gcry_malloc (30 + nfac*2 + 2 + 1); + buffer = xtrymalloc (30 + nfac*2 + 2 + 1); if (!buffer) { rc = gpg_err_code_from_syserror (); - gcry_free (arg_list); + xfree (arg_list); goto leave; } p = stpcpy (buffer, "(misc-key-info(pm1-factors"); @@ -694,8 +694,8 @@ elg_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey) } p = stpcpy (p, "))"); rc = sexp_build_array (&misc_info, NULL, buffer, arg_list); - gcry_free (arg_list); - gcry_free (buffer); + xfree (arg_list); + xfree (buffer); if (rc) goto leave; } @@ -722,7 +722,7 @@ elg_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey) gcry_mpi_t *mp; for (mp = factors; *mp; mp++) mpi_free (*mp); - gcry_free (factors); + xfree (factors); } return rc; @@ -897,7 +897,7 @@ elg_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms) leave: - gcry_free (unpad); + xfree (unpad); _gcry_mpi_release (plain); _gcry_mpi_release (sk.p); _gcry_mpi_release (sk.g); diff --git a/cipher/kdf.c b/cipher/kdf.c index 542752ec..503f0683 100644 --- a/cipher/kdf.c +++ b/cipher/kdf.c @@ -53,7 +53,7 @@ openpgp_s2k (const void *passphrase, size_t passphraselen, && (!salt || saltlen != 8)) return GPG_ERR_INV_VALUE; - secmode = gcry_is_secure (passphrase) || gcry_is_secure (keybuffer); + secmode = _gcry_is_secure (passphrase) || _gcry_is_secure (keybuffer); ec = _gcry_md_open (&md, hashalgo, secmode? GCRY_MD_FLAG_SECURE : 0); if (ec) @@ -149,7 +149,7 @@ _gcry_kdf_pkdf2 (const void *passphrase, size_t passphraselen, if (!hlen) return GPG_ERR_DIGEST_ALGO; - secmode = gcry_is_secure (passphrase) || gcry_is_secure (keybuffer); + secmode = _gcry_is_secure (passphrase) || _gcry_is_secure (keybuffer); /* We ignore step 1 from pksc5v2.1 which demands a check that dklen is not larger that 0xffffffff * hlen. */ @@ -160,8 +160,8 @@ _gcry_kdf_pkdf2 (const void *passphrase, size_t passphraselen, /* Setup buffers and prepare a hash context. */ sbuf = (secmode - ? gcry_malloc_secure (saltlen + 4 + hlen + hlen) - : gcry_malloc (saltlen + 4 + hlen + hlen)); + ? xtrymalloc_secure (saltlen + 4 + hlen + hlen) + : xtrymalloc (saltlen + 4 + hlen + hlen)); if (!sbuf) return gpg_err_code_from_syserror (); tbuf = sbuf + saltlen + 4; @@ -171,7 +171,7 @@ _gcry_kdf_pkdf2 (const void *passphrase, size_t passphraselen, | (secmode?GCRY_MD_FLAG_SECURE:0))); if (ec) { - gcry_free (sbuf); + xfree (sbuf); return ec; } @@ -185,7 +185,7 @@ _gcry_kdf_pkdf2 (const void *passphrase, size_t passphraselen, if (ec) { _gcry_md_close (md); - gcry_free (sbuf); + xfree (sbuf); return ec; } if (!iter) /* Compute U_1: */ @@ -216,7 +216,7 @@ _gcry_kdf_pkdf2 (const void *passphrase, size_t passphraselen, } _gcry_md_close (md); - gcry_free (sbuf); + xfree (sbuf); return 0; } diff --git a/cipher/mac.c b/cipher/mac.c index 71d59538..fa36c7d6 100644 --- a/cipher/mac.c +++ b/cipher/mac.c @@ -207,9 +207,9 @@ mac_open (gcry_mac_hd_t * hd, int algo, int secure, gcry_ctx_t ctx) return GPG_ERR_MAC_ALGO; if (secure) - h = gcry_calloc_secure (1, sizeof (*h)); + h = xtrycalloc_secure (1, sizeof (*h)); else - h = gcry_calloc (1, sizeof (*h)); + h = xtrycalloc (1, sizeof (*h)); if (!h) return gpg_err_code_from_syserror (); @@ -221,7 +221,7 @@ mac_open (gcry_mac_hd_t * hd, int algo, int secure, gcry_ctx_t ctx) err = h->spec->ops->open (h); if (err) - gcry_free (h); + xfree (h); else *hd = h; @@ -247,7 +247,7 @@ mac_close (gcry_mac_hd_t hd) wipememory (hd, sizeof (*hd)); - gcry_free (hd); + xfree (hd); } diff --git a/cipher/md.c b/cipher/md.c index 4be86277..d9c1ad4a 100644 --- a/cipher/md.c +++ b/cipher/md.c @@ -298,9 +298,9 @@ md_open (gcry_md_hd_t *h, int algo, int secure, int hmac) /* Allocate and set the Context pointer to the private data */ if (secure) - hd = gcry_malloc_secure (n + sizeof (struct gcry_md_context)); + hd = xtrymalloc_secure (n + sizeof (struct gcry_md_context)); else - hd = gcry_malloc (n + sizeof (struct gcry_md_context)); + hd = xtrymalloc (n + sizeof (struct gcry_md_context)); if (! hd) err = gpg_err_code_from_errno (errno); @@ -333,7 +333,7 @@ md_open (gcry_md_hd_t *h, int algo, int secure, int hmac) ctx->macpads_Bsize = 64; break; } - ctx->macpads = gcry_malloc_secure (2*(ctx->macpads_Bsize)); + ctx->macpads = xtrymalloc_secure (2*(ctx->macpads_Bsize)); if (!ctx->macpads) { err = gpg_err_code_from_errno (errno); @@ -425,9 +425,9 @@ md_enable (gcry_md_hd_t hd, int algorithm) /* And allocate a new list entry. */ if (h->secure) - entry = gcry_malloc_secure (size); + entry = xtrymalloc_secure (size); else - entry = gcry_malloc (size); + entry = xtrymalloc (size); if (! entry) err = gpg_err_code_from_errno (errno); @@ -469,9 +469,9 @@ md_copy (gcry_md_hd_t ahd, gcry_md_hd_t *b_hd) n = (char *) ahd->ctx - (char *) ahd; if (a->secure) - bhd = gcry_malloc_secure (n + sizeof (struct gcry_md_context)); + bhd = xtrymalloc_secure (n + sizeof (struct gcry_md_context)); else - bhd = gcry_malloc (n + sizeof (struct gcry_md_context)); + bhd = xtrymalloc (n + sizeof (struct gcry_md_context)); if (! bhd) err = gpg_err_code_from_errno (errno); @@ -489,7 +489,7 @@ md_copy (gcry_md_hd_t ahd, gcry_md_hd_t *b_hd) b->debug = NULL; if (a->macpads) { - b->macpads = gcry_malloc_secure (2*(a->macpads_Bsize)); + b->macpads = xtrymalloc_secure (2*(a->macpads_Bsize)); if (! b->macpads) { err = gpg_err_code_from_errno (errno); @@ -507,13 +507,13 @@ md_copy (gcry_md_hd_t ahd, gcry_md_hd_t *b_hd) for (ar = a->list; ar; ar = ar->next) { if (a->secure) - br = gcry_malloc_secure (sizeof *br - + ar->spec->contextsize - - sizeof(ar->context)); + br = xtrymalloc_secure (sizeof *br + + ar->spec->contextsize + - sizeof(ar->context)); else - br = gcry_malloc (sizeof *br - + ar->spec->contextsize - - sizeof (ar->context)); + br = xtrymalloc (sizeof *br + + ar->spec->contextsize + - sizeof (ar->context)); if (!br) { err = gpg_err_code_from_errno (errno); @@ -586,17 +586,17 @@ md_close (gcry_md_hd_t a) { r2 = r->next; wipememory (r, r->actual_struct_size); - gcry_free (r); + xfree (r); } if (a->ctx->macpads) { wipememory (a->ctx->macpads, 2*(a->ctx->macpads_Bsize)); - gcry_free(a->ctx->macpads); + xfree(a->ctx->macpads); } wipememory (a, a->ctx->actual_handle_size); - gcry_free(a); + xfree(a); } @@ -690,7 +690,7 @@ prepare_macpads (gcry_md_hd_t hd, const unsigned char *key, size_t keylen) if ( keylen > hd->ctx->macpads_Bsize ) { - helpkey = gcry_malloc_secure (md_digest_length (algo)); + helpkey = xtrymalloc_secure (md_digest_length (algo)); if (!helpkey) return gpg_err_code_from_errno (errno); _gcry_md_hash_buffer (algo, helpkey, key, keylen); @@ -709,7 +709,7 @@ prepare_macpads (gcry_md_hd_t hd, const unsigned char *key, size_t keylen) ipad[i] ^= 0x36; opad[i] ^= 0x5c; } - gcry_free (helpkey); + xfree (helpkey); return 0; } diff --git a/cipher/primegen.c b/cipher/primegen.c index 8694c314..645b0f82 100644 --- a/cipher/primegen.c +++ b/cipher/primegen.c @@ -188,7 +188,7 @@ save_pool_prime (gcry_mpi_t prime, gcry_random_level_t randomlevel) } if (!item) { - item = gcry_calloc (1, sizeof *item); + item = xtrycalloc (1, sizeof *item); if (!item) { /* Out of memory. Silently giving up. */ @@ -386,7 +386,7 @@ prime_generate_internal (int need_q_factor, q_factor = gen_prime (req_qbits, is_secret, randomlevel, NULL, NULL); /* Allocate an array to hold all factors + 2 for later usage. */ - factors = gcry_calloc (n + 2, sizeof (*factors)); + factors = xtrycalloc (n + 2, sizeof (*factors)); if (!factors) { err = gpg_err_code_from_errno (errno); @@ -394,7 +394,7 @@ prime_generate_internal (int need_q_factor, } /* Allocate an array to track pool usage. */ - pool_in_use = gcry_malloc (n * sizeof *pool_in_use); + pool_in_use = xtrymalloc (n * sizeof *pool_in_use); if (!pool_in_use) { err = gpg_err_code_from_errno (errno); @@ -413,7 +413,7 @@ prime_generate_internal (int need_q_factor, m += 5; if (m < 30) m = 30; - pool = gcry_calloc (m , sizeof (*pool)); + pool = xtrycalloc (m , sizeof (*pool)); if (! pool) { err = gpg_err_code_from_errno (errno); @@ -439,7 +439,7 @@ prime_generate_internal (int need_q_factor, } /* Init m_out_of_n(). */ - perms = gcry_calloc (1, m); + perms = xtrycalloc (1, m); if (!perms) { err = gpg_err_code_from_errno (errno); @@ -531,7 +531,7 @@ prime_generate_internal (int need_q_factor, if (i == n) { /* Ran out of permutations: Allocate new primes. */ - gcry_free (perms); + xfree (perms); perms = NULL; progress ('!'); goto next_try; @@ -604,7 +604,7 @@ prime_generate_internal (int need_q_factor, if (ret_factors) { /* Caller wants the factors. */ - factors_new = gcry_calloc (n + 4, sizeof (*factors_new)); + factors_new = xtrycalloc (n + 4, sizeof (*factors_new)); if (! factors_new) { err = gpg_err_code_from_errno (errno); @@ -706,13 +706,13 @@ prime_generate_internal (int need_q_factor, if (is_locked && ath_mutex_unlock (&primepool_lock)) err = GPG_ERR_INTERNAL; is_locked = 0; - gcry_free (pool); + xfree (pool); } - gcry_free (pool_in_use); + xfree (pool_in_use); if (factors) - gcry_free (factors); /* Factors are shallow copies. */ + xfree (factors); /* Factors are shallow copies. */ if (perms) - gcry_free (perms); + xfree (perms); mpi_free (val_2); mpi_free (q); @@ -730,7 +730,7 @@ prime_generate_internal (int need_q_factor, { for (i = 0; factors_new[i]; i++) mpi_free (factors_new[i]); - gcry_free (factors_new); + xfree (factors_new); } mpi_free (prime); } @@ -772,7 +772,7 @@ gen_prime (unsigned int nbits, int secret, int randomlevel, if (nbits < 16) log_fatal ("can't generate a prime with less than %d bits\n", 16); - mods = gcry_xmalloc( no_of_small_prime_numbers * sizeof *mods ); + mods = xmalloc (no_of_small_prime_numbers * sizeof *mods); /* Make nbits fit into gcry_mpi_t implementation. */ val_2 = mpi_alloc_set_ui( 2 ); val_3 = mpi_alloc_set_ui( 3); @@ -848,7 +848,7 @@ gen_prime (unsigned int nbits, int secret, int randomlevel, mpi_free(result); mpi_free(pminus1); mpi_free(prime); - gcry_free(mods); + xfree(mods); return ptest; } } @@ -1160,7 +1160,7 @@ _gcry_prime_generate (gcry_mpi_t *prime, unsigned int prime_bits, { for (i = 0; factors_generated[i]; i++) mpi_free (factors_generated[i]); - gcry_free (factors_generated); + xfree (factors_generated); } rc = GPG_ERR_GENERAL; } @@ -1271,7 +1271,7 @@ _gcry_prime_release_factors (gcry_mpi_t *factors) for (i=0; factors[i]; i++) mpi_free (factors[i]); - gcry_free (factors); + xfree (factors); } } @@ -1457,7 +1457,7 @@ _gcry_generate_fips186_2_prime (unsigned int pbits, unsigned int qbits, return GPG_ERR_INV_ARG; /* Allocate a buffer to later compute SEED+some_increment. */ - seed_plus = gcry_malloc (seedlen < 20? 20:seedlen); + seed_plus = xtrymalloc (seedlen < 20? 20:seedlen); if (!seed_plus) { ec = gpg_err_code_from_syserror (); @@ -1614,7 +1614,7 @@ _gcry_generate_fips186_2_prime (unsigned int pbits, unsigned int qbits, _gcry_mpi_release (value_w); _gcry_mpi_release (prime_p); _gcry_mpi_release (prime_q); - gcry_free (seed_plus); + xfree (seed_plus); _gcry_mpi_release (val_2); return ec; } @@ -1695,8 +1695,8 @@ _gcry_generate_fips186_3_prime (unsigned int pbits, unsigned int qbits, /* Allocate a buffer to later compute SEED+some_increment and a few helper variables. */ - seed_plus = gcry_malloc (seedlen < sizeof seed_help_buffer? - sizeof seed_help_buffer : seedlen); + seed_plus = xtrymalloc (seedlen < sizeof seed_help_buffer? + sizeof seed_help_buffer : seedlen); if (!seed_plus) { ec = gpg_err_code_from_syserror (); @@ -1857,7 +1857,7 @@ _gcry_generate_fips186_3_prime (unsigned int pbits, unsigned int qbits, _gcry_mpi_release (value_w); _gcry_mpi_release (prime_p); _gcry_mpi_release (prime_q); - gcry_free (seed_plus); + xfree (seed_plus); _gcry_mpi_release (val_2); return ec; } diff --git a/cipher/pubkey-util.c b/cipher/pubkey-util.c index 7f3fd824..616b4990 100644 --- a/cipher/pubkey-util.c +++ b/cipher/pubkey-util.c @@ -218,7 +218,7 @@ get_hash_algo (const char *s, size_t n) algorithm names. */ char *tmpname; - tmpname = gcry_malloc (n+1); + tmpname = xtrymalloc (n+1); if (!tmpname) algo = 0; /* Out of core - silently give up. */ else @@ -226,7 +226,7 @@ get_hash_algo (const char *s, size_t n) memcpy (tmpname, s, n); tmpname[n] = 0; algo = _gcry_md_map_name (tmpname); - gcry_free (tmpname); + xfree (tmpname); } } return algo; @@ -381,7 +381,7 @@ _gcry_pk_util_preparse_sigval (gcry_sexp_t s_sig, const char **algo_names, rc = GPG_ERR_INV_OBJ; goto leave; } - gcry_free (name); + xfree (name); name = sexp_nth_string (l2, 0); if (!name) { @@ -411,7 +411,7 @@ _gcry_pk_util_preparse_sigval (gcry_sexp_t s_sig, const char **algo_names, rc = 0; leave: - gcry_free (name); + xfree (name); sexp_release (l2); sexp_release (l1); return rc; @@ -520,7 +520,7 @@ _gcry_pk_util_preparse_encval (gcry_sexp_t sexp, const char **algo_names, rc = GPG_ERR_NO_OBJ; else if (n > 0) { - ctx->label = gcry_malloc (n); + ctx->label = xtrymalloc (n); if (!ctx->label) rc = gpg_err_code_from_syserror (); else @@ -550,7 +550,7 @@ _gcry_pk_util_preparse_encval (gcry_sexp_t sexp, const char **algo_names, } /* Extract sublist identifier. */ - gcry_free (name); + xfree (name); name = sexp_nth_string (l2, 0); if (!name) { @@ -576,7 +576,7 @@ _gcry_pk_util_preparse_encval (gcry_sexp_t sexp, const char **algo_names, rc = 0; leave: - gcry_free (name); + xfree (name); sexp_release (l2); sexp_release (l1); return rc; @@ -605,7 +605,7 @@ _gcry_pk_util_init_encoding_ctx (struct pk_encoding_ctx *ctx, void _gcry_pk_util_free_encoding_ctx (struct pk_encoding_ctx *ctx) { - gcry_free (ctx->label); + xfree (ctx->label); } @@ -721,13 +721,13 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi, "(value)". This is commonly used by test vectors. Note that S-expression do not allow zero length items. */ valuelen = 0; - value = gcry_malloc (1); + value = xtrymalloc (1); if (!value) rc = gpg_err_code_from_syserror (); } else if ((valuelen * 8) < valuelen) { - gcry_free (value); + xfree (value); rc = GPG_ERR_TOO_LARGE; } if (rc) @@ -760,7 +760,7 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi, rc = GPG_ERR_INV_OBJ; else if ((valuelen * 8) < valuelen) { - gcry_free (value); + xfree (value); rc = GPG_ERR_TOO_LARGE; } else @@ -804,7 +804,7 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi, rc = GPG_ERR_NO_OBJ; else if (n > 0) { - random_override = gcry_malloc (n); + random_override = xtrymalloc (n); if (!random_override) rc = gpg_err_code_from_syserror (); else @@ -822,7 +822,7 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi, value, valuelen, random_override, random_override_len); - gcry_free (random_override); + xfree (random_override); } } else if (ctx->encoding == PUBKEY_ENC_PKCS1 && lhash @@ -891,7 +891,7 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi, rc = GPG_ERR_NO_OBJ; else if (n > 0) { - ctx->label = gcry_malloc (n); + ctx->label = xtrymalloc (n); if (!ctx->label) rc = gpg_err_code_from_syserror (); else @@ -913,7 +913,7 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi, rc = GPG_ERR_NO_OBJ; else if (n > 0) { - random_override = gcry_malloc (n); + random_override = xtrymalloc (n); if (!random_override) rc = gpg_err_code_from_syserror (); else @@ -932,7 +932,7 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi, ctx->label, ctx->labellen, random_override, random_override_len); - gcry_free (random_override); + xfree (random_override); } } else if (ctx->encoding == PUBKEY_ENC_PSS && lhash @@ -983,7 +983,7 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi, rc = GPG_ERR_NO_OBJ; else if (n > 0) { - random_override = gcry_malloc (n); + random_override = xtrymalloc (n); if (!random_override) rc = gpg_err_code_from_syserror (); else @@ -1003,7 +1003,7 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi, value, valuelen, ctx->saltlen, random_override, random_override_len); - gcry_free (random_override); + xfree (random_override); } } } @@ -1042,7 +1042,7 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi, ctx->flags = parsed_flags; else { - gcry_free (ctx->label); + xfree (ctx->label); ctx->label = NULL; } diff --git a/cipher/pubkey.c b/cipher/pubkey.c index e89fa950..d1303881 100644 --- a/cipher/pubkey.c +++ b/cipher/pubkey.c @@ -153,7 +153,7 @@ spec_from_sexp (gcry_sexp_t sexp, int want_private, return GPG_ERR_INV_OBJ; /* Invalid structure of object. */ } spec = spec_from_name (name); - gcry_free (name); + xfree (name); if (!spec) { sexp_release (list); @@ -569,7 +569,7 @@ _gcry_pk_genkey (gcry_sexp_t *r_key, gcry_sexp_t s_parms) } spec = spec_from_name (name); - gcry_free (name); + xfree (name); name = NULL; if (!spec) { @@ -584,7 +584,7 @@ _gcry_pk_genkey (gcry_sexp_t *r_key, gcry_sexp_t s_parms) leave: sexp_release (list); - gcry_free (name); + xfree (name); sexp_release (l2); return rc; @@ -702,7 +702,7 @@ _gcry_pk_get_keygrip (gcry_sexp_t key, unsigned char *array) if (!array) { - array = gcry_malloc (20); + array = xtrymalloc (20); if (! array) goto fail; } @@ -711,7 +711,7 @@ _gcry_pk_get_keygrip (gcry_sexp_t key, unsigned char *array) okay = 1; fail: - gcry_free (name); + xfree (name); sexp_release (l2); _gcry_md_close (md); sexp_release (list); diff --git a/cipher/rsa-common.c b/cipher/rsa-common.c index 65b007f1..4f5a6594 100644 --- a/cipher/rsa-common.c +++ b/cipher/rsa-common.c @@ -85,7 +85,7 @@ _gcry_rsa_pkcs1_encode_for_enc (gcry_mpi_t *r_result, unsigned int nbits, return GPG_ERR_TOO_SHORT; /* The key is too short. */ } - if ( !