Work around language and compiler bug in memcpy, etc.
Most C standard library functions are undefined if passed NULL, even
when the corresponding length is zero. This gives them (and, in turn,
all functions which call them) surprising behavior on empty arrays.
Some compilers will miscompile code due to this rule. See also
https://www.imperialviolet.org/2016/06/26/nonnull.html
Add OPENSSL_memcpy, etc., wrappers which avoid this problem.
BUG=23
Change-Id: I95f42b23e92945af0e681264fffaf578e7f8465e
Reviewed-on: https://boringssl-review.googlesource.com/12928
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/crypto/aes/aes_test.cc b/crypto/aes/aes_test.cc
index 4fb3a31..20a8792 100644
--- a/crypto/aes/aes_test.cc
+++ b/crypto/aes/aes_test.cc
@@ -21,6 +21,7 @@
#include <openssl/aes.h>
#include <openssl/crypto.h>
+#include "../internal.h"
#include "../test/file_test.h"
@@ -54,7 +55,7 @@
}
// Test in-place encryption.
- memcpy(block, plaintext.data(), AES_BLOCK_SIZE);
+ OPENSSL_memcpy(block, plaintext.data(), AES_BLOCK_SIZE);
AES_encrypt(block, block, &aes_key);
if (!t->ExpectBytesEqual(block, AES_BLOCK_SIZE, ciphertext.data(),
ciphertext.size())) {
@@ -76,7 +77,7 @@
}
// Test in-place decryption.
- memcpy(block, ciphertext.data(), AES_BLOCK_SIZE);
+ OPENSSL_memcpy(block, ciphertext.data(), AES_BLOCK_SIZE);
AES_decrypt(block, block, &aes_key);
if (!t->ExpectBytesEqual(block, AES_BLOCK_SIZE, plaintext.data(),
plaintext.size())) {
@@ -123,7 +124,7 @@
return false;
}
- memset(buf.get(), 0, ciphertext.size());
+ OPENSSL_memset(buf.get(), 0, ciphertext.size());
if (AES_wrap_key(&aes_key, kDefaultIV, buf.get(), plaintext.data(),
plaintext.size()) != static_cast<int>(ciphertext.size()) ||
!t->ExpectBytesEqual(buf.get(), ciphertext.size(), ciphertext.data(),
@@ -146,7 +147,7 @@
return false;
}
- memset(buf.get(), 0, plaintext.size());
+ OPENSSL_memset(buf.get(), 0, plaintext.size());
if (AES_unwrap_key(&aes_key, kDefaultIV, buf.get(), ciphertext.data(),
ciphertext.size()) != static_cast<int>(plaintext.size()) ||
!t->ExpectBytesEqual(buf.get(), plaintext.size(), plaintext.data(),
diff --git a/crypto/aes/key_wrap.c b/crypto/aes/key_wrap.c
index c8b6a03..23553b7 100644
--- a/crypto/aes/key_wrap.c
+++ b/crypto/aes/key_wrap.c
@@ -53,6 +53,8 @@
#include <openssl/mem.h>
+#include "../internal.h"
+
/* kDefaultIV is the default IV value given in RFC 3394, 2.2.3.1. */
static const uint8_t kDefaultIV[] = {
@@ -73,15 +75,15 @@
iv = kDefaultIV;
}
- memmove(out + 8, in, in_len);
+ OPENSSL_memmove(out + 8, in, in_len);
uint8_t A[AES_BLOCK_SIZE];
- memcpy(A, iv, 8);
+ OPENSSL_memcpy(A, iv, 8);
size_t n = in_len / 8;
for (unsigned j = 0; j < kBound; j++) {
for (size_t i = 1; i <= n; i++) {
- memcpy(A + 8, out + 8 * i, 8);
+ OPENSSL_memcpy(A + 8, out + 8 * i, 8);
AES_encrypt(A, A, key);
uint32_t t = (uint32_t)(n * j + i);
@@ -89,11 +91,11 @@
A[6] ^= (t >> 8) & 0xff;
A[5] ^= (t >> 16) & 0xff;
A[4] ^= (t >> 24) & 0xff;
- memcpy(out + 8 * i, A + 8, 8);
+ OPENSSL_memcpy(out + 8 * i, A + 8, 8);
}
}
- memcpy(out, A, 8);
+ OPENSSL_memcpy(out, A, 8);
return (int)in_len + 8;
}
@@ -110,8 +112,8 @@
}
uint8_t A[AES_BLOCK_SIZE];
- memcpy(A, in, 8);
- memmove(out, in + 8, in_len - 8);
+ OPENSSL_memcpy(A, in, 8);
+ OPENSSL_memmove(out, in + 8, in_len - 8);
size_t n = (in_len / 8) - 1;
@@ -122,9 +124,9 @@
A[6] ^= (t >> 8) & 0xff;
A[5] ^= (t >> 16) & 0xff;
A[4] ^= (t >> 24) & 0xff;
- memcpy(A + 8, out + 8 * (i - 1), 8);
+ OPENSSL_memcpy(A + 8, out + 8 * (i - 1), 8);
AES_decrypt(A, A, key);
- memcpy(out + 8 * (i - 1), A + 8, 8);
+ OPENSSL_memcpy(out + 8 * (i - 1), A + 8, 8);
}
}
diff --git a/crypto/asn1/a_bitstr.c b/crypto/asn1/a_bitstr.c
index 2705ea5..ea9da24 100644
--- a/crypto/asn1/a_bitstr.c
+++ b/crypto/asn1/a_bitstr.c
@@ -61,6 +61,9 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
+
int ASN1_BIT_STRING_set(ASN1_BIT_STRING *x, unsigned char *d, int len)
{
return M_ASN1_BIT_STRING_set(x, d, len);
@@ -115,7 +118,7 @@
*(p++) = (unsigned char)bits;
d = a->data;
- memcpy(p, d, len);
+ OPENSSL_memcpy(p, d, len);
p += len;
if (len > 0)
p[-1] &= (0xff << bits);
@@ -162,7 +165,7 @@
OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);
goto err;
}
- memcpy(s, p, (int)len);
+ OPENSSL_memcpy(s, p, (int)len);
s[len - 1] &= (0xff << padding);
p += len;
} else
@@ -215,7 +218,7 @@
return 0;
}
if (w + 1 - a->length > 0)
- memset(c + a->length, 0, w + 1 - a->length);
+ OPENSSL_memset(c + a->length, 0, w + 1 - a->length);
a->data = c;
a->length = w + 1;
}
diff --git a/crypto/asn1/a_enum.c b/crypto/asn1/a_enum.c
index 0b95fc9..cc46905 100644
--- a/crypto/asn1/a_enum.c
+++ b/crypto/asn1/a_enum.c
@@ -61,6 +61,9 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
+
/*
* Code for ENUMERATED type: identical to INTEGER apart from a different tag.