(frame = gcry_malloc_secure (nframe))) + if ( !(frame = xtrymalloc_secure (nframe))) return gpg_err_code_from_syserror (); n = 0; @@ -100,14 +100,14 @@ _gcry_rsa_pkcs1_encode_for_enc (gcry_mpi_t *r_result, unsigned int nbits, if (random_override_len != i) { - gcry_free (frame); + xfree (frame); return GPG_ERR_INV_ARG; } /* Check that random does not include a zero byte. */ for (j=0; j < random_override_len; j++) if (!random_override[j]) { - gcry_free (frame); + xfree (frame); return GPG_ERR_INV_ARG; } memcpy (frame + n, random_override, random_override_len); @@ -140,11 +140,11 @@ _gcry_rsa_pkcs1_encode_for_enc (gcry_mpi_t *r_result, unsigned int nbits, if (p[j]) j++; } - gcry_free (pp); + xfree (pp); } memcpy (frame+n, p, i); n += i; - gcry_free (p); + xfree (p); } frame[n++] = 0; @@ -155,7 +155,7 @@ _gcry_rsa_pkcs1_encode_for_enc (gcry_mpi_t *r_result, unsigned int nbits, rc = _gcry_mpi_scan (r_result, GCRYMPI_FMT_USG, frame, n, &nframe); if (!rc &&DBG_CIPHER) log_mpidump ("PKCS#1 block type 2 encoded data", *r_result); - gcry_free (frame); + xfree (frame); return rc; } @@ -176,13 +176,13 @@ _gcry_rsa_pkcs1_decode_for_enc (unsigned char **r_result, size_t *r_resultlen, *r_result = NULL; - if ( !(frame = gcry_malloc_secure (nframe))) + if ( !(frame = xtrymalloc_secure (nframe))) return gpg_err_code_from_syserror (); err = _gcry_mpi_print (GCRYMPI_FMT_USG, frame, nframe, &n, value); if (err) { - gcry_free (frame); + xfree (frame); return gcry_err_code (err); } @@ -197,7 +197,7 @@ _gcry_rsa_pkcs1_decode_for_enc (unsigned char **r_result, size_t *r_resultlen, first zero byte optional. */ if (nframe < 4) { - gcry_free (frame); + xfree (frame); return GPG_ERR_ENCODING_PROBLEM; /* Too short. */ } n = 0; @@ -205,7 +205,7 @@ _gcry_rsa_pkcs1_decode_for_enc (unsigned char **r_result, size_t *r_resultlen, n++; if (frame[n++] != 0x02) { - gcry_free (frame); + xfree (frame); return GPG_ERR_ENCODING_PROBLEM; /* Wrong block type. */ } @@ -214,7 +214,7 @@ _gcry_rsa_pkcs1_decode_for_enc (unsigned char **r_result, size_t *r_resultlen, ; if (n+1 >= nframe) { - gcry_free (frame); + xfree (frame); return GPG_ERR_ENCODING_PROBLEM; /* No zero byte. */ } n++; /* Skip the zero byte. */ @@ -292,7 +292,7 @@ _gcry_rsa_pkcs1_encode_for_sig (gcry_mpi_t *r_result, unsigned int nbits, return GPG_ERR_TOO_SHORT; } - if ( !(frame = gcry_malloc (nframe)) ) + if ( !(frame = xtrymalloc (nframe)) ) return gpg_err_code_from_syserror (); /* Assemble the pkcs#1 block type 1. */ @@ -314,7 +314,7 @@ _gcry_rsa_pkcs1_encode_for_sig (gcry_mpi_t *r_result, unsigned int nbits, rc = _gcry_mpi_scan (r_result, GCRYMPI_FMT_USG, frame, n, &nframe); if (!rc && DBG_CIPHER) log_mpidump ("PKCS#1 block type 1 encoded data", *r_result); - gcry_free (frame); + xfree (frame); return rc; } @@ -436,7 +436,7 @@ _gcry_rsa_oaep_encode (gcry_mpi_t *r_result, unsigned int nbits, int algo, } /* Allocate the frame. */ - frame = gcry_calloc_secure (1, nframe); + frame = xtrycalloc_secure (1, nframe); if (!frame) return gpg_err_code_from_syserror (); @@ -458,7 +458,7 @@ _gcry_rsa_oaep_encode (gcry_mpi_t *r_result, unsigned int nbits, int algo, { if (random_override_len != hlen) { - gcry_free (frame); + xfree (frame); return GPG_ERR_INV_ARG; } memcpy (frame + 1, random_override, hlen); @@ -470,46 +470,46 @@ _gcry_rsa_oaep_encode (gcry_mpi_t *r_result, unsigned int nbits, int algo, { unsigned char *dmask; - dmask = gcry_malloc_secure (nframe - hlen - 1); + dmask = xtrymalloc_secure (nframe - hlen - 1); if (!dmask) { rc = gpg_err_code_from_syserror (); - gcry_free (frame); + xfree (frame); return rc; } rc = mgf1 (dmask, nframe - hlen - 1, frame+1, hlen, algo); if (rc) { - gcry_free (dmask); - gcry_free (frame); + xfree (dmask); + xfree (frame); return rc; } for (n = 1 + hlen, p = dmask; n < nframe; n++) frame[n] ^= *p++; - gcry_free (dmask); + xfree (dmask); } /* Step 2g and 2h: Create maskedSeed. */ { unsigned char *smask; - smask = gcry_malloc_secure (hlen); + smask = xtrymalloc_secure (hlen); if (!smask) { rc = gpg_err_code_from_syserror (); - gcry_free (frame); + xfree (frame); return rc; } rc = mgf1 (smask, hlen, frame + 1 + hlen, nframe - hlen - 1, algo); if (rc) { - gcry_free (smask); - gcry_free (frame); + xfree (smask); + xfree (frame); return rc; } for (n = 1, p = smask; n < 1 + hlen; n++) frame[n] ^= *p++; - gcry_free (smask); + xfree (smask); } /* Step 2i: Concatenate 0x00, maskedSeed and maskedDB. */ @@ -519,7 +519,7 @@ _gcry_rsa_oaep_encode (gcry_mpi_t *r_result, unsigned int nbits, int algo, rc = _gcry_mpi_scan (r_result, GCRYMPI_FMT_USG, frame, nframe, NULL); if (!rc && DBG_CIPHER) log_mpidump ("OAEP encoded data", *r_result); - gcry_free (frame); + xfree (frame); return rc; } @@ -568,7 +568,7 @@ _gcry_rsa_oaep_decode (unsigned char **r_result, size_t *r_resultlen, hlen = _gcry_md_get_algo_dlen (algo); /* Hash the label right away. */ - lhash = gcry_malloc (hlen); + lhash = xtrymalloc (hlen); if (!lhash) return gpg_err_code_from_syserror (); _gcry_md_hash_buffer (algo, lhash, label, labellen); @@ -583,7 +583,7 @@ _gcry_rsa_oaep_decode (unsigned char **r_result, size_t *r_resultlen, rc = octet_string_from_mpi (&frame, NULL, value, nkey); if (rc) { - gcry_free (lhash); + xfree (lhash); return GPG_ERR_ENCODING_PROBLEM; } nframe = nkey; @@ -591,8 +591,8 @@ _gcry_rsa_oaep_decode (unsigned char **r_result, size_t *r_resultlen, /* Step 1c: Check that the key is long enough. */ if ( nframe < 2 * hlen + 2 ) { - gcry_free (frame); - gcry_free (lhash); + xfree (frame); + xfree (lhash); return GPG_ERR_ENCODING_PROBLEM; } @@ -600,12 +600,12 @@ _gcry_rsa_oaep_decode (unsigned char **r_result, size_t *r_resultlen, gcry_mpi_aprint above. */ /* Allocate space for SEED and DB. */ - seed = gcry_malloc_secure (nframe - 1); + seed = xtrymalloc_secure (nframe - 1); if (!seed) { rc = gpg_err_code_from_syserror (); - gcry_free (frame); - gcry_free (lhash); + xfree (frame); + xfree (lhash); return rc; } db = seed + hlen; @@ -646,11 +646,11 @@ _gcry_rsa_oaep_decode (unsigned char **r_result, size_t *r_resultlen, if (frame[0]) failed = 1; - gcry_free (lhash); - gcry_free (frame); + xfree (lhash); + xfree (frame); if (failed) { - gcry_free (seed); + xfree (seed); return GPG_ERR_ENCODING_PROBLEM; } @@ -736,7 +736,7 @@ _gcry_rsa_pss_encode (gcry_mpi_t *r_result, unsigned int nbits, int algo, /* Allocate a help buffer and setup some pointers. */ buflen = 8 + hlen + saltlen + (emlen - hlen - 1); - buf = gcry_malloc (buflen); + buf = xtrymalloc (buflen); if (!buf) { rc = gpg_err_code_from_syserror (); @@ -763,7 +763,7 @@ _gcry_rsa_pss_encode (gcry_mpi_t *r_result, unsigned int nbits, int algo, } /* Allocate space for EM. */ - em = gcry_malloc (emlen); + em = xtrymalloc (emlen); if (!em) { rc = gpg_err_code_from_syserror (); @@ -820,12 +820,12 @@ _gcry_rsa_pss_encode (gcry_mpi_t *r_result, unsigned int nbits, int algo, if (em) { wipememory (em, emlen); - gcry_free (em); + xfree (em); } if (buf) { wipememory (buf, buflen); - gcry_free (buf); + xfree (buf); } return rc; } @@ -876,7 +876,7 @@ _gcry_rsa_pss_verify (gcry_mpi_t value, gcry_mpi_t