* for comments on encoding see a_int.c
@@ -79,7 +82,7 @@
OPENSSL_free(a->data);
if ((a->data =
(unsigned char *)OPENSSL_malloc(sizeof(long) + 1)) != NULL)
- memset((char *)a->data, 0, sizeof(long) + 1);
+ OPENSSL_memset((char *)a->data, 0, sizeof(long) + 1);
}
if (a->data == NULL) {
OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);
diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c
index 38a01bc..617ba96 100644
--- a/crypto/asn1/a_int.c
+++ b/crypto/asn1/a_int.c
@@ -61,6 +61,9 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
+
ASN1_INTEGER *ASN1_INTEGER_dup(const ASN1_INTEGER *x)
{
return M_ASN1_INTEGER_dup(x);
@@ -157,7 +160,7 @@
if (a->length == 0)
*(p++) = 0;
else if (!neg)
- memcpy(p, a->data, (unsigned int)a->length);
+ OPENSSL_memcpy(p, a->data, (unsigned int)a->length);
else {
/* Begin at the end of the encoding */
n = a->data + a->length - 1;
@@ -254,7 +257,7 @@
p++;
len--;
}
- memcpy(s, p, (int)len);
+ OPENSSL_memcpy(s, p, (int)len);
}
if (ret->data != NULL)
@@ -322,7 +325,7 @@
p++;
len--;
}
- memcpy(s, p, (int)len);
+ OPENSSL_memcpy(s, p, (int)len);
p += len;
}
@@ -354,7 +357,7 @@
OPENSSL_free(a->data);
if ((a->data =
(unsigned char *)OPENSSL_malloc(sizeof(long) + 1)) != NULL)
- memset((char *)a->data, 0, sizeof(long) + 1);
+ OPENSSL_memset((char *)a->data, 0, sizeof(long) + 1);
}
if (a->data == NULL) {
OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);
diff --git a/crypto/asn1/a_object.c b/crypto/asn1/a_object.c
index fef9b79..a710add 100644
--- a/crypto/asn1/a_object.c
+++ b/crypto/asn1/a_object.c
@@ -63,6 +63,9 @@
#include <openssl/mem.h>
#include <openssl/obj.h>
+#include "../internal.h"
+
+
int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp)
{
unsigned char *p;
@@ -77,7 +80,7 @@
p = *pp;
ASN1_put_object(&p, 0, a->length, V_ASN1_OBJECT, V_ASN1_UNIVERSAL);
- memcpy(p, a->data, a->length);
+ OPENSSL_memcpy(p, a->data, a->length);
p += a->length;
*pp = p;
@@ -321,7 +324,7 @@
}
ret->flags |= ASN1_OBJECT_FLAG_DYNAMIC_DATA;
}
- memcpy(data, p, length);
+ OPENSSL_memcpy(data, p, length);
/* reattach data to object, after which it remains const */
ret->data = data;
ret->length = length;
diff --git a/crypto/asn1/a_utctm.c b/crypto/asn1/a_utctm.c
index db5cd29..3b9d257 100644
--- a/crypto/asn1/a_utctm.c
+++ b/crypto/asn1/a_utctm.c
@@ -270,7 +270,7 @@
struct tm tm;
int offset;
- memset(&tm, '\0', sizeof tm);
+ OPENSSL_memset(&tm, '\0', sizeof tm);
# define g2(p) (((p)[0]-'0')*10+(p)[1]-'0')
tm.tm_year = g2(s->data);
diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c
index 94553b1..774f151 100644
--- a/crypto/asn1/asn1_lib.c
+++ b/crypto/asn1/asn1_lib.c
@@ -63,6 +63,9 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
+
/* Cross-module errors from crypto/x509/i2d_pr.c. */
OPENSSL_DECLARE_ERROR_REASON(ASN1, UNSUPPORTED_PUBLIC_KEY_TYPE)
@@ -401,7 +404,7 @@
}
str->length = len;
if (data != NULL) {
- memcpy(str->data, data, len);
+ OPENSSL_memcpy(str->data, data, len);
/* an allowance for strings :-) */
str->data[len] = '\0';
}
@@ -452,7 +455,7 @@
i = (a->length - b->length);
if (i == 0) {
- i = memcmp(a->data, b->data, a->length);
+ i = OPENSSL_memcmp(a->data, b->data, a->length);
if (i == 0)
return (a->type - b->type);
else
diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c
index dfbd222..40778a8 100644
--- a/crypto/asn1/tasn_dec.c
+++ b/crypto/asn1/tasn_dec.c
@@ -1108,7 +1108,7 @@
OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE);
return 0;
}
- memcpy(buf->data + len, *p, plen);
+ OPENSSL_memcpy(buf->data + len, *p, plen);
}
*p += plen;
return 1;
diff --git a/crypto/asn1/tasn_enc.c b/crypto/asn1/tasn_enc.c
index 7c2b365..9286ef6 100644
--- a/crypto/asn1/tasn_enc.c
+++ b/crypto/asn1/tasn_enc.c
@@ -62,6 +62,9 @@
#include <openssl/asn1t.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
+
static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
const ASN1_ITEM *it, int tag, int aclass);
static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
@@ -415,7 +418,7 @@
const DER_ENC *d1 = a, *d2 = b;
int cmplen, i;
cmplen = (d1->length < d2->length) ? d1->length : d2->length;
- i = memcmp(d1->data, d2->data, cmplen);
+ i = OPENSSL_memcmp(d1->data, d2->data, cmplen);
if (i)
return i;
return d1->length - d2->length;
@@ -470,7 +473,7 @@
/* Output sorted DER encoding */
p = *out;
for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) {
- memcpy(p, tder->data, tder->length);
+ OPENSSL_memcpy(p, tder->data, tder->length);
p += tder->length;
}
*out = p;
@@ -660,6 +663,6 @@
}
if (cout && len)
- memcpy(cout, cont, len);
+ OPENSSL_memcpy(cout, cont, len);
return len;
}
diff --git a/crypto/asn1/tasn_new.c b/crypto/asn1/tasn_new.c
index 232fe46..053b732 100644
--- a/crypto/asn1/tasn_new.c
+++ b/crypto/asn1/tasn_new.c
@@ -63,6 +63,9 @@
#include <openssl/mem.h>
#include <openssl/obj.h>
+#include "../internal.h"
+
+
static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
int combine);
static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it);
@@ -153,7 +156,7 @@
*pval = OPENSSL_malloc(it->size);
if (!*pval)
goto memerr;
- memset(*pval, 0, it->size);
+ OPENSSL_memset(*pval, 0, it->size);
}
asn1_set_choice_selector(pval, -1, it);
if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, NULL))
@@ -178,7 +181,7 @@
*pval = OPENSSL_malloc(it->size);
if (!*pval)
goto memerr;
- memset(*pval, 0, it->size);
+ OPENSSL_memset(*pval, 0, it->size);
asn1_refcount_set_one(pval, it);
asn1_enc_init(pval, it);
}
diff --git a/crypto/asn1/tasn_utl.c b/crypto/asn1/tasn_utl.c
index 3f53072..a7516f6 100644
--- a/crypto/asn1/tasn_utl.c
+++ b/crypto/asn1/tasn_utl.c
@@ -178,7 +178,7 @@
if (!enc->enc) {
return 0;
}
- memcpy(enc->enc, in, inlen);
+ OPENSSL_memcpy(enc->enc, in, inlen);
}
enc->len = inlen;
@@ -195,7 +195,7 @@
return 0;
}
if (out) {
- memcpy(*out, enc->enc, enc->len);
+ OPENSSL_memcpy(*out, enc->enc, enc->len);
*out += enc->len;
}
if (len) {
diff --git a/crypto/asn1/x_long.c b/crypto/asn1/x_long.c
index bc4d275..b53127a 100644
--- a/crypto/asn1/x_long.c
+++ b/crypto/asn1/x_long.c
@@ -63,6 +63,9 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
+
/*
* Custom primitive type for long handling. This converts between an
* ASN1_INTEGER and a long directly.
@@ -117,7 +120,7 @@
char *cp = (char *)pval;
/* use memcpy, because we may not be long aligned */
- memcpy(<mp, cp, sizeof(long));
+ OPENSSL_memcpy(<mp, cp, sizeof(long));
if (ltmp == it->size)
return -1;
@@ -186,7 +189,7 @@
OPENSSL_PUT_ERROR(ASN1, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
return 0;
}
- memcpy(cp, <mp, sizeof(long));
+ OPENSSL_memcpy(cp, <mp, sizeof(long));
return 1;
}
diff --git a/crypto/base64/base64.c b/crypto/base64/base64.c
index a74c3f5..7afadf7 100644
--- a/crypto/base64/base64.c
+++ b/crypto/base64/base64.c
@@ -62,6 +62,8 @@
#include <openssl/type_check.h>
+#include "../internal.h"
+
/* Encoding. */
@@ -95,7 +97,7 @@
}
void EVP_EncodeInit(EVP_ENCODE_CTX *ctx) {
- memset(ctx, 0, sizeof(EVP_ENCODE_CTX));
+ OPENSSL_memset(ctx, 0, sizeof(EVP_ENCODE_CTX));
}
void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, uint8_t *out, int *out_len,
@@ -110,14 +112,14 @@
assert(ctx->data_used < sizeof(ctx->data));
if (sizeof(ctx->data) - ctx->data_used > in_len) {
- memcpy(&ctx->data[ctx->data_used], in, in_len);
+ OPENSSL_memcpy(&ctx->data[ctx->data_used], in, in_len);
ctx->data_used += (unsigned)in_len;
return;
}
if (ctx->data_used != 0) {
const size_t todo = sizeof(ctx->data) - ctx->data_used;
- memcpy(&ctx->data[ctx->data_used], in, todo);
+ OPENSSL_memcpy(&ctx->data[ctx->data_used], in, todo);
in += todo;
in_len -= todo;
@@ -149,7 +151,7 @@
}
if (in_len != 0) {
- memcpy(ctx->data, in, in_len);
+ OPENSSL_memcpy(ctx->data, in, in_len);
}
ctx->data_used = (unsigned)in_len;
@@ -224,7 +226,7 @@
}
void EVP_DecodeInit(EVP_ENCODE_CTX *ctx) {
- memset(ctx, 0, sizeof(EVP_ENCODE_CTX));
+ OPENSSL_memset(ctx, 0, sizeof(EVP_ENCODE_CTX));
}
/* kBase64ASCIIToBinData maps characters (c < 128) to their base64 value, or
diff --git a/crypto/base64/base64_test.cc b/crypto/base64/base64_test.cc
index f8af66c..bdf3d9a 100644
--- a/crypto/base64/base64_test.cc
+++ b/crypto/base64/base64_test.cc
@@ -136,7 +136,7 @@
std::string encoded(RemoveNewlines(t->encoded));
if (len != encoded.size() ||
- memcmp(out, encoded.data(), len) != 0) {
+ OPENSSL_memcmp(out, encoded.data(), len) != 0) {
fprintf(stderr, "encode(\"%s\") = \"%.*s\", want \"%s\"\n",
t->decoded, (int)len, (const char*)out, encoded.c_str());
return false;
@@ -178,7 +178,7 @@
}
if (len != strlen(t->decoded) ||
- memcmp(out, t->decoded, len) != 0) {
+ OPENSSL_memcmp(out, t->decoded, len) != 0) {
fprintf(stderr, "decode(\"%s\") = \"%.*s\", want \"%s\"\n",
encoded.c_str(), (int)len, (const char*)out, t->decoded);
return false;
@@ -217,7 +217,7 @@
ret -= 3 - (expected_len % 3);
}
if (static_cast<size_t>(ret) != strlen(t->decoded) ||
- memcmp(out, t->decoded, ret) != 0) {
+ OPENSSL_memcmp(out, t->decoded, ret) != 0) {
fprintf(stderr, "decode(\"%s\") = \"%.*s\", want \"%s\"\n",
t->encoded, ret, (const char*)out, t->decoded);
return false;
@@ -258,7 +258,8 @@
EVP_EncodeFinal(&ctx, out + total, &out_len);
total += out_len;
- if (total != strlen(t->encoded) || memcmp(out, t->encoded, total) != 0) {
+ if (total != strlen(t->encoded) ||
+ OPENSSL_memcmp(out, t->encoded, total) != 0) {
fprintf(stderr, "#%u: EVP_EncodeUpdate produced different output: '%s' (%u)\n",
test_num, out, static_cast<unsigned>(total));
return false;
@@ -287,7 +288,8 @@
fprintf(stderr, "#%u: EVP_DecodeUpdate failed\n", test_num);
return false;
}
- if (total != decoded_len || memcmp(out, t->decoded, decoded_len)) {
+ if (total != decoded_len ||
+ OPENSSL_memcmp(out, t->decoded, decoded_len)) {
fprintf(stderr, "#%u: EVP_DecodeUpdate produced incorrect output\n",
test_num);
return false;
@@ -368,7 +370,7 @@
out_len += bytes_written;
if (out_len != strlen(t->decoded) ||
- memcmp(out.data(), t->decoded, out_len) != 0) {
+ OPENSSL_memcmp(out.data(), t->decoded, out_len) != 0) {
fprintf(stderr, "#%u: incorrect output\n", test_num);
return 0;
}
diff --git a/crypto/bio/bio.c b/crypto/bio/bio.c
index 9619c22..8aad9fb 100644
--- a/crypto/bio/bio.c
+++ b/crypto/bio/bio.c
@@ -75,7 +75,7 @@
return NULL;
}
- memset(ret, 0, sizeof(BIO));
+ OPENSSL_memset(ret, 0, sizeof(BIO));
ret->method = method;
ret->shutdown = 1;
ret->references = 1;
@@ -488,7 +488,7 @@
if (*out == NULL) {
return 0;
}
- memcpy(*out, prefix, prefix_len);
+ OPENSSL_memcpy(*out, prefix, prefix_len);
size_t done = prefix_len;
for (;;) {
@@ -595,7 +595,7 @@
if (*out == NULL) {
return 0;
}
- memcpy(*out, header, header_len);
+ OPENSSL_memcpy(*out, header, header_len);
if (BIO_read(bio, (*out) + header_len, len - header_len) !=
(int) (len - header_len)) {
OPENSSL_free(*out);
diff --git a/crypto/bio/bio_mem.c b/crypto/bio/bio_mem.c
index 844fba7..24ed5be 100644
--- a/crypto/bio/bio_mem.c
+++ b/crypto/bio/bio_mem.c
@@ -63,6 +63,8 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
BIO *BIO_new_mem_buf(const void *buf, int len) {
BIO *ret;
@@ -144,12 +146,12 @@
}
if (ret > 0) {
- memcpy(out, b->data, ret);
+ OPENSSL_memcpy(out, b->data, ret);
b->length -= ret;
if (bio->flags & BIO_FLAGS_MEM_RDONLY) {
b->data += ret;
} else {
- memmove(b->data, &b->data[ret], b->length);
+ OPENSSL_memmove(b->data, &b->data[ret], b->length);
}
} else if (b->length == 0) {
ret = bio->num;
@@ -180,7 +182,7 @@
if (BUF_MEM_grow_clean(b, blen + inl) != ((size_t) blen) + inl) {
goto err;
}
- memcpy(&b->data[blen], in, inl);
+ OPENSSL_memcpy(&b->data[blen], in, inl);
ret = inl;
err:
@@ -240,7 +242,7 @@
b->data -= b->max - b->length;
b->length = b->max;
} else {
- memset(b->data, 0, b->max);
+ OPENSSL_memset(b->data, 0, b->max);
b->length = 0;
}
}
diff --git a/crypto/bio/bio_test.cc b/crypto/bio/bio_test.cc
index 4ae6c6e..fbfacf8 100644
--- a/crypto/bio/bio_test.cc
+++ b/crypto/bio/bio_test.cc
@@ -79,7 +79,7 @@
ScopedSocket listening_sock_closer(listening_sock);
struct sockaddr_in sin;
- memset(&sin, 0, sizeof(sin));
+ OPENSSL_memset(&sin, 0, sizeof(sin));
sin.sin_family = AF_INET;
if (!inet_pton(AF_INET, "127.0.0.1", &sin.sin_addr)) {
PrintSocketError("inet_pton");
@@ -128,7 +128,7 @@
PrintSocketError("read");
return false;
}
- if (memcmp(buf, kTestMessage, sizeof(kTestMessage))) {
+ if (OPENSSL_memcmp(buf, kTestMessage, sizeof(kTestMessage))) {
return false;
}
@@ -152,7 +152,7 @@
fprintf(stderr, "Bad test string length\n");
return false;
}
- memset(string, 'a', sizeof(string));
+ OPENSSL_memset(string, 'a', sizeof(string));
string[kLengths[i]] = '\0';
int ret = BIO_printf(bio.get(), "test %s", string);
@@ -198,8 +198,8 @@
return false;
}
- if (should_succeed &&
- (out_len != expected_len || memcmp(data, out, expected_len) != 0)) {
+ if (should_succeed && (out_len != expected_len ||
+ OPENSSL_memcmp(data, out, expected_len) != 0)) {
return false;
}
@@ -227,8 +227,8 @@
if (!large) {
return false;
}
- memset(large.get() + sizeof(kLargePrefix), 0, kLargePayloadLen);
- memcpy(large.get(), kLargePrefix, sizeof(kLargePrefix));
+ OPENSSL_memset(large.get() + sizeof(kLargePrefix), 0, kLargePayloadLen);
+ OPENSSL_memcpy(large.get(), kLargePrefix, sizeof(kLargePrefix));
if (!ReadASN1(true, large.get(), sizeof(kLargePrefix) + kLargePayloadLen,
sizeof(kLargePrefix) + kLargePayloadLen,
@@ -245,7 +245,7 @@
}
static const uint8_t kIndefPrefix[] = {0x30, 0x80};
- memcpy(large.get(), kIndefPrefix, sizeof(kIndefPrefix));
+ OPENSSL_memcpy(large.get(), kIndefPrefix, sizeof(kIndefPrefix));
if (!ReadASN1(true, large.get(), sizeof(kLargePrefix) + kLargePayloadLen,
sizeof(kLargePrefix) + kLargePayloadLen,
kLargePayloadLen*2)) {
@@ -287,7 +287,7 @@
if (BIO_write(bio1, "12345", 5) != 5 ||
BIO_ctrl_get_write_guarantee(bio1) != 5 ||
BIO_read(bio2, buf, sizeof(buf)) != 5 ||
- memcmp(buf, "12345", 5) != 0 ||
+ OPENSSL_memcmp(buf, "12345", 5) != 0 ||
BIO_ctrl_get_write_guarantee(bio1) != 10) {
return false;
}
@@ -298,7 +298,7 @@
BIO_write(bio1, "z", 1) != -1 ||
!BIO_should_write(bio1) ||
BIO_read(bio2, buf, sizeof(buf)) != 10 ||
- memcmp(buf, "1234567890", 10) != 0 ||
+ OPENSSL_memcmp(buf, "1234567890", 10) != 0 ||
BIO_ctrl_get_write_guarantee(bio1) != 10) {
return false;
}
@@ -323,10 +323,10 @@
BIO_write(bio1, "67890___", 8) != 5 ||
BIO_ctrl_get_write_guarantee(bio1) != 0 ||
BIO_read(bio2, buf, 3) != 3 ||
- memcmp(buf, "123", 3) != 0 ||
+ OPENSSL_memcmp(buf, "123", 3) != 0 ||
BIO_ctrl_get_write_guarantee(bio1) != 3 ||
BIO_read(bio2, buf, sizeof(buf)) != 7 ||
- memcmp(buf, "4567890", 7) != 0 ||
+ OPENSSL_memcmp(buf, "4567890", 7) != 0 ||
BIO_ctrl_get_write_guarantee(bio1) != 10) {
return false;
}
@@ -341,12 +341,12 @@
if (BIO_write(bio1, "abcdefgh", 8) != 8 ||
BIO_ctrl_get_write_guarantee(bio1) != 2 ||
BIO_read(bio2, buf, 3) != 3 ||
- memcmp(buf, "abc", 3) != 0 ||
+ OPENSSL_memcmp(buf, "abc", 3) != 0 ||
BIO_ctrl_get_write_guarantee(bio1) != 5 ||
BIO_write(bio1, "ijklm___", 8) != 5 ||
BIO_ctrl_get_write_guarantee(bio1) != 0 ||
BIO_read(bio2, buf, sizeof(buf)) != 10 ||
- memcmp(buf, "defghijklm", 10) != 0 ||
+ OPENSSL_memcmp(buf, "defghijklm", 10) != 0 ||
BIO_ctrl_get_write_guarantee(bio1) != 10) {
return false;
}
@@ -355,9 +355,9 @@
if (BIO_write(bio1, "12345", 5) != 5 ||
BIO_write(bio2, "67890", 5) != 5 ||
BIO_read(bio2, buf, sizeof(buf)) != 5 ||
- memcmp(buf, "12345", 5) != 0 ||
+ OPENSSL_memcmp(buf, "12345", 5) != 0 ||
BIO_read(bio1, buf, sizeof(buf)) != 5 ||
- memcmp(buf, "67890", 5) != 0) {
+ OPENSSL_memcmp(buf, "67890", 5) != 0) {
return false;
}
@@ -365,7 +365,7 @@
if (BIO_write(bio1, "12345", 5) != 5 ||
!BIO_shutdown_wr(bio1) ||
BIO_read(bio2, buf, sizeof(buf)) != 5 ||
- memcmp(buf, "12345", 5) != 0 ||
+ OPENSSL_memcmp(buf, "12345", 5) != 0 ||
BIO_read(bio2, buf, sizeof(buf)) != 0) {
return false;
}
@@ -385,7 +385,7 @@
// The other end is still functional.