encoded, if (buflen < emlen - hlen - 1) buflen = emlen - hlen - 1; buflen += hlen; - buf = gcry_malloc (buflen); + buf = xtrymalloc (buflen); if (!buf) { rc = gpg_err_code_from_syserror (); @@ -962,12 +962,12 @@ _gcry_rsa_pss_verify (gcry_mpi_t value, gcry_mpi_t encoded, if (em) { wipememory (em, emlen); - gcry_free (em); + xfree (em); } if (buf) { wipememory (buf, buflen); - gcry_free (buf); + xfree (buf); } return rc; } diff --git a/cipher/rsa.c b/cipher/rsa.c index a40edaa6..a97dcfd0 100644 --- a/cipher/rsa.c +++ b/cipher/rsa.c @@ -926,7 +926,7 @@ rsa_encrypt (gcry_sexp_t *r_ciph, gcry_sexp_t s_data, gcry_sexp_t keyparms) if (!rc) { rc = sexp_build (r_ciph, NULL, "(enc-val(rsa(a%b)))", (int)emlen, em); - gcry_free (em); + xfree (em); } } else @@ -1076,7 +1076,7 @@ rsa_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms) } leave: - gcry_free (unpad); + xfree (unpad); _gcry_mpi_release (plain); _gcry_mpi_release (sk.n); _gcry_mpi_release (sk.e); @@ -1155,7 +1155,7 @@ rsa_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms) if (!rc) { rc = sexp_build (r_sig, NULL, "(sig-val(rsa(s%b)))", (int)emlen, em); - gcry_free (em); + xfree (em); } } else diff --git a/cipher/scrypt.c b/cipher/scrypt.c index 6f6a7f11..404943d8 100644 --- a/cipher/scrypt.c +++ b/cipher/scrypt.c @@ -281,21 +281,21 @@ _gcry_kdf_scrypt (const unsigned char *passwd, size_t passwdlen, if (nbytes < r128) return GPG_ERR_ENOMEM; - B = gcry_malloc (p * r128); + B = xtrymalloc (p * r128); if (!B) { ec = gpg_err_code_from_syserror (); goto leave; } - tmp1 = gcry_malloc (N * r128); + tmp1 = xtrymalloc (N * r128); if (!tmp1) { ec = gpg_err_code_from_syserror (); goto leave; } - tmp2 = gcry_malloc (64 + r128); + tmp2 = xtrymalloc (64 + r128); if (!tmp2) { ec = gpg_err_code_from_syserror (); @@ -313,9 +313,9 @@ _gcry_kdf_scrypt (const unsigned char *passwd, size_t passwdlen, 1 /* iterations */, dkLen, DK); leave: - gcry_free (tmp2); - gcry_free (tmp1); - gcry_free (B); + xfree (tmp2); + xfree (tmp1); + xfree (B); return ec; } @@ -90,7 +90,7 @@ _gcry_mpi_point_new (unsigned int nbits) (void)nbits; /* Currently not used. */ - p = gcry_xmalloc (sizeof *p); + p = xmalloc (sizeof *p); _gcry_mpi_point_init (p); return p; } @@ -103,7 +103,7 @@ _gcry_mpi_point_release (mpi_point_t p) if (p) { _gcry_mpi_point_free_parts (p); - gcry_free (p); + xfree (p); } } @@ -164,7 +164,7 @@ _gcry_mpi_point_snatch_get (gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t z, mpi_snatch (x, point->x); mpi_snatch (y, point->y); mpi_snatch (z, point->z); - gcry_free (point); + xfree (point); } @@ -470,7 +470,7 @@ _gcry_mpi_ec_p_internal_new (enum gcry_mpi_ec_models model, { mpi_ec_t ctx; - ctx = gcry_xcalloc (1, sizeof *ctx); + ctx = xcalloc (1, sizeof *ctx); ec_p_init (ctx, model, dialect, flags, p, a, b); return ctx; @@ -515,7 +515,7 @@ _gcry_mpi_ec_free (mpi_ec_t ctx) if (ctx) { ec_deinit (ctx); - gcry_free (ctx); + xfree (ctx); } } diff --git a/mpi/mpi-mod.c b/mpi/mpi-mod.c index 0a8cfb67..88624720 100644 --- a/mpi/mpi-mod.c +++ b/mpi/mpi-mod.c @@ -62,7 +62,7 @@ _gcry_mpi_barrett_init (gcry_mpi_t m, int copy) gcry_mpi_t tmp; mpi_normalize (m); - ctx = gcry_xcalloc (1, sizeof *ctx); + ctx = xcalloc (1, sizeof *ctx); if (copy) { @@ -99,7 +99,7 @@ _gcry_mpi_barrett_free (mpi_barrett_t ctx) mpi_free (ctx->r3); if (ctx->m_copied) mpi_free (ctx->m); - gcry_free (ctx); + xfree (ctx); } } diff --git a/mpi/mpi-mpow.c b/mpi/mpi-mpow.c index 2a9a86b0..43bd641f 100644 --- a/mpi/mpi-mpow.c +++ b/mpi/mpi-mpow.c @@ -89,7 +89,7 @@ _gcry_mpi_mulpowm( gcry_mpi_t res, gcry_mpi_t *basearray, gcry_mpi_t *exparray, gcry_assert (t); gcry_assert (k < 10); - G = gcry_xcalloc( (1<<k) , sizeof *G ); + G = xcalloc( (1<<k) , sizeof *G ); #ifdef USE_BARRETT barrett_y = init_barrett( m, &barrett_k, &barrett_r1, &barrett_r2 ); #endif @@ -130,7 +130,7 @@ _gcry_mpi_mulpowm( gcry_mpi_t res, gcry_mpi_t *basearray, gcry_mpi_t *exparray, #endif for(i=0; i < (1<<k); i++ ) mpi_free(G[i]); - gcry_free(G); + xfree(G); } diff --git a/mpi/mpicoder.c b/mpi/mpicoder.c index 911ddcc3..58a42403 100644 --- a/mpi/mpicoder.c +++ b/mpi/mpicoder.c @@ -202,8 +202,8 @@ do_get_buffer (gcry_mpi_t a, unsigned int fill_le, n = *nbytes? *nbytes:1; /* Allocate at least one byte. */ if (n < fill_le) n = fill_le; - p = buffer = (force_secure || mpi_is_secure(a))? gcry_malloc_secure (n) - : gcry_malloc (n); + p = buffer = (force_secure || mpi_is_secure(a))? xtrymalloc_secure (n) + : xtrymalloc (n); if (!buffer) return NULL; @@ -423,7 +423,7 @@ _gcry_mpi_scan (struct gcry_mpi **ret_mpi, enum gcry_mpi_format format, const unsigned char *buffer = (const unsigned char*)buffer_arg; struct gcry_mpi *a = NULL; unsigned int len; - int secure = (buffer && gcry_is_secure (buffer)); + int secure = (buffer && _gcry_is_secure (buffer)); if (format == GCRYMPI_FMT_SSH) len = 0; @@ -630,7 +630,7 @@ _gcry_mpi_print (enum gcry_mpi_format format, if (buffer && n > len) { /* The provided buffer is too short. */ - gcry_free (tmp); + xfree (tmp); return GPG_ERR_TOO_SHORT; } if (buffer) @@ -643,7 +643,7 @@ _gcry_mpi_print (enum gcry_mpi_format format, *s++ = 0xff; memcpy (s, tmp, n-!!extra); } - gcry_free(tmp); + xfree (tmp); *nwritten = n; return 0; } @@ -665,7 +665,7 @@ _gcry_mpi_print (enum gcry_mpi_format format, if (!tmp) return gpg_err_code_from_syserror (); memcpy (buffer, tmp, n); - gcry_free (tmp); + xfree (tmp); } *nwritten = n; return 0; @@ -693,7 +693,7 @@ _gcry_mpi_print (enum gcry_mpi_format format, if (!tmp) return gpg_err_code_from_syserror (); memcpy (s+2, tmp, n); - gcry_free (tmp); + xfree (tmp); } *nwritten = n+2; return 0; @@ -726,7 +726,7 @@ _gcry_mpi_print (enum gcry_mpi_format format, if (buffer && n+4 > len) { - gcry_free(tmp); + xfree(tmp); return GPG_ERR_TOO_SHORT; } @@ -744,7 +744,7 @@ _gcry_mpi_print (enum gcry_mpi_format format, *s++ = 0xff; memcpy (s, tmp, n-!!extra); } - gcry_free (tmp); + xfree (tmp); *nwritten = 4+n; return 0; } @@ -763,7 +763,7 @@ _gcry_mpi_print (enum gcry_mpi_format format, if (buffer && 2*n + extra + negative + 1 > len) { - gcry_free(tmp); + xfree(tmp); return GPG_ERR_TOO_SHORT; } if (buffer) @@ -793,7 +793,7 @@ _gcry_mpi_print (enum gcry_mpi_format format, { *nwritten = 2*n + extra + negative + 1; } - gcry_free (tmp); + xfree (tmp); return 0; } else @@ -819,7 +819,7 @@ _gcry_mpi_aprint (enum gcry_mpi_format format, if (rc) return rc; - *buffer = mpi_is_secure(a) ? gcry_malloc_secure (n?n:1) : gcry_malloc (n?n:1); + *buffer = mpi_is_secure(a) ? xtrymalloc_secure (n?n:1) : xtrymalloc (n?n:1); if (!*buffer) return gpg_err_code_from_syserror (); /* If the returned buffer will have a length of 0, we nevertheless @@ -829,7 +829,7 @@ _gcry_mpi_aprint (enum gcry_mpi_format format, rc = _gcry_mpi_print( format, *buffer, n, &n, a ); if (rc) { - gcry_free(*buffer); + xfree (*buffer); *buffer = NULL; } else if (nwritten) @@ -871,7 +871,7 @@ _gcry_mpi_to_octet_string (unsigned char **r_frame, void *space, frame = space; else { - frame = mpi_is_secure (value)? gcry_malloc_secure (n) : gcry_malloc (n); + frame = mpi_is_secure (value)? xtrymalloc_secure (n) : xtrymalloc (n); if (!frame) { rc = gpg_err_code_from_syserror (); @@ -884,7 +884,7 @@ _gcry_mpi_to_octet_string (unsigned char **r_frame, void *space, rc = _gcry_mpi_print (GCRYMPI_FMT_USG, frame+noff, nframe-noff, NULL, value); if (rc) { - gcry_free (frame); + xfree (frame); return rc; } diff --git a/mpi/mpih-mul.c b/mpi/mpih-mul.c index b8e05617..8b6f06a3 100644 --- a/mpi/mpih-mul.c +++ b/mpi/mpih-mul.c @@ -353,7 +353,7 @@ _gcry_mpih_mul_n( mpi_ptr_t prodp, _gcry_mpih_sqr_n_basecase( prodp, up, size ); else { mpi_ptr_t tspace; - secure = gcry_is_secure( up ); + secure = _gcry_is_secure( up ); tspace = mpi_alloc_limb_space( 2 * size, secure ); _gcry_mpih_sqr_n( prodp, up, size, tspace ); _gcry_mpi_free_limb_space (tspace, 2 * size ); @@ -364,7 +364,7 @@ _gcry_mpih_mul_n( mpi_ptr_t prodp, mul_n_basecase( prodp, up, vp, size ); else { mpi_ptr_t tspace; - secure = gcry_is_secure( up ) || gcry_is_secure( vp ); + secure = _gcry_is_secure( up ) || _gcry_is_secure( vp ); tspace = mpi_alloc_limb_space( 2 * size, secure ); mul_n (prodp, up, vp, size, tspace); _gcry_mpi_free_limb_space (tspace, 2 * size ); @@ -386,9 +386,9 @@ _gcry_mpih_mul_karatsuba_case( mpi_ptr_t prodp, if( ctx->tspace ) _gcry_mpi_free_limb_space( ctx->tspace, ctx->tspace_nlimbs ); ctx->tspace_nlimbs = 2 * vsize; - ctx->tspace = mpi_alloc_limb_space( 2 * vsize, - (gcry_is_secure( up ) - || gcry_is_secure( vp )) ); + ctx->tspace = mpi_alloc_limb_space (2 * vsize, + (_gcry_is_secure (up) + || _gcry_is_secure (vp))); ctx->tspace_size = vsize; } @@ -402,8 +402,9 @@ _gcry_mpih_mul_karatsuba_case( mpi_ptr_t prodp, if( ctx->tp ) _gcry_mpi_free_limb_space( ctx->tp, ctx->tp_nlimbs ); ctx->tp_nlimbs = 2 * vsize; - ctx->tp = mpi_alloc_limb_space( 2 * vsize, gcry_is_secure( up ) - || gcry_is_secure( vp ) ); + ctx->tp = mpi_alloc_limb_space (2 * vsize, + (_gcry_is_secure (up) + || _gcry_is_secure (vp))); ctx->tp_size = vsize; } @@ -423,7 +424,7 @@ _gcry_mpih_mul_karatsuba_case( mpi_ptr_t prodp, } else { if( !ctx->next ) { - ctx->next = gcry_xcalloc( 1, sizeof *ctx ); + ctx->next = xcalloc( 1, sizeof *ctx ); } _gcry_mpih_mul_karatsuba_case( ctx->tspace, vp, vsize, @@ -452,7 +453,7 @@ _gcry_mpih_release_karatsuba_ctx( struct karatsuba_ctx *ctx ) _gcry_mpi_free_limb_space( ctx->tp, ctx->tp_nlimbs ); if( ctx->tspace ) _gcry_mpi_free_limb_space( ctx->tspace, ctx->tspace_nlimbs ); - gcry_free( ctx ); + xfree( ctx ); } } diff --git a/mpi/mpiutil.c b/mpi/mpiutil.c index 28a24f37..1f1754a2 100644 --- a/mpi/mpiutil.c +++ b/mpi/mpiutil.c @@ -81,7 +81,7 @@ _gcry_mpi_alloc( unsigned nlimbs ) { gcry_mpi_t a; - a = gcry_xmalloc( sizeof *a ); + a = xmalloc( sizeof *a ); a->d = nlimbs? mpi_alloc_limb_space( nlimbs, 0 ) : NULL; a->alloced = nlimbs; a->nlimbs = 0; @@ -102,7 +102,7 @@ _gcry_mpi_alloc_secure( unsigned nlimbs ) { gcry_mpi_t a; - a = gcry_xmalloc( sizeof *a ); + a = xmalloc( sizeof *a ); a->d = nlimbs? mpi_alloc_limb_space( nlimbs, 1 ) : NULL; a->alloced = nlimbs; a->flags = 1; @@ -120,7 +120,7 @@ _gcry_mpi_alloc_limb_space( unsigned int nlimbs, int secure ) size_t len; len = (nlimbs ? nlimbs : 1) * sizeof (mpi_limb_t); - p = secure ? gcry_xmalloc_secure (len) : gcry_xmalloc (len); + p = secure ? xmalloc_secure (len) : xmalloc (len); if (! nlimbs) *p = 0; @@ -140,7 +140,7 @@ _gcry_mpi_free_limb_space( mpi_ptr_t a, unsigned int nlimbs) implemented in user provided allocation functions. */ if (len) wipememory (a, len); - gcry_free(a); + xfree(a); } } @@ -176,7 +176,7 @@ _gcry_mpi_resize (gcry_mpi_t a, unsigned nlimbs) /* Actually resize the limb space. */ if (a->d) { - a->d = gcry_xrealloc (a->d, nlimbs * sizeof (mpi_limb_t)); + a->d = xrealloc (a->d, nlimbs * sizeof (mpi_limb_t)); for (i=a->alloced; i < nlimbs; i++) a->d[i] = 0; } @@ -184,10 +184,10 @@ _gcry_mpi_resize (gcry_mpi_t a, unsigned nlimbs) { if (a->flags & 1) /* Secure memory is wanted. */ - a->d = gcry_xcalloc_secure (nlimbs , sizeof (mpi_limb_t)); + a->d = xcalloc_secure (nlimbs , sizeof (mpi_limb_t)); else /* Standard memory. */ - a->d = gcry_xcalloc (nlimbs , sizeof (mpi_limb_t)); + a->d = xcalloc (nlimbs , sizeof (mpi_limb_t)); } a->alloced = nlimbs; } @@ -213,7 +213,7 @@ _gcry_mpi_free( gcry_mpi_t a ) if ((a->flags & 32)) return; /* Never release a constant. */ if ((a->flags & 4)) - gcry_free( a->d ); + xfree( a->d ); else { _gcry_mpi_free_limb_space(a->d, a->alloced); @@ -226,7 +226,7 @@ _gcry_mpi_free( gcry_mpi_t a ) |GCRYMPI_FLAG_USER3 |GCRYMPI_FLAG_USER4))) log_bug("invalid flag value in mpi_free\n"); - gcry_free(a); + xfree (a); } @@ -271,7 +271,7 @@ _gcry_mpi_set_opaque (gcry_mpi_t a, void *p, unsigned int nbits) } if( a->flags & 4 ) - gcry_free( a->d ); + xfree (a->d); else _gcry_mpi_free_limb_space (a->d, a->alloced); @@ -281,7 +281,7 @@ _gcry_mpi_set_opaque (gcry_mpi_t a, void *p, unsigned int nbits) a->sign = nbits; a->flags = 4 | (a->flags & (GCRYMPI_FLAG_USER1|GCRYMPI_FLAG_USER2 |GCRYMPI_FLAG_USER3|GCRYMPI_FLAG_USER4)); - if (gcry_is_secure (a->d)) + if (_gcry_is_secure (a->d)) a->flags |= 1; return a; } @@ -294,7 +294,7 @@ _gcry_mpi_set_opaque_copy (gcry_mpi_t a, const void *p, unsigned int nbits) unsigned int n; n = (nbits+7)/8; - d = gcry_is_secure (p)? gcry_malloc_secure (n) : gcry_malloc (n); + d = _gcry_is_secure (p)? xtrymalloc_secure (n) : xtrymalloc (n); if (!d) return NULL; memcpy (d, p, n); @@ -324,7 +324,7 @@ _gcry_mpi_get_opaque_copy (gcry_mpi_t a, unsigned int *nbits) if (!s && nbits) return NULL; n = (*nbits+7)/8; - d = gcry_is_secure (s)? gcry_malloc_secure (n) : gcry_malloc (n); + d = _gcry_is_secure (s)? xtrymalloc_secure (n) : xtrymalloc (n); if (d) memcpy (d, s, n); return d; @@ -341,8 +341,8 @@ _gcry_mpi_copy (gcry_mpi_t a) gcry_mpi_t b; if( a && (a->flags & 4) ) { - void *p = gcry_is_secure(a->d)? gcry_xmalloc_secure( (a->sign+7)/8 ) - : gcry_xmalloc( (a->sign+7)/8 ); + void *p = _gcry_is_secure(a->d)? xmalloc_secure ((a->sign+7)/8) + : xmalloc ((a->sign+7)/8); memcpy( p, a->d, (a->sign+7)/8 ); b = mpi_set_opaque( NULL, p, a->sign ); b->flags &= ~(16|32); /* Reset the immutable and constant flags. */ @@ -416,8 +416,8 @@ _gcry_mpi_alloc_like( gcry_mpi_t a ) if( a && (a->flags & 4) ) { int n = (a->sign+7)/8; - void *p = gcry_is_secure(a->d)? gcry_malloc_secure( n ) - : gcry_malloc( n ); + void *p = _gcry_is_secure(a->d)? xtrymalloc_secure (n) + : xtrymalloc (n); memcpy( p, a->d, n ); b = mpi_set_opaque( NULL, p, a->sign ); } @@ -577,8 +577,8 @@ _gcry_mpi_randomize (gcry_mpi_t w, } if (level == GCRY_WEAK_RANDOM) { - p = mpi_is_secure(w) ? gcry_xmalloc_secure (nbytes) - : gcry_xmalloc (nbytes); + p = mpi_is_secure(w) ? xmalloc_secure (nbytes) + : xmalloc (nbytes); _gcry_create_nonce (p, nbytes); } else @@ -587,7 +587,7 @@ _gcry_mpi_randomize (gcry_mpi_t w, : _gcry_random_bytes (nbytes, level); } _gcry_mpi_set_buffer( w, p, nbytes, 0 ); - gcry_free (p); + xfree (p); } diff --git a/random/random-csprng.c b/random/random-csprng.c index b6d7f667..87235d82 100644 --- a/random/random-csprng.c +++ b/random/random-csprng.c @@ -322,11 +322,11 @@ initialize(void) use this extra space (which is allocated in secure memory) as a temporary hash buffer */ rndpool = (secure_alloc - ? gcry_xcalloc_secure (1, POOLSIZE + BLOCKLEN) - : gcry_xcalloc (1, POOLSIZE + BLOCKLEN)); + ? xcalloc_secure (1, POOLSIZE + BLOCKLEN) + : xcalloc (1, POOLSIZE + BLOCKLEN)); keypool = (secure_alloc - ? gcry_xcalloc_secure (1, POOLSIZE + BLOCKLEN) - : gcry_xcalloc (1, POOLSIZE + BLOCKLEN)); + ? xcalloc_secure (1, POOLSIZE + BLOCKLEN) + : xcalloc (1, POOLSIZE + BLOCKLEN)); /* Setup the slow entropy gathering function. The code requires that this function exists. */ @@ -676,7 +676,7 @@ _gcry_rngcsprng_set_seed_file (const char *name) { if (seed_file_name) BUG (); - seed_file_name = gcry_xstrdup (name); + seed_file_name = xstrdup (name); } @@ -1312,7 +1312,7 @@ gather_faked (void (*add)(const void*, size_t, enum random_origins), #endif } - p = buffer = gcry_xmalloc( length ); + p = buffer = xmalloc( length ); n = length; #ifdef HAVE_RAND while ( n-- ) @@ -1322,6 +1322,6 @@ gather_faked (void (*add)(const void*, size_t, enum random_origins), *p++ = ((unsigned)(1 + (int) (256.0*random()/(RAND_MAX+1.0)))-1); #endif add_randomness ( buffer, length, origin ); - gcry_free (buffer); + xfree (buffer); return 0; /* okay */ } diff --git a/random/random-fips.c b/random/random-fips.c index 6ee52f10..d00825e2 100644 --- a/random/random-fips.c +++ b/random/random-fips.c @@ -555,7 +555,7 @@ get_entropy (size_t nbytes) int rc; gcry_assert (!entropy_collect_buffer); - entropy_collect_buffer = gcry_xmalloc_secure (nbytes); + entropy_collect_buffer = xmalloc_secure (nbytes); entropy_collect_buffer_size = nbytes; entropy_collect_buffer_len = 0; @@ -577,7 +577,7 @@ get_entropy (size_t nbytes) if (rc < 0 || entropy_collect_buffer_len != entropy_collect_buffer_size) { - gcry_free (entropy_collect_buffer); + xfree (entropy_collect_buffer); entropy_collect_buffer = NULL; log_fatal ("error getting entropy data\n"); } @@ -613,7 +613,7 @@ x931_generate_key (int for_nonce) /* Get a key from the standard RNG or from the entropy source. */ if (for_nonce) { - buffer = gcry_xmalloc (X931_AES_KEYLEN); + buffer = xmalloc (X931_AES_KEYLEN); get_random (buffer, X931_AES_KEYLEN, std_rng_context); } else @@ -625,7 +625,7 @@ x931_generate_key (int for_nonce) the cipher context. */ rc = _gcry_cipher_setkey (hd, buffer, X931_AES_KEYLEN); wipememory (buffer, X931_AES_KEYLEN); - gcry_free (buffer); + xfree (buffer); if (rc) { log_error ("error creating key for RNG: %s\n", _gcry_strerror (rc)); @@ -651,7 +651,7 @@ x931_generate_seed (unsigned char *seed_buffer, size_t length) memcpy (seed_buffer, buffer, X931_AES_KEYLEN); wipememory (buffer, X931_AES_KEYLEN); - gcry_free (buffer); + xfree (buffer); } @@ -753,17 +753,17 @@ _gcry_rngfips_initialize (int full) if (!tempvalue_for_x931_aes_driver) { tempvalue_for_x931_aes_driver - = gcry_xmalloc_secure (TEMPVALUE_FOR_X931_AES_DRIVER_SIZE); + = xmalloc_secure (TEMPVALUE_FOR_X931_AES_DRIVER_SIZE); /* Allocate the random contexts. Note that we do not need to use secure memory for the nonce context. */ - nonce_context = gcry_xcalloc (1, sizeof *nonce_context); + nonce_context = xcalloc (1, sizeof *nonce_context); setup_guards (nonce_context); - std_rng_context = gcry_xcalloc_secure (1, sizeof *std_rng_context); + std_rng_context = xcalloc_secure (1, sizeof *std_rng_context); setup_guards (std_rng_context); - strong_rng_context = gcry_xcalloc_secure (1, sizeof *strong_rng_context); + strong_rng_context = xcalloc_secure (1, sizeof *strong_rng_context); setup_guards (strong_rng_context); } else @@ -916,7 +916,7 @@ selftest_kat (selftest_report_func_t report) gcry_assert (tempvalue_for_x931_aes_driver); - test_ctx = gcry_xcalloc (1, sizeof *test_ctx); + test_ctx = xcalloc (1, sizeof *test_ctx); setup_guards (test_ctx); lock_rng (); @@ -992,7 +992,7 @@ selftest_kat (selftest_report_func_t report) unlock_rng (); _gcry_cipher_close (test_ctx->cipher_hd); check_guards (test_ctx); - gcry_free (test_ctx); + xfree (test_ctx); if (report && errtxt) report ("random", 0, "KAT", errtxt); return errtxt? GPG_ERR_SELFTEST_FAILED : 0; @@ -1046,7 +1046,7 @@ _gcry_rngfips_init_external_test (void **r_context, unsigned int flags, || !dt || dtlen != 16 ) return GPG_ERR_INV_ARG; - test_ctx = gcry_calloc (1, sizeof *test_ctx + dtlen); + test_ctx = xtrycalloc (1, sizeof *test_ctx + dtlen); if (!test_ctx) return gpg_err_code_from_syserror (); setup_guards (test_ctx); @@ -1090,7 +1090,7 @@ _gcry_rngfips_init_external_test (void **r_context, unsigned int flags, if (rc) { _gcry_cipher_close (test_ctx->cipher_hd); - gcry_free (test_ctx); + xfree (test_ctx); *r_context = NULL; } else @@ -1124,6 +1124,6 @@ _gcry_rngfips_deinit_external_test (void *context) if (test_ctx) { _gcry_cipher_close (test_ctx->cipher_hd); - gcry_free (test_ctx); + xfree (test_ctx); } } diff --git a/random/random.c b/random/random.c index 97018c42..ff9d6d25 100644 --- a/random/random.c +++ b/random/random.c @@ -320,7 +320,7 @@ _gcry_random_bytes (size_t nbytes, enum gcry_random_level level) { void *buffer; - buffer = gcry_xmalloc (nbytes); + buffer = xmalloc (nbytes); do_randomize (buffer, nbytes, level); return buffer; } @@ -337,7 +337,7 @@ _gcry_random_bytes_secure (size_t nbytes, enum gcry_random_level level) /* Historical note (1.3.0--1.4.1): The buffer was only allocated in secure memory if the pool in random-csprng.c was also set to use secure memory. */ - buffer = gcry_xmalloc_secure (nbytes); + buffer = xmalloc_secure (nbytes); do_randomize (buffer, nbytes, level); return buffer; } diff --git a/random/rndegd.c b/random/rndegd.c index 464edf3d..d43fcbc1 100644 --- a/random/rndegd.c +++ b/random/rndegd.c @@ -129,10 +129,10 @@ _gcry_rndegd_set_socket_name (const char *name) newname = my_make_filename (name, NULL); if (strlen (newname)+1 >= sizeof addr.sun_path) { - gcry_free (newname); + xfree (newname); return gpg_error_from_syserror (); } - gcry_free (user_socket_name); + xfree (user_socket_name); user_socket_name = newname; return 0; } @@ -195,7 +195,7 @@ _gcry_rndegd_connect_socket (int nofail) close (fd); fd = -1; } - gcry_free(name); + xfree (name); if (fd != -1) egd_socket = fd; return fd; diff --git a/random/rndw32.c b/random/rndw32.c index 5c5d6c68..03dffaf8 100644 --- a/random/rndw32.c +++ b/random/rndw32.c @@ -469,7 +469,7 @@ registry_poll (void (*add)(const void*, size_t, enum random_origins), break; } } - gcry_free (pPerfData); + xfree (pPerfData); } /* Although this isn't documented in the Win32 API docs, it's necessary @@ -759,7 +759,7 @@ slow_gatherer ( void (*add)(const void*, size_t, enum random_origins), } gcry_assert (i < 100); } - gcry_free (buffer); + xfree (buffer); /* We couldn't get enough results from the kernel, fall back to the somewhat troublesome registry poll. */ diff --git a/src/context.c b/src/context.c index 8cd1a879..94e5be9e 100644 --- a/src/context.c +++ b/src/context.c @@ -67,7 +67,7 @@ _gcry_ctx_alloc (int type, size_t length, void (*deinit)(void*)) if (length < sizeof (PROPERLY_ALIGNED_TYPE)) length = sizeof (PROPERLY_ALIGNED_TYPE); - ctx = gcry_calloc (1, sizeof *ctx - sizeof (PROPERLY_ALIGNED_TYPE) + length); + ctx = xtrycalloc (1, sizeof *ctx - sizeof (PROPERLY_ALIGNED_TYPE) + length); if (!ctx) return NULL; memcpy (ctx->magic, CTX_MAGIC, CTX_MAGIC_LEN); @@ -133,5 +133,5 @@ _gcry_ctx_release (gcry_ctx_t ctx) } if (ctx->deinit) ctx->deinit (&ctx->u); - gcry_free (ctx); + xfree (ctx); } @@ -660,7 +660,7 @@ check_binary_integrity (void) "integrity check using `%s' failed: %s", fname? fname:"[?]", gpg_strerror (err)); #endif /*HAVE_SYSLOG*/ - gcry_free (fname); + xfree (fname); return !!err; #else return 0; diff --git a/src/g10lib.h b/src/g10lib.h index a326ad5f..4e083b8d 100644 --- a/src/g10lib.h +++ b/src/g10lib.h @@ -96,6 +96,36 @@ gcry_error_t _gcry_vcontrol (enum gcry_ctl_cmds cmd, va_list arg_ptr); void _gcry_check_heap (const void *a); int _gcry_get_debug_flag (unsigned int mask); +/* Malloc functions and common wrapper macros. */ +void *_gcry_malloc (size_t n) _GCRY_GCC_ATTR_MALLOC; +void *_gcry_calloc (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC; +void *_gcry_malloc_secure (size_t n) _GCRY_GCC_ATTR_MALLOC; +void *_gcry_calloc_secure (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC; +void *_gcry_realloc (void *a, size_t n); +char *_gcry_strdup (const char *string) _GCRY_GCC_ATTR_MALLOC; +void *_gcry_xmalloc (size_t n) _GCRY_GCC_ATTR_MALLOC; +void *_gcry_xcalloc (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC; +void *_gcry_xmalloc_secure (size_t n) _GCRY_GCC_ATTR_MALLOC; +void *_gcry_xcalloc_secure (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC; +void *_gcry_xrealloc (void *a, size_t n); +char *_gcry_xstrdup (const char * a) _GCRY_GCC_ATTR_MALLOC; +void _gcry_free (void *a); +int _gcry_is_secure (const void *a) _GCRY_GCC_ATTR_PURE; + +#define xtrymalloc(a) _gcry_malloc ((a)) +#define xtrycalloc(a,b) _gcry_calloc ((a),(b)) +#define xtrymalloc_secure(a) _gcry_malloc_secure ((a)) +#define xtrycalloc_secure(a,b) _gcry_calloc_secure ((a),(b)) +#define xtryrealloc(a,b) _gcry_realloc ((a),(b)) +#define xtrystrdup(a) _gcry_strdup ((a)) +#define xmalloc(a) _gcry_xmalloc ((a)) +#define xcalloc(a,b) _gcry_xcalloc ((a),(b)) +#define xmalloc_secure(a) _gcry_xmalloc_secure ((a)) +#define xcalloc_secure(a,b) _gcry_xcalloc_secure ((a),(b)) +#define xrealloc(a,b) _gcry_xrealloc ((a),(b)) +#define xstrdup(a) _gcry_xstrdup ((a)) +#define xfree(a) _gcry_free ((a)) + /*-- src/misc.c --*/ diff --git a/src/gcrypt-int.h b/src/gcrypt-int.h index e22baf69..65dcb4d0 100644 --- a/src/gcrypt-int.h +++ b/src/gcrypt-int.h @@ -51,7 +51,12 @@ typedef struct mpi_ec_ctx_s *mpi_ec_t; /* Underscore prefixed internal versions of the public functions. They return gpg_err_code and not gpg_error_t. Some macros also - need an underscore prefixed internal version. */ + need an underscore prefixed internal version. + + Note that the memory allocation functions and macros (xmalloc etc.) + are not defined here but in g10lib.h because this file here is + included by some test programs which define theie own xmalloc + macros. */ gpg_err_code_t _gcry_cipher_open (gcry_cipher_hd_t *handle, int algo, int mode, unsigned int flags); diff --git