if (BIO_write(bio2, "12345", 5) != 5 ||
BIO_read(bio1, buf, sizeof(buf)) != 5 ||
- memcmp(buf, "12345", 5) != 0) {
+ OPENSSL_memcmp(buf, "12345", 5) != 0) {
return false;
}
}
diff --git a/crypto/bio/buffer.c b/crypto/bio/buffer.c
index 1557451..bf8415c 100644
--- a/crypto/bio/buffer.c
+++ b/crypto/bio/buffer.c
@@ -62,6 +62,8 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
#define DEFAULT_BUFFER_SIZE 4096
@@ -94,7 +96,7 @@
if (ctx == NULL) {
return 0;
}
- memset(ctx, 0, sizeof(BIO_F_BUFFER_CTX));
+ OPENSSL_memset(ctx, 0, sizeof(BIO_F_BUFFER_CTX));
ctx->ibuf = OPENSSL_malloc(DEFAULT_BUFFER_SIZE);
if (ctx->ibuf == NULL) {
@@ -158,7 +160,7 @@
if (i > outl) {
i = outl;
}
- memcpy(out, &ctx->ibuf[ctx->ibuf_off], i);
+ OPENSSL_memcpy(out, &ctx->ibuf[ctx->ibuf_off], i);
ctx->ibuf_off += i;
ctx->ibuf_len -= i;
num += i;
@@ -222,7 +224,7 @@
i = ctx->obuf_size - (ctx->obuf_off + ctx->obuf_len);
/* add to buffer and return */
if (i >= inl) {
- memcpy(&ctx->obuf[ctx->obuf_off + ctx->obuf_len], in, inl);
+ OPENSSL_memcpy(&ctx->obuf[ctx->obuf_off + ctx->obuf_len], in, inl);
ctx->obuf_len += inl;
return num + inl;
}
@@ -230,7 +232,7 @@
/* stuff already in buffer, so add to it first, then flush */
if (ctx->obuf_len != 0) {
if (i > 0) {
- memcpy(&ctx->obuf[ctx->obuf_off + ctx->obuf_len], in, i);
+ OPENSSL_memcpy(&ctx->obuf[ctx->obuf_off + ctx->obuf_len], in, i);
in += i;
inl -= i;
num += i;
diff --git a/crypto/bio/connect.c b/crypto/bio/connect.c
index 7e54447..f6cc837 100644
--- a/crypto/bio/connect.c
+++ b/crypto/bio/connect.c
@@ -77,6 +77,7 @@
#include <openssl/mem.h>
#include "internal.h"
+#include "../internal.h"
enum {
@@ -298,7 +299,7 @@
if (ret == NULL) {
return NULL;
}
- memset(ret, 0, sizeof(BIO_CONNECT));
+ OPENSSL_memset(ret, 0, sizeof(BIO_CONNECT));
ret->state = BIO_CONN_S_BEFORE;
return ret;
diff --git a/crypto/bio/hexdump.c b/crypto/bio/hexdump.c
index 8c35114..d55df62 100644
--- a/crypto/bio/hexdump.c
+++ b/crypto/bio/hexdump.c
@@ -59,6 +59,8 @@
#include <limits.h>
#include <string.h>
+#include "../internal.h"
+
/* hexdump_ctx contains the state of a hexdump. */
struct hexdump_ctx {
@@ -154,7 +156,7 @@
return 1;
}
- memset(buf, ' ', 4);
+ OPENSSL_memset(buf, ' ', 4);
buf[4] = '|';
for (; ctx->used < 16; ctx->used++) {
@@ -179,7 +181,7 @@
int BIO_hexdump(BIO *bio, const uint8_t *data, size_t len, unsigned indent) {
struct hexdump_ctx ctx;
- memset(&ctx, 0, sizeof(ctx));
+ OPENSSL_memset(&ctx, 0, sizeof(ctx));
ctx.bio = bio;
ctx.indent = indent;
diff --git a/crypto/bio/pair.c b/crypto/bio/pair.c
index df36343..e933a1d 100644
--- a/crypto/bio/pair.c
+++ b/crypto/bio/pair.c
@@ -59,6 +59,8 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
struct bio_bio_st {
BIO *peer; /* NULL if buf == NULL.
@@ -86,7 +88,7 @@
if (b == NULL) {
return 0;
}
- memset(b, 0, sizeof(struct bio_bio_st));
+ OPENSSL_memset(b, 0, sizeof(struct bio_bio_st));
b->size = 17 * 1024; /* enough for one TLS record (just a default) */
bio->ptr = b;
@@ -207,7 +209,7 @@
}
assert(peer_b->offset + chunk <= peer_b->size);
- memcpy(buf, peer_b->buf + peer_b->offset, chunk);
+ OPENSSL_memcpy(buf, peer_b->buf + peer_b->offset, chunk);
peer_b->len -= chunk;
if (peer_b->len) {
@@ -287,7 +289,7 @@
chunk = b->size - write_offset;
}
- memcpy(b->buf + write_offset, buf, chunk);
+ OPENSSL_memcpy(b->buf + write_offset, buf, chunk);
b->len += chunk;
diff --git a/crypto/bio/socket_helper.c b/crypto/bio/socket_helper.c
index 9500788..268405a 100644
--- a/crypto/bio/socket_helper.c
+++ b/crypto/bio/socket_helper.c
@@ -33,6 +33,7 @@
#endif
#include "internal.h"
+#include "../internal.h"
int bio_ip_and_port_to_socket_and_addr(int *out_sock,
@@ -45,7 +46,7 @@
*out_sock = -1;
- memset(&hint, 0, sizeof(hint));
+ OPENSSL_memset(&hint, 0, sizeof(hint));
hint.ai_family = AF_UNSPEC;
hint.ai_socktype = SOCK_STREAM;
@@ -62,8 +63,8 @@
if ((size_t) cur->ai_addrlen > sizeof(struct sockaddr_storage)) {
continue;
}
- memset(out_addr, 0, sizeof(struct sockaddr_storage));
- memcpy(out_addr, cur->ai_addr, cur->ai_addrlen);
+ OPENSSL_memset(out_addr, 0, sizeof(struct sockaddr_storage));
+ OPENSSL_memcpy(out_addr, cur->ai_addr, cur->ai_addrlen);
*out_addr_length = cur->ai_addrlen;
*out_sock = socket(cur->ai_family, cur->ai_socktype, cur->ai_protocol);
diff --git a/crypto/bn/add.c b/crypto/bn/add.c
index 23f9f80..cfa3bbe 100644
--- a/crypto/bn/add.c
+++ b/crypto/bn/add.c
@@ -314,7 +314,7 @@
}
if (dif > 0 && rp != ap) {
- memcpy(rp, ap, sizeof(*rp) * dif);
+ OPENSSL_memcpy(rp, ap, sizeof(*rp) * dif);
}
r->top = max;
diff --git a/crypto/bn/bn.c b/crypto/bn/bn.c
index 87d81d2..31bb937 100644
--- a/crypto/bn/bn.c
+++ b/crypto/bn/bn.c
@@ -73,14 +73,14 @@
return NULL;
}
- memset(bn, 0, sizeof(BIGNUM));
+ OPENSSL_memset(bn, 0, sizeof(BIGNUM));
bn->flags = BN_FLG_MALLOCED;
return bn;
}
void BN_init(BIGNUM *bn) {
- memset(bn, 0, sizeof(BIGNUM));
+ OPENSSL_memset(bn, 0, sizeof(BIGNUM));
}
void BN_free(BIGNUM *bn) {
@@ -149,7 +149,7 @@
return NULL;
}
- memcpy(dest->d, src->d, sizeof(src->d[0]) * src->top);
+ OPENSSL_memcpy(dest->d, src->d, sizeof(src->d[0]) * src->top);
dest->top = src->top;
dest->neg = src->neg;
@@ -158,7 +158,7 @@
void BN_clear(BIGNUM *bn) {
if (bn->d != NULL) {
- memset(bn->d, 0, bn->dmax * sizeof(bn->d[0]));
+ OPENSSL_memset(bn->d, 0, bn->dmax * sizeof(bn->d[0]));
}
bn->top = 0;
@@ -173,7 +173,7 @@
}
void BN_with_flags(BIGNUM *out, const BIGNUM *in, int flags) {
- memcpy(out, in, sizeof(BIGNUM));
+ OPENSSL_memcpy(out, in, sizeof(BIGNUM));
out->flags &= ~BN_FLG_MALLOCED;
out->flags |= BN_FLG_STATIC_DATA | flags;
}
@@ -292,7 +292,7 @@
if (bn_wexpand(bn, num) == NULL) {
return 0;
}
- memmove(bn->d, words, num * sizeof(BN_ULONG));
+ OPENSSL_memmove(bn->d, words, num * sizeof(BN_ULONG));
/* |bn_wexpand| verified that |num| isn't too large. */
bn->top = (int)num;
bn_correct_top(bn);
@@ -335,7 +335,7 @@
return NULL;
}
- memcpy(a, bn->d, sizeof(BN_ULONG) * bn->top);
+ OPENSSL_memcpy(a, bn->d, sizeof(BN_ULONG) * bn->top);
OPENSSL_free(bn->d);
bn->d = a;
diff --git a/crypto/bn/bn_test.cc b/crypto/bn/bn_test.cc
index 75ef17a..dfca2bc 100644
--- a/crypto/bn/bn_test.cc
+++ b/crypto/bn/bn_test.cc
@@ -680,7 +680,7 @@
static bool TestBN2BinPadded(BN_CTX *ctx) {
uint8_t zeros[256], out[256], reference[128];
- memset(zeros, 0, sizeof(zeros));
+ OPENSSL_memset(zeros, 0, sizeof(zeros));
// Test edge case at 0.
bssl::UniquePtr<BIGNUM> n(BN_new());
@@ -689,13 +689,13 @@
"BN_bn2bin_padded failed to encode 0 in an empty buffer.\n");
return false;
}
- memset(out, -1, sizeof(out));
+ OPENSSL_memset(out, -1, sizeof(out));
if (!BN_bn2bin_padded(out, sizeof(out), n.get())) {
fprintf(stderr,
"BN_bn2bin_padded failed to encode 0 in a non-empty buffer.\n");
return false;
}
- if (memcmp(zeros, out, sizeof(out))) {
+ if (OPENSSL_memcmp(zeros, out, sizeof(out))) {
fprintf(stderr, "BN_bn2bin_padded did not zero buffer.\n");
return false;
}
@@ -724,20 +724,21 @@
}
// Exactly right size should encode.
if (!BN_bn2bin_padded(out, bytes, n.get()) ||
- memcmp(out, reference, bytes) != 0) {
+ OPENSSL_memcmp(out, reference, bytes) != 0) {
fprintf(stderr, "BN_bn2bin_padded gave a bad result.\n");
return false;
}
// Pad up one byte extra.
if (!BN_bn2bin_padded(out, bytes + 1, n.get()) ||
- memcmp(out + 1, reference, bytes) || memcmp(out, zeros, 1)) {
+ OPENSSL_memcmp(out + 1, reference, bytes) ||
+ OPENSSL_memcmp(out, zeros, 1)) {
fprintf(stderr, "BN_bn2bin_padded gave a bad result.\n");
return false;
}
// Pad up to 256.
if (!BN_bn2bin_padded(out, sizeof(out), n.get()) ||
- memcmp(out + sizeof(out) - bytes, reference, bytes) ||
- memcmp(out, zeros, sizeof(out) - bytes)) {
+ OPENSSL_memcmp(out + sizeof(out) - bytes, reference, bytes) ||
+ OPENSSL_memcmp(out, zeros, sizeof(out) - bytes)) {
fprintf(stderr, "BN_bn2bin_padded gave a bad result.\n");
return false;
}
@@ -922,7 +923,7 @@
}
if (mpi_len != test.mpi_len ||
- memcmp(test.mpi, scratch, mpi_len) != 0) {
+ OPENSSL_memcmp(test.mpi, scratch, mpi_len) != 0) {
fprintf(stderr, "MPI test #%u failed:\n", (unsigned)i);
hexdump(stderr, "Expected: ", test.mpi, test.mpi_len);
hexdump(stderr, "Got: ", scratch, mpi_len);
@@ -1062,7 +1063,8 @@
}
bssl::UniquePtr<uint8_t> delete_der(der);
if (der_len != test.der_len ||
- memcmp(der, reinterpret_cast<const uint8_t*>(test.der), der_len) != 0) {
+ OPENSSL_memcmp(der, reinterpret_cast<const uint8_t *>(test.der),
+ der_len) != 0) {
fprintf(stderr, "Bad serialization.\n");
return false;
}
diff --git a/crypto/bn/convert.c b/crypto/bn/convert.c
index 8f4b964..f03de9e 100644
--- a/crypto/bn/convert.c
+++ b/crypto/bn/convert.c
@@ -162,7 +162,7 @@
int BN_bn2bin_padded(uint8_t *out, size_t len, const BIGNUM *in) {
/* Special case for |in| = 0. Just branch as the probability is negligible. */
if (BN_is_zero(in)) {
- memset(out, 0, len);
+ OPENSSL_memset(out, 0, len);
return 1;
}
@@ -532,7 +532,7 @@
/* If we cannot represent the number then we emit zero as the interface
* doesn't allow an error to be signalled. */
if (out) {
- memset(out, 0, 4);
+ OPENSSL_memset(out, 0, 4);
}
return 4;
}
diff --git a/crypto/bn/ctx.c b/crypto/bn/ctx.c
index 48d9adf..bca6619 100644
--- a/crypto/bn/ctx.c
+++ b/crypto/bn/ctx.c
@@ -59,6 +59,8 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
/* How many bignums are in each "pool item"; */
#define BN_CTX_POOL_SIZE 16
@@ -218,7 +220,7 @@
return 0;
}
if (st->depth) {
- memcpy(newitems, st->indexes, st->depth * sizeof(unsigned int));
+ OPENSSL_memcpy(newitems, st->indexes, st->depth * sizeof(unsigned int));
}
OPENSSL_free(st->indexes);
st->indexes = newitems;
diff --git a/crypto/bn/exponentiation.c b/crypto/bn/exponentiation.c
index e05859b..3161a2a 100644
--- a/crypto/bn/exponentiation.c
+++ b/crypto/bn/exponentiation.c
@@ -961,7 +961,7 @@
}
powerbuf = MOD_EXP_CTIME_ALIGN(powerbufFree);
- memset(powerbuf, 0, powerbufLen);
+ OPENSSL_memset(powerbuf, 0, powerbufLen);
#ifdef alloca
if (powerbufLen < 3072) {
diff --git a/crypto/bn/montgomery.c b/crypto/bn/montgomery.c
index 9aa04d6..70f0585 100644
--- a/crypto/bn/montgomery.c
+++ b/crypto/bn/montgomery.c
@@ -132,7 +132,7 @@
return NULL;
}
- memset(ret, 0, sizeof(BN_MONT_CTX));
+ OPENSSL_memset(ret, 0, sizeof(BN_MONT_CTX));
BN_init(&ret->RR);
BN_init(&ret->N);
@@ -281,7 +281,7 @@
/* clear the top words of T */
if (max > r->top) {
- memset(&rp[r->top], 0, (max - r->top) * sizeof(BN_ULONG));
+ OPENSSL_memset(&rp[r->top], 0, (max - r->top) * sizeof(BN_ULONG));
}
r->top = max;
diff --git a/crypto/bn/mul.c b/crypto/bn/mul.c
index 06e53ee..fdf2c69 100644
--- a/crypto/bn/mul.c
+++ b/crypto/bn/mul.c
@@ -312,7 +312,8 @@
if (n2 < BN_MUL_RECURSIVE_SIZE_NORMAL) {
bn_mul_normal(r, a, n2 + dna, b, n2 + dnb);
if ((dna + dnb) < 0) {
- memset(&r[2 * n2 + dna + dnb], 0, sizeof(BN_ULONG) * -(dna + dnb));
+ OPENSSL_memset(&r[2 * n2 + dna + dnb], 0,
+ sizeof(BN_ULONG) * -(dna + dnb));
}
return;
}
@@ -358,7 +359,7 @@
if (!zero) {
bn_mul_comba4(&(t[n2]), t, &(t[n]));
} else {
- memset(&(t[n2]), 0, 8 * sizeof(BN_ULONG));
+ OPENSSL_memset(&(t[n2]), 0, 8 * sizeof(BN_ULONG));
}
bn_mul_comba4(r, a, b);
@@ -368,7 +369,7 @@
if (!zero) {
bn_mul_comba8(&(t[n2]), t, &(t[n]));
} else {
- memset(&(t[n2]), 0, 16 * sizeof(BN_ULONG));
+ OPENSSL_memset(&(t[n2]), 0, 16 * sizeof(BN_ULONG));
}
bn_mul_comba8(r, a, b);
@@ -378,7 +379,7 @@
if (!zero) {
bn_mul_recursive(&(t[n2]), t, &(t[n]), n, 0, 0, p);
} else {
- memset(&(t[n2]), 0, n2 * sizeof(BN_ULONG));
+ OPENSSL_memset(&(t[n2]), 0, n2 * sizeof(BN_ULONG));
}
bn_mul_recursive(r, a, b, n, 0, 0, p);
bn_mul_recursive(&(r[n2]), &(a[n]), &(b[n]), n, dna, dnb, p);
@@ -473,7 +474,7 @@
bn_mul_comba8(&(t[n2]), t, &(t[n]));
bn_mul_comba8(r, a, b);
bn_mul_normal(&(r[n2]), &(a[n]), tna, &(b[n]), tnb);
- memset(&(r[n2 + tna + tnb]), 0, sizeof(BN_ULONG) * (n2 - tna - tnb));
+ OPENSSL_memset(&(r[n2 + tna + tnb]), 0, sizeof(BN_ULONG) * (n2 - tna - tnb));
} else {
p = &(t[n2 * 2]);
bn_mul_recursive(&(t[n2]), t, &(t[n]), n, 0, 0, p);
@@ -489,14 +490,15 @@
if (j == 0) {
bn_mul_recursive(&(r[n2]), &(a[n]), &(b[n]), i, tna - i, tnb - i, p);
- memset(&(r[n2 + i * 2]), 0, sizeof(BN_ULONG) * (n2 - i * 2));
+ OPENSSL_memset(&(r[n2 + i * 2]), 0, sizeof(BN_ULONG) * (n2 - i * 2));