a/src/global.c b/src/global.c index 8a5d3100..cb66d371 100644 --- a/src/global.c +++ b/src/global.c @@ -827,7 +827,7 @@ do_malloc (size_t n, unsigned int flags, void **mem) } void * -gcry_malloc (size_t n) +_gcry_malloc (size_t n) { void *mem = NULL; @@ -837,7 +837,7 @@ gcry_malloc (size_t n) } void * -gcry_malloc_secure (size_t n) +_gcry_malloc_secure (size_t n) { void *mem = NULL; @@ -847,7 +847,7 @@ gcry_malloc_secure (size_t n) } int -gcry_is_secure (const void *a) +_gcry_is_secure (const void *a) { if (get_no_secure_memory ()) return 0; @@ -871,17 +871,17 @@ _gcry_check_heap( const void *a ) } void * -gcry_realloc (void *a, size_t n) +_gcry_realloc (void *a, size_t n) { void *p; /* To avoid problems with non-standard realloc implementations and our own secmem_realloc, we divert to malloc and free here. */ if (!a) - return gcry_malloc (n); + return _gcry_malloc (n); if (!n) { - gcry_free (a); + xfree (a); return NULL; } @@ -895,7 +895,7 @@ gcry_realloc (void *a, size_t n) } void -gcry_free (void *p) +_gcry_free (void *p) { int save_errno; @@ -916,7 +916,7 @@ gcry_free (void *p) } void * -gcry_calloc (size_t n, size_t m) +_gcry_calloc (size_t n, size_t m) { size_t bytes; void *p; @@ -929,14 +929,14 @@ gcry_calloc (size_t n, size_t m) return NULL; } - p = gcry_malloc (bytes); + p = _gcry_malloc (bytes); if (p) memset (p, 0, bytes); return p; } void * -gcry_calloc_secure (size_t n, size_t m) +_gcry_calloc_secure (size_t n, size_t m) { size_t bytes; void *p; @@ -949,7 +949,7 @@ gcry_calloc_secure (size_t n, size_t m) return NULL; } - p = gcry_malloc_secure (bytes); + p = _gcry_malloc_secure (bytes); if (p) memset (p, 0, bytes); return p; @@ -961,17 +961,17 @@ gcry_calloc_secure (size_t n, size_t m) secure memory as well. In an out-of-memory condition, NULL is returned. */ char * -gcry_strdup (const char *string) +_gcry_strdup (const char *string) { char *string_cp = NULL; size_t string_n = 0; string_n = strlen (string); - if (gcry_is_secure (string)) - string_cp = gcry_malloc_secure (string_n + 1); + if (_gcry_is_secure (string)) + string_cp = _gcry_malloc_secure (string_n + 1); else - string_cp = gcry_malloc (string_n + 1); + string_cp = _gcry_malloc (string_n + 1); if (string_cp) strcpy (string_cp, string); @@ -981,11 +981,11 @@ gcry_strdup (const char *string) void * -gcry_xmalloc( size_t n ) +_gcry_xmalloc( size_t n ) { void *p; - while ( !(p = gcry_malloc( n )) ) + while ( !(p = _gcry_malloc( n )) ) { if ( fips_mode () || !outofcore_handler @@ -998,16 +998,16 @@ gcry_xmalloc( size_t n ) } void * -gcry_xrealloc( void *a, size_t n ) +_gcry_xrealloc( void *a, size_t n ) { void *p; - while ( !(p = gcry_realloc( a, n )) ) + while ( !(p = _gcry_realloc( a, n )) ) { if ( fips_mode () || !outofcore_handler || !outofcore_handler (outofcore_handler_value, n, - gcry_is_secure(a)? 3:2 ) ) + _gcry_is_secure(a)? 3:2)) { _gcry_fatal_error (gpg_err_code_from_errno (errno), NULL ); } @@ -1016,11 +1016,11 @@ gcry_xrealloc( void *a, size_t n ) } void * -gcry_xmalloc_secure( size_t n ) +_gcry_xmalloc_secure( size_t n ) { void *p; - while ( !(p = gcry_malloc_secure( n )) ) + while ( !(p = _gcry_malloc_secure( n )) ) { if ( fips_mode () || !outofcore_handler @@ -1035,7 +1035,7 @@ gcry_xmalloc_secure( size_t n ) void * -gcry_xcalloc( size_t n, size_t m ) +_gcry_xcalloc( size_t n, size_t m ) { size_t nbytes; void *p; @@ -1047,13 +1047,13 @@ gcry_xcalloc( size_t n, size_t m ) _gcry_fatal_error(gpg_err_code_from_errno (errno), NULL ); } - p = gcry_xmalloc ( nbytes ); + p = _gcry_xmalloc ( nbytes ); memset ( p, 0, nbytes ); return p; } void * -gcry_xcalloc_secure( size_t n, size_t m ) +_gcry_xcalloc_secure( size_t n, size_t m ) { size_t nbytes; void *p; @@ -1065,20 +1065,20 @@ gcry_xcalloc_secure( size_t n, size_t m ) _gcry_fatal_error(gpg_err_code_from_errno (errno), NULL ); } - p = gcry_xmalloc_secure ( nbytes ); + p = _gcry_xmalloc_secure ( nbytes ); memset ( p, 0, nbytes ); return p; } char * -gcry_xstrdup (const char *string) +_gcry_xstrdup (const char *string) { char *p; - while ( !(p = gcry_strdup (string)) ) + while ( !(p = _gcry_strdup (string)) ) { size_t n = strlen (string); - int is_sec = !!gcry_is_secure (string); + int is_sec = !!_gcry_is_secure (string); if (fips_mode () || !outofcore_handler @@ -355,7 +355,7 @@ _gcry_log_printmpi (const char *text, gcry_mpi_t mpi) do_printhex (text, sign? "-":"+", "", 1); else do_printhex (text, sign? "-":"+", rawmpi, rawmpilen); - gcry_free (rawmpi); + xfree (rawmpi); } } } @@ -400,7 +400,7 @@ _gcry_log_printsxp (const char *text, gcry_sexp_t sexp) size_t size; size = sexp_sprint (sexp, GCRYSEXP_FMT_ADVANCED, NULL, 0); - p = buf = gcry_xmalloc (size); + p = buf = xmalloc (size); sexp_sprint (sexp, GCRYSEXP_FMT_ADVANCED, buf, size); do @@ -429,7 +429,7 @@ _gcry_log_printsxp (const char *text, gcry_sexp_t sexp) log_printf ("\n"); } while (*p); - gcry_free (buf); + xfree (buf); } else if (text) log_printf ("\n"); @@ -269,7 +269,7 @@ _gcry_sexp_release( gcry_sexp_t sexp ) { if (sexp) { - if (gcry_is_secure (sexp)) + if (_gcry_is_secure (sexp)) { /* Extra paranoid wiping. */ const byte *p = sexp->d; @@ -298,7 +298,7 @@ _gcry_sexp_release( gcry_sexp_t sexp ) } wipememory (sexp->d, p - sexp->d); } - gcry_free ( sexp ); + xfree ( sexp ); } } @@ -434,7 +434,7 @@ _gcry_sexp_find_token( const gcry_sexp_t list, const char *tok, size_t toklen ) } n = p - head; - newlist = gcry_malloc ( sizeof *newlist + n ); + newlist = xtrymalloc ( sizeof *newlist + n ); if (!newlist) { /* No way to return an error code, so we can only @@ -589,7 +589,7 @@ _gcry_sexp_nth (const gcry_sexp_t list, int number) { memcpy (&n, p, sizeof n); p += sizeof n; - newlist = gcry_malloc (sizeof *newlist + n + 1); + newlist = xtrymalloc (sizeof *newlist + n + 1); if (!newlist) return NULL; d = newlist->d; @@ -625,7 +625,7 @@ _gcry_sexp_nth (const gcry_sexp_t list, int number) } while (level); n = p + 1 - head; - newlist = gcry_malloc (sizeof *newlist + n); + newlist = xtrymalloc (sizeof *newlist + n); if (!newlist) return NULL; d = newlist->d; @@ -729,7 +729,7 @@ _gcry_sexp_nth_buffer (const gcry_sexp_t list, int number, size_t *rlength) s = do_sexp_nth_data (list, number, &n); if (!s || !n) return NULL; - buf = gcry_malloc (n); + buf = xtrymalloc (n); if (!buf) return NULL; memcpy (buf, s, n); @@ -750,7 +750,7 @@ _gcry_sexp_nth_string (const gcry_sexp_t list, int number) s = do_sexp_nth_data (list, number, &n); if (!s || n < 1 || (n+1) < 1) return NULL; - buf = gcry_malloc (n+1); + buf = xtrymalloc (n+1); if (!buf) return NULL; memcpy (buf, s, n); @@ -776,11 +776,11 @@ _gcry_sexp_nth_mpi (gcry_sexp_t list, int number, int mpifmt) if (!p) return NULL; - a = gcry_is_secure (list)? _gcry_mpi_snew (0) : _gcry_mpi_new (0); + a = _gcry_is_secure (list)? _gcry_mpi_snew (0) : _gcry_mpi_new (0); if (a) mpi_set_opaque (a, p, n*8); else - gcry_free (p); + xfree (p); } else { @@ -872,7 +872,7 @@ _gcry_sexp_cdr(const gcry_sexp_t list) } while (level); n = p - head; - newlist = gcry_malloc (sizeof *newlist + n + 2); + newlist = xtrymalloc (sizeof *newlist + n + 2); if (!newlist) return NULL; d = newlist->d; @@ -934,7 +934,7 @@ make_space ( struct make_space_ctx *c, size_t n ) newsize = c->allocated + 2*(n+sizeof(DATALEN)+1); if (newsize <= c->allocated) return GPG_ERR_TOO_LARGE; - newsexp = gcry_realloc ( c->sexp, sizeof *newsexp + newsize - 1); + newsexp = xtryrealloc ( c->sexp, sizeof *newsexp + newsize - 1); if (!newsexp) return gpg_err_code_from_errno (errno); c->allocated = newsize; @@ -1109,10 +1109,10 @@ do_vsexp_sscan (gcry_sexp_t *retsexp, size_t *erroff, the provided one. However, we add space for one extra datalen so that the code which does the ST_CLOSE can use MAKE_SPACE */ c.allocated = length + sizeof(DATALEN); - if (buffer && length && gcry_is_secure (buffer)) - c.sexp = gcry_malloc_secure (sizeof *c.sexp + c.allocated - 1); + if (buffer && length && _gcry_is_secure (buffer)) + c.sexp = xtrymalloc_secure (sizeof *c.sexp + c.allocated - 1); else - c.sexp = gcry_malloc (sizeof *c.sexp + c.allocated - 1); + c.sexp = xtrymalloc (sizeof *c.sexp + c.allocated - 1); if (!c.sexp) { err = gpg_err_code_from_errno (errno); @@ -1342,15 +1342,15 @@ do_vsexp_sscan (gcry_sexp_t *retsexp, size_t *erroff, if (mp && nm) { MAKE_SPACE (nm); - if (!gcry_is_secure (c.sexp->d) + if (!