} else if (j > 0) {
/* eg, n == 16, i == 8 and tn == 11 */
bn_mul_part_recursive(&(r[n2]), &(a[n]), &(b[n]), i, tna - i, tnb - i, p);
- memset(&(r[n2 + tna + tnb]), 0, sizeof(BN_ULONG) * (n2 - tna - tnb));
+ OPENSSL_memset(&(r[n2 + tna + tnb]), 0,
+ sizeof(BN_ULONG) * (n2 - tna - tnb));
} else {
/* (j < 0) eg, n == 16, i == 8 and tn == 5 */
- memset(&(r[n2]), 0, sizeof(BN_ULONG) * n2);
+ OPENSSL_memset(&(r[n2]), 0, sizeof(BN_ULONG) * n2);
if (tna < BN_MUL_RECURSIVE_SIZE_NORMAL &&
tnb < BN_MUL_RECURSIVE_SIZE_NORMAL) {
bn_mul_normal(&(r[n2]), &(a[n]), tna, &(b[n]), tnb);
@@ -735,7 +737,7 @@
if (!zero) {
bn_sqr_recursive(&(t[n2]), t, n, p);
} else {
- memset(&(t[n2]), 0, n2 * sizeof(BN_ULONG));
+ OPENSSL_memset(&(t[n2]), 0, n2 * sizeof(BN_ULONG));
}
bn_sqr_recursive(r, a, n, p);
bn_sqr_recursive(&(r[n2]), &(a[n]), n, p);
diff --git a/crypto/bn/random.c b/crypto/bn/random.c
index ecf43c1..6f922c0 100644
--- a/crypto/bn/random.c
+++ b/crypto/bn/random.c
@@ -115,6 +115,9 @@
#include <openssl/rand.h>
#include <openssl/sha.h>
+#include "../internal.h"
+
+
int BN_rand(BIGNUM *rnd, int bits, int top, int bottom) {
uint8_t *buf = NULL;
int ret = 0, bit, bytes, mask;
@@ -298,8 +301,8 @@
OPENSSL_PUT_ERROR(BN, BN_R_PRIVATE_KEY_TOO_LARGE);
goto err;
}
- memcpy(private_bytes, priv->d, todo);
- memset(private_bytes + todo, 0, sizeof(private_bytes) - todo);
+ OPENSSL_memcpy(private_bytes, priv->d, todo);
+ OPENSSL_memset(private_bytes + todo, 0, sizeof(private_bytes) - todo);
for (attempt = 0;; attempt++) {
for (done = 0; done < num_k_bytes;) {
@@ -318,7 +321,7 @@
if (todo > SHA512_DIGEST_LENGTH) {
todo = SHA512_DIGEST_LENGTH;
}
- memcpy(k_bytes + done, digest, todo);
+ OPENSSL_memcpy(k_bytes + done, digest, todo);
done += todo;
}
diff --git a/crypto/bn/shift.c b/crypto/bn/shift.c
index 22006d1..dc9b795 100644
--- a/crypto/bn/shift.c
+++ b/crypto/bn/shift.c
@@ -94,7 +94,7 @@
t[nw + i] = (l << lb) & BN_MASK2;
}
}
- memset(t, 0, nw * sizeof(t[0]));
+ OPENSSL_memset(t, 0, nw * sizeof(t[0]));
r->top = a->top + nw + 1;
bn_correct_top(r);
diff --git a/crypto/buf/buf.c b/crypto/buf/buf.c
index efe9952..ca1d70b 100644
--- a/crypto/buf/buf.c
+++ b/crypto/buf/buf.c
@@ -61,6 +61,8 @@
#include <openssl/mem.h>
#include <openssl/err.h>
+#include "../internal.h"
+
BUF_MEM *BUF_MEM_new(void) {
BUF_MEM *ret;
@@ -71,7 +73,7 @@
return NULL;
}
- memset(ret, 0, sizeof(BUF_MEM));
+ OPENSSL_memset(ret, 0, sizeof(BUF_MEM));
return ret;
}
@@ -137,7 +139,7 @@
return 0;
}
if (buf->length < len) {
- memset(&buf->data[buf->length], 0, len - buf->length);
+ OPENSSL_memset(&buf->data[buf->length], 0, len - buf->length);
}
buf->length = len;
return len;
@@ -193,7 +195,7 @@
return NULL;
}
- memcpy(ret, buf, size);
+ OPENSSL_memcpy(ret, buf, size);
ret[size] = '\0';
return ret;
}
@@ -234,6 +236,6 @@
return NULL;
}
- memcpy(ret, data, dst_size);
+ OPENSSL_memcpy(ret, data, dst_size);
return ret;
}
diff --git a/crypto/bytestring/asn1_compat.c b/crypto/bytestring/asn1_compat.c
index b17d2d1..50df9cc 100644
--- a/crypto/bytestring/asn1_compat.c
+++ b/crypto/bytestring/asn1_compat.c
@@ -22,6 +22,7 @@
#include <openssl/mem.h>
#include "internal.h"
+#include "../internal.h"
int CBB_finish_i2d(CBB *cbb, uint8_t **outp) {
@@ -42,7 +43,7 @@
*outp = der;
der = NULL;
} else {
- memcpy(*outp, der, der_len);
+ OPENSSL_memcpy(*outp, der, der_len);
*outp += der_len;
}
}
diff --git a/crypto/bytestring/ber.c b/crypto/bytestring/ber.c
index 04fcac6..ee3cd0a 100644
--- a/crypto/bytestring/ber.c
+++ b/crypto/bytestring/ber.c
@@ -18,6 +18,7 @@
#include <string.h>
#include "internal.h"
+#include "../internal.h"
/* kMaxDepth is a just a sanity limit. The code should be such that the length
@@ -100,7 +101,7 @@
* |CBS_get_any_ber_asn1_element|, indicate an "end of contents" (EOC) value. */
static char is_eoc(size_t header_len, CBS *contents) {
return header_len == 2 && CBS_len(contents) == 2 &&
- memcmp(CBS_data(contents), "\x00\x00", 2) == 0;
+ OPENSSL_memcmp(CBS_data(contents), "\x00\x00", 2) == 0;
}
/* cbs_convert_ber reads BER data from |in| and writes DER data to |out|. If
diff --git a/crypto/bytestring/bytestring_test.cc b/crypto/bytestring/bytestring_test.cc
index 12275d6..6ec6fcf 100644
--- a/crypto/bytestring/bytestring_test.cc
+++ b/crypto/bytestring/bytestring_test.cc
@@ -132,7 +132,7 @@
}
if (!CBS_get_asn1(&data, &contents, 0x30) ||
CBS_len(&contents) != 2 ||
- memcmp(CBS_data(&contents), "\x01\x02", 2) != 0) {
+ OPENSSL_memcmp(CBS_data(&contents), "\x01\x02", 2) != 0) {
return false;
}
@@ -193,7 +193,7 @@
!CBS_get_optional_asn1(&data, &contents, &present, 0xa1) ||
!present ||
CBS_len(&contents) != 3 ||
- memcmp(CBS_data(&contents), "\x04\x01\x01", 3) != 0) {
+ OPENSSL_memcmp(CBS_data(&contents), "\x04\x01\x01", 3) != 0) {
return false;
}
@@ -235,7 +235,7 @@
if (!CBS_get_any_asn1(&data, &contents, &tag) ||
tag != CBS_ASN1_SEQUENCE ||
CBS_len(&contents) != 2 ||
- memcmp(CBS_data(&contents), "\x01\x02", 2) != 0) {
+ OPENSSL_memcmp(CBS_data(&contents), "\x01\x02", 2) != 0) {
return false;
}
@@ -245,7 +245,7 @@
tag != CBS_ASN1_SEQUENCE ||
header_len != 2 ||
CBS_len(&contents) != 4 ||
- memcmp(CBS_data(&contents), "\x30\x02\x01\x02", 2) != 0) {
+ OPENSSL_memcmp(CBS_data(&contents), "\x30\x02\x01\x02", 2) != 0) {
return false;
}
@@ -312,7 +312,8 @@
}
bssl::UniquePtr<uint8_t> scoper(buf);
- return buf_len == sizeof(kExpected) && memcmp(buf, kExpected, buf_len) == 0;
+ return buf_len == sizeof(kExpected) &&
+ OPENSSL_memcmp(buf, kExpected, buf_len) == 0;
}
static bool TestCBBFixed() {
@@ -396,7 +397,8 @@
}
bssl::UniquePtr<uint8_t> scoper(buf);
- return buf_len == sizeof(kExpected) && memcmp(buf, kExpected, buf_len) == 0;
+ return buf_len == sizeof(kExpected) &&
+ OPENSSL_memcmp(buf, kExpected, buf_len) == 0;
}
static bool TestCBBDiscardChild() {
@@ -445,7 +447,8 @@
0, 0, 3, 0xdd, 0xdd, 0xdd,
1, 0xff,
};
- return buf_len == sizeof(kExpected) && memcmp(buf, kExpected, buf_len) == 0;
+ return buf_len == sizeof(kExpected) &&
+ OPENSSL_memcmp(buf, kExpected, buf_len) == 0;
}
static bool TestCBBMisuse() {
@@ -484,7 +487,7 @@
bssl::UniquePtr<uint8_t> scoper(buf);
if (buf_len != 3 ||
- memcmp(buf, "\x01\x01\x02", 3) != 0) {
+ OPENSSL_memcmp(buf, "\x01\x01\x02", 3) != 0) {
return false;
}
return true;
@@ -507,7 +510,8 @@
}
bssl::UniquePtr<uint8_t> scoper(buf);
- if (buf_len != sizeof(kExpected) || memcmp(buf, kExpected, buf_len) != 0) {
+ if (buf_len != sizeof(kExpected) ||
+ OPENSSL_memcmp(buf, kExpected, buf_len) != 0) {
return false;
}
@@ -525,8 +529,8 @@
scoper.reset(buf);
if (buf_len != 3 + 130 ||
- memcmp(buf, "\x30\x81\x82", 3) != 0 ||
- memcmp(buf + 3, test_data.data(), 130) != 0) {
+ OPENSSL_memcmp(buf, "\x30\x81\x82", 3) != 0 ||
+ OPENSSL_memcmp(buf + 3, test_data.data(), 130) != 0) {
return false;
}
@@ -542,8 +546,8 @@
scoper.reset(buf);
if (buf_len != 4 + 1000 ||
- memcmp(buf, "\x30\x82\x03\xe8", 4) != 0 ||
- memcmp(buf + 4, test_data.data(), 1000)) {
+ OPENSSL_memcmp(buf, "\x30\x82\x03\xe8", 4) != 0 ||
+ OPENSSL_memcmp(buf + 4, test_data.data(), 1000)) {
return false;
}
@@ -560,8 +564,9 @@
scoper.reset(buf);
if (buf_len != 5 + 5 + 100000 ||
- memcmp(buf, "\x30\x83\x01\x86\xa5\x30\x83\x01\x86\xa0", 10) != 0 ||
- memcmp(buf + 10, test_data.data(), 100000)) {
+ OPENSSL_memcmp(buf, "\x30\x83\x01\x86\xa5\x30\x83\x01\x86\xa0", 10) !=
+ 0 ||
+ OPENSSL_memcmp(buf + 10, test_data.data(), 100000)) {
return false;
}
@@ -584,7 +589,7 @@
if (out == NULL) {
if (ber_len != der_len ||
- memcmp(der_expected, ber, ber_len) != 0) {
+ OPENSSL_memcmp(der_expected, ber, ber_len) != 0) {
fprintf(stderr, "%s: incorrect unconverted result.\n", name);
return false;
}
@@ -593,7 +598,7 @@
}
if (out_len != der_len ||
- memcmp(out, der_expected, der_len) != 0) {
+ OPENSSL_memcmp(out, der_expected, der_len) != 0) {
fprintf(stderr, "%s: incorrect converted result.\n", name);
return false;
}
@@ -702,7 +707,7 @@
}
if (ok && (CBS_len(&out) != test.out_len ||
- memcmp(CBS_data(&out), test.out, test.out_len) != 0)) {
+ OPENSSL_memcmp(CBS_data(&out), test.out, test.out_len) != 0)) {
fprintf(stderr, "CBS_get_asn1_implicit_string gave the wrong output\n");
return false;
}
@@ -772,7 +777,8 @@
return false;
}
bssl::UniquePtr<uint8_t> scoper(out);
- if (len != test->encoding_len || memcmp(out, test->encoding, len) != 0) {
+ if (len != test->encoding_len ||
+ OPENSSL_memcmp(out, test->encoding, len) != 0) {
return false;
}
}
diff --git a/crypto/bytestring/cbb.c b/crypto/bytestring/cbb.c
index 2d65be8..14116be 100644
--- a/crypto/bytestring/cbb.c
+++ b/crypto/bytestring/cbb.c
@@ -19,9 +19,11 @@
#include <openssl/mem.h>
+#include "../internal.h"
+
void CBB_zero(CBB *cbb) {
- memset(cbb, 0, sizeof(CBB));
+ OPENSSL_memset(cbb, 0, sizeof(CBB));
}
static int cbb_init(CBB *cbb, uint8_t *buf, size_t cap) {
@@ -252,8 +254,8 @@
if (!cbb_buffer_add(cbb->base, NULL, extra_bytes)) {
goto err;
}
- memmove(cbb->base->buf + child_start + extra_bytes,
- cbb->base->buf + child_start, len);
+ OPENSSL_memmove(cbb->base->buf + child_start + extra_bytes,
+ cbb->base->buf + child_start, len);
}
cbb->base->buf[cbb->child->offset++] = initial_length_byte;
cbb->child->pending_len_len = len_len - 1;
@@ -303,8 +305,8 @@
return 0;
}
- memset(prefix_bytes, 0, len_len);
- memset(out_contents, 0, sizeof(CBB));
+ OPENSSL_memset(prefix_bytes, 0, len_len);
+ OPENSSL_memset(out_contents, 0, sizeof(CBB));
out_contents->base = cbb->base;
cbb->child = out_contents;
cbb->child->offset = offset;
@@ -346,7 +348,7 @@
return 0;
}
- memset(out_contents, 0, sizeof(CBB));
+ OPENSSL_memset(out_contents, 0, sizeof(CBB));
out_contents->base = cbb->base;
cbb->child = out_contents;
cbb->child->offset = offset;
@@ -363,7 +365,7 @@
!cbb_buffer_add(cbb->base, &dest, len)) {
return 0;
}
- memcpy(dest, data, len);
+ OPENSSL_memcpy(dest, data, len);
return 1;
}
diff --git a/crypto/bytestring/cbs.c b/crypto/bytestring/cbs.c
index 132fe03..14c55a4 100644
--- a/crypto/bytestring/cbs.c
+++ b/crypto/bytestring/cbs.c
@@ -20,6 +20,7 @@
#include <string.h>
#include "internal.h"
+#include "../internal.h"
void CBS_init(CBS *cbs, const uint8_t *data, size_t len) {
@@ -76,7 +77,7 @@
}
int CBS_contains_zero_byte(const CBS *cbs) {
- return memchr(cbs->data, 0, cbs->len) != NULL;
+ return OPENSSL_memchr(cbs->data, 0, cbs->len) != NULL;
}
int CBS_mem_equal(const CBS *cbs, const uint8_t *data, size_t len) {
@@ -150,7 +151,7 @@
if (!cbs_get(cbs, &v, len)) {
return 0;
}
- memcpy(out, v, len);
+ OPENSSL_memcpy(out, v, len);
return 1;
}
diff --git a/crypto/chacha/chacha.c b/crypto/chacha/chacha.c
index feaa98a..fe32596 100644
--- a/crypto/chacha/chacha.c
+++ b/crypto/chacha/chacha.c
@@ -96,7 +96,7 @@
uint32_t x[16];
int i;
- memcpy(x, input, sizeof(uint32_t) * 16);
+ OPENSSL_memcpy(x, input, sizeof(uint32_t) * 16);
for (i = 20; i > 0; i -= 2) {
QUARTERROUND(0, 4, 8, 12)
QUARTERROUND(1, 5, 9, 13)
diff --git a/crypto/chacha/chacha_test.cc b/crypto/chacha/chacha_test.cc
index 0a5972f..6bfb03e 100644
--- a/crypto/chacha/chacha_test.cc
+++ b/crypto/chacha/chacha_test.cc
@@ -21,6 +21,8 @@
#include <openssl/crypto.h>
#include <openssl/chacha.h>
+#include "../internal.h"
+
static const uint8_t kKey[32] = {
0x98, 0xbe, 0xf1, 0x46, 0x9b, 0xe7, 0x26, 0x98, 0x37, 0xa4, 0x5b,
@@ -217,15 +219,15 @@
static bool TestChaCha20(size_t len) {
std::unique_ptr<uint8_t[]> buf(new uint8_t[len]);
CRYPTO_chacha_20(buf.get(), kInput, len, kKey, kNonce, kCounter);
- if (memcmp(buf.get(), kOutput, len) != 0) {
+ if (OPENSSL_memcmp(buf.get(), kOutput, len) != 0) {
fprintf(stderr, "Mismatch at length %zu.\n", len);
return false;
}
// Test in-place.