_gcry_is_secure (c.sexp->d) && mpi_get_flag (m, GCRYMPI_FLAG_SECURE)) { /* We have to switch to secure allocation. */ gcry_sexp_t newsexp; byte *newhead; - newsexp = gcry_malloc_secure (sizeof *newsexp - + c.allocated - 1); + newsexp = xtrymalloc_secure (sizeof *newsexp + + c.allocated - 1); if (!newsexp) { err = gpg_err_code_from_errno (errno); @@ -1359,7 +1359,7 @@ do_vsexp_sscan (gcry_sexp_t *retsexp, size_t *erroff, newhead = newsexp->d; memcpy (newhead, c.sexp->d, (c.pos - c.sexp->d)); c.pos = newhead + (c.pos - c.sexp->d); - gcry_free (c.sexp); + xfree (c.sexp); c.sexp = newsexp; } @@ -1375,15 +1375,15 @@ do_vsexp_sscan (gcry_sexp_t *retsexp, size_t *erroff, BUG (); MAKE_SPACE (nm); - if (!gcry_is_secure (c.sexp->d) + if (!_gcry_is_secure (c.sexp->d) && mpi_get_flag ( m, GCRYMPI_FLAG_SECURE)) { /* We have to switch to secure allocation. */ gcry_sexp_t newsexp; byte *newhead; - newsexp = gcry_malloc_secure (sizeof *newsexp - + c.allocated - 1); + newsexp = xtrymalloc_secure (sizeof *newsexp + + c.allocated - 1); if (!newsexp) { err = gpg_err_code_from_errno (errno); @@ -1392,7 +1392,7 @@ do_vsexp_sscan (gcry_sexp_t *retsexp, size_t *erroff, newhead = newsexp->d; memcpy (newhead, c.sexp->d, (c.pos - c.sexp->d)); c.pos = newhead + (c.pos - c.sexp->d); - gcry_free (c.sexp); + xfree (c.sexp); c.sexp = newsexp; } @@ -1429,15 +1429,15 @@ do_vsexp_sscan (gcry_sexp_t *retsexp, size_t *erroff, MAKE_SPACE (alen); if (alen - && !gcry_is_secure (c.sexp->d) - && gcry_is_secure (astr)) + && !_gcry_is_secure (c.sexp->d) + && _gcry_is_secure (astr)) { /* We have to switch to secure allocation. */ gcry_sexp_t newsexp; byte *newhead; - newsexp = gcry_malloc_secure (sizeof *newsexp - + c.allocated - 1); + newsexp = xtrymalloc_secure (sizeof *newsexp + + c.allocated - 1); if (!newsexp) { err = gpg_err_code_from_errno (errno); @@ -1446,7 +1446,7 @@ do_vsexp_sscan (gcry_sexp_t *retsexp, size_t *erroff, newhead = newsexp->d; memcpy (newhead, c.sexp->d, (c.pos - c.sexp->d)); c.pos = newhead + (c.pos - c.sexp->d); - gcry_free (c.sexp); + xfree (c.sexp); c.sexp = newsexp; } @@ -1627,9 +1627,9 @@ do_vsexp_sscan (gcry_sexp_t *retsexp, size_t *erroff, if (c.sexp) { /* Extra paranoid wipe on error. */ - if (gcry_is_secure (c.sexp)) + if (_gcry_is_secure (c.sexp)) wipememory (c.sexp, sizeof (struct gcry_sexp) + c.allocated - 1); - gcry_free (c.sexp); + xfree (c.sexp); } /* This might be expected by existing code... */ *retsexp = NULL; @@ -2359,7 +2359,7 @@ _gcry_sexp_vextract_param (gcry_sexp_t sexp, const char *path, { /* We might have allocated a buffer. */ gcry_buffer_t *spec = (gcry_buffer_t*)array[idx]; - gcry_free (spec->data); + xfree (spec->data); spec->data = NULL; spec->size = spec->off = spec->len = 0; } diff --git a/src/visibility.h b/src/visibility.h index c791ffb5..4127a432 100644 --- a/src/visibility.h +++ b/src/visibility.h @@ -24,23 +24,6 @@ use the underscore prefixed version internally. */ -#define gcry_free _gcry_free -#define gcry_malloc _gcry_malloc -#define gcry_malloc_secure _gcry_malloc_secure -#define gcry_calloc _gcry_calloc -#define gcry_calloc_secure _gcry_calloc_secure -#define gcry_realloc _gcry_realloc -#define gcry_strdup _gcry_strdup -#define gcry_is_secure _gcry_is_secure -#define gcry_xcalloc _gcry_xcalloc -#define gcry_xcalloc_secure _gcry_xcalloc_secure -#define gcry_xmalloc _gcry_xmalloc -#define gcry_xmalloc_secure _gcry_xmalloc_secure -#define gcry_xrealloc _gcry_xrealloc -#define gcry_xstrdup _gcry_xstrdup - - - /* Include the main header here so that public symbols are mapped to the internal underscored ones. */ #ifdef _GCRY_INCLUDED_BY_VISIBILITY_C @@ -67,38 +50,15 @@ gcry_err_code_t gcry_md_get (gcry_md_hd_t hd, int algo, #ifdef _GCRY_INCLUDED_BY_VISIBILITY_C -/* A macro to flag a function as visible. Note that we take the - definition from the mapped name. */ +/* A macro to flag a function as visible. */ #ifdef GCRY_USE_VISIBILITY -# define MARK_VISIBLE(name) \ - extern __typeof__ (_##name) name __attribute__ ((visibility("default"))); # define MARK_VISIBLEX(name) \ extern __typeof__ (name) name __attribute__ ((visibility("default"))); #else -# define MARK_VISIBLE(name) /* */ # define MARK_VISIBLEX(name) /* */ #endif -/* First undef all redefined symbols so that we set the attribute on - the correct version name. */ - -#undef gcry_free -#undef gcry_malloc -#undef gcry_malloc_secure -#undef gcry_calloc -#undef gcry_calloc_secure -#undef gcry_realloc -#undef gcry_strdup -#undef gcry_is_secure -#undef gcry_xcalloc -#undef gcry_xcalloc_secure -#undef gcry_xmalloc -#undef gcry_xmalloc_secure -#undef gcry_xrealloc -#undef gcry_xstrdup - - /* Now mark all symbols. */ MARK_VISIBLEX (gcry_check_version) @@ -118,20 +78,20 @@ MARK_VISIBLEX (gcry_error_from_errno) MARK_VISIBLEX (gcry_strerror) MARK_VISIBLEX (gcry_strsource) -MARK_VISIBLE (gcry_free) -MARK_VISIBLE (gcry_malloc) -MARK_VISIBLE (gcry_malloc_secure) -MARK_VISIBLE (gcry_calloc) -MARK_VISIBLE (gcry_calloc_secure) -MARK_VISIBLE (gcry_realloc) -MARK_VISIBLE (gcry_strdup) -MARK_VISIBLE (gcry_is_secure) -MARK_VISIBLE (gcry_xcalloc) -MARK_VISIBLE (gcry_xcalloc_secure) -MARK_VISIBLE (gcry_xmalloc) -MARK_VISIBLE (gcry_xmalloc_secure) -MARK_VISIBLE (gcry_xrealloc) -MARK_VISIBLE (gcry_xstrdup) +MARK_VISIBLEX (gcry_malloc) +MARK_VISIBLEX (gcry_malloc_secure) +MARK_VISIBLEX (gcry_calloc) +MARK_VISIBLEX (gcry_calloc_secure) +MARK_VISIBLEX (gcry_realloc) +MARK_VISIBLEX (gcry_strdup) +MARK_VISIBLEX (gcry_is_secure) +MARK_VISIBLEX (gcry_xcalloc) +MARK_VISIBLEX (gcry_xcalloc_secure) +MARK_VISIBLEX (gcry_xmalloc) +MARK_VISIBLEX (gcry_xmalloc_secure) +MARK_VISIBLEX (gcry_xrealloc) +MARK_VISIBLEX (gcry_xstrdup) +MARK_VISIBLEX (gcry_free) MARK_VISIBLEX (gcry_md_algo_info) MARK_VISIBLEX (gcry_md_algo_name) @@ -319,8 +279,7 @@ MARK_VISIBLEX (gcry_log_debugsxp) MARK_VISIBLEX (_gcry_mpi_get_const) - -#undef MARK_VISIBLE +#undef MARK_VISIBLEX #else /*!_GCRY_INCLUDED_BY_VISIBILITY_C*/ @@ -329,8 +288,6 @@ MARK_VISIBLEX (_gcry_mpi_get_const) between a public and an internal version is that the internal version use gpg_err_code_t and the public version gpg_error_t. */ -#define gcry_mpi_set_opaque_copy _gcry_USE_THE_UNDERSCORED_FUNCTION - #define gcry_check_version _gcry_USE_THE_UNDERSCORED_FUNCTION #define gcry_control _gcry_USE_THE_UNDERSCORED_FUNCTION @@ -348,6 +305,21 @@ MARK_VISIBLEX (_gcry_mpi_get_const) #define gcry_strerror _gcry_USE_THE_UNDERSCORED_FUNCTION #define gcry_strsource _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_malloc _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_malloc_secure _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_calloc _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_calloc_secure _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_realloc _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_strdup _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_xcalloc _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_xcalloc_secure _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_xmalloc _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_xmalloc_secure _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_xrealloc _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_xstrdup _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_free _gcry_USE_THE_UNDERSCORED_FUNCTION +#define gcry_is_secure _gcry_USE_THE_UNDERSCORED_FUNCTION + #define gcry_cipher_open _gcry_USE_THE_UNDERSCORED_FUNCTION #define gcry_cipher_close _gcry_USE_THE_UNDERSCORED_FUNCTION #define gcry_cipher_setkey _gcry_USE_THE_UNDERSCORED_FUNCTION @@ -510,7 +482,6 @@ MARK_VISIBLEX (_gcry_mpi_get_const) #define gcry_mpi_swap _gcry_USE_THE_UNDERSCORED_FUNCTION #define gcry_mpi_test_bit _gcry_USE_THE_UNDERSCORED_FUNCTION - #define gcry_mpi_abs _gcry_USE_THE_UNDERSCORED_FUNCTION #define gcry_mpi_ec_add _gcry_USE_THE_UNDERSCORED_FUNCTION #define gcry_mpi_ec_curve_point _gcry_USE_THE_UNDERSCORED_FUNCTION |