- memcpy(buf.get(), kInput, len);
+ OPENSSL_memcpy(buf.get(), kInput, len);
CRYPTO_chacha_20(buf.get(), buf.get(), len, kKey, kNonce, kCounter);
- if (memcmp(buf.get(), kOutput, len) != 0) {
+ if (OPENSSL_memcmp(buf.get(), kOutput, len) != 0) {
fprintf(stderr, "Mismatch at length %zu, in-place.\n", len);
return false;
}
diff --git a/crypto/cipher/aead.c b/crypto/cipher/aead.c
index 2d56715..b5ff48a 100644
--- a/crypto/cipher/aead.c
+++ b/crypto/cipher/aead.c
@@ -32,7 +32,7 @@
size_t EVP_AEAD_max_tag_len(const EVP_AEAD *aead) { return aead->max_tag_len; }
void EVP_AEAD_CTX_zero(EVP_AEAD_CTX *ctx) {
- memset(ctx, 0, sizeof(EVP_AEAD_CTX));
+ OPENSSL_memset(ctx, 0, sizeof(EVP_AEAD_CTX));
}
int EVP_AEAD_CTX_init(EVP_AEAD_CTX *ctx, const EVP_AEAD *aead,
@@ -116,7 +116,7 @@
error:
/* In the event of an error, clear the output buffer so that a caller
* that doesn't check the return value doesn't send raw data. */
- memset(out, 0, max_out_len);
+ OPENSSL_memset(out, 0, max_out_len);
*out_len = 0;
return 0;
}
@@ -139,7 +139,7 @@
/* In the event of an error, clear the output buffer so that a caller
* that doesn't check the return value doesn't try and process bad
* data. */
- memset(out, 0, max_out_len);
+ OPENSSL_memset(out, 0, max_out_len);
*out_len = 0;
return 0;
}
diff --git a/crypto/cipher/aead_test.cc b/crypto/cipher/aead_test.cc
index 313f041..0c95fb4 100644
--- a/crypto/cipher/aead_test.cc
+++ b/crypto/cipher/aead_test.cc
@@ -21,6 +21,7 @@
#include <openssl/crypto.h>
#include <openssl/err.h>
+#include "../internal.h"
#include "../test/file_test.h"
@@ -86,8 +87,8 @@
}
} else {
out.resize(ct.size() + tag.size());
- memcpy(out.data(), ct.data(), ct.size());
- memcpy(out.data() + ct.size(), tag.data(), tag.size());
+ OPENSSL_memcpy(out.data(), ct.data(), ct.size());
+ OPENSSL_memcpy(out.data() + ct.size(), tag.data(), tag.size());
}
// The "stateful" AEADs for implementing pre-AEAD cipher suites need to be
@@ -170,7 +171,7 @@
EVP_AEAD_CTX ctx;
uint8_t key[128];
- memset(key, 0, sizeof(key));
+ OPENSSL_memset(key, 0, sizeof(key));
const size_t key_len = EVP_AEAD_key_length(aead);
if (key_len > sizeof(key)) {
fprintf(stderr, "Key length of AEAD too long.\n");
@@ -239,7 +240,7 @@
uint8_t *out1 = buffer.data();
uint8_t *out2 = buffer.data() + 2;
- memcpy(in, kPlaintext, sizeof(kPlaintext));
+ OPENSSL_memcpy(in, kPlaintext, sizeof(kPlaintext));
size_t out_len;
if (EVP_AEAD_CTX_seal(ctx.get(), out1, &out_len,
sizeof(kPlaintext) + max_overhead, nonce.data(),
@@ -252,7 +253,7 @@
}
ERR_clear_error();
- memcpy(in, valid_encryption.data(), valid_encryption_len);
+ OPENSSL_memcpy(in, valid_encryption.data(), valid_encryption_len);
if (EVP_AEAD_CTX_open(ctx.get(), out1, &out_len, valid_encryption_len,
nonce.data(), nonce_len, in, valid_encryption_len,
nullptr, 0) ||
@@ -265,7 +266,7 @@
ERR_clear_error();
// Test with out == in, which we expect to work.
- memcpy(in, kPlaintext, sizeof(kPlaintext));
+ OPENSSL_memcpy(in, kPlaintext, sizeof(kPlaintext));
if (!EVP_AEAD_CTX_seal(ctx.get(), in, &out_len,
sizeof(kPlaintext) + max_overhead, nonce.data(),
@@ -275,12 +276,12 @@
}
if (out_len != valid_encryption_len ||
- memcmp(in, valid_encryption.data(), out_len) != 0) {
+ OPENSSL_memcmp(in, valid_encryption.data(), out_len) != 0) {
fprintf(stderr, "EVP_AEAD_CTX_seal produced bad output in-place.\n");
return false;
}
- memcpy(in, valid_encryption.data(), valid_encryption_len);
+ OPENSSL_memcpy(in, valid_encryption.data(), valid_encryption_len);
if (!EVP_AEAD_CTX_open(ctx.get(), in, &out_len, valid_encryption_len,
nonce.data(), nonce_len, in, valid_encryption_len,
nullptr, 0)) {
@@ -289,7 +290,7 @@
}
if (out_len != sizeof(kPlaintext) ||
- memcmp(in, kPlaintext, out_len) != 0) {
+ OPENSSL_memcmp(in, kPlaintext, out_len) != 0) {
fprintf(stderr, "EVP_AEAD_CTX_open produced bad output in-place.\n");
return false;
}
diff --git a/crypto/cipher/cipher.c b/crypto/cipher/cipher.c
index f61c59f..ae045ae 100644
--- a/crypto/cipher/cipher.c
+++ b/crypto/cipher/cipher.c
@@ -64,6 +64,7 @@
#include <openssl/nid.h>
#include "internal.h"
+#include "../internal.h"
const EVP_CIPHER *EVP_get_cipherbynid(int nid) {
@@ -88,7 +89,7 @@
}
void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) {
- memset(ctx, 0, sizeof(EVP_CIPHER_CTX));
+ OPENSSL_memset(ctx, 0, sizeof(EVP_CIPHER_CTX));
}
EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void) {
@@ -108,7 +109,7 @@
}
OPENSSL_free(c->cipher_data);
- memset(c, 0, sizeof(EVP_CIPHER_CTX));
+ OPENSSL_memset(c, 0, sizeof(EVP_CIPHER_CTX));
return 1;
}
@@ -126,7 +127,7 @@
}
EVP_CIPHER_CTX_cleanup(out);
- memcpy(out, in, sizeof(EVP_CIPHER_CTX));
+ OPENSSL_memcpy(out, in, sizeof(EVP_CIPHER_CTX));
if (in->cipher_data && in->cipher->ctx_size) {
out->cipher_data = OPENSSL_malloc(in->cipher->ctx_size);
@@ -134,7 +135,7 @@
OPENSSL_PUT_ERROR(CIPHER, ERR_R_MALLOC_FAILURE);
return 0;
}
- memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size);
+ OPENSSL_memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size);
}
if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY) {
@@ -210,9 +211,9 @@
case EVP_CIPH_CBC_MODE:
assert(EVP_CIPHER_CTX_iv_length(ctx) <= sizeof(ctx->iv));
if (iv) {
- memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
+ OPENSSL_memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
}
- memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
+ OPENSSL_memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
break;
case EVP_CIPH_CTR_MODE:
@@ -220,7 +221,7 @@
ctx->num = 0;
/* Don't reuse IV for CTR mode */
if (iv) {
- memcpy(ctx->iv, iv, EVP_CIPHER_CTX_iv_length(ctx));
+ OPENSSL_memcpy(ctx->iv, iv, EVP_CIPHER_CTX_iv_length(ctx));
}
break;
@@ -285,13 +286,13 @@
assert(bl <= (int)sizeof(ctx->buf));
if (i != 0) {
if (bl - i > in_len) {
- memcpy(&ctx->buf[i], in, in_len);
+ OPENSSL_memcpy(&ctx->buf[i], in, in_len);
ctx->buf_len += in_len;
*out_len = 0;
return 1;
} else {
j = bl - i;
- memcpy(&ctx->buf[i], in, j);
+ OPENSSL_memcpy(&ctx->buf[i], in, j);
if (!ctx->cipher->cipher(ctx, out, ctx->buf, bl)) {
return 0;
}
@@ -314,7 +315,7 @@
}
if (i != 0) {
- memcpy(ctx->buf, &in[in_len], i);
+ OPENSSL_memcpy(ctx->buf, &in[in_len], i);
}
ctx->buf_len = i;
return 1;
@@ -393,7 +394,7 @@
assert(b <= sizeof(ctx->final));
if (ctx->final_used) {
- memcpy(out, ctx->final, b);
+ OPENSSL_memcpy(out, ctx->final, b);
out += b;
fix_len = 1;
} else {
@@ -409,7 +410,7 @@
if (b > 1 && !ctx->buf_len) {
*out_len -= b;
ctx->final_used = 1;
- memcpy(ctx->final, &out[*out_len], b);
+ OPENSSL_memcpy(ctx->final, &out[*out_len], b);
} else {
ctx->final_used = 0;
}
diff --git a/crypto/cipher/e_aes.c b/crypto/cipher/e_aes.c
index f99022f..0e9a7cd 100644
--- a/crypto/cipher/e_aes.c
+++ b/crypto/cipher/e_aes.c
@@ -479,7 +479,7 @@
if (gctx->key_set) {
CRYPTO_gcm128_setiv(&gctx->gcm, &gctx->ks.ks, iv, gctx->ivlen);
} else {
- memcpy(gctx->iv, iv, gctx->ivlen);
+ OPENSSL_memcpy(gctx->iv, iv, gctx->ivlen);
}
gctx->iv_set = 1;
gctx->iv_gen = 0;
@@ -545,7 +545,7 @@
if (arg <= 0 || arg > 16 || c->encrypt) {
return 0;
}
- memcpy(c->buf, ptr, arg);
+ OPENSSL_memcpy(c->buf, ptr, arg);
gctx->taglen = arg;
return 1;
@@ -553,13 +553,13 @@
if (arg <= 0 || arg > 16 || !c->encrypt || gctx->taglen < 0) {
return 0;
}
- memcpy(ptr, c->buf, arg);
+ OPENSSL_memcpy(ptr, c->buf, arg);
return 1;
case EVP_CTRL_GCM_SET_IV_FIXED:
/* Special case: -1 length restores whole IV */
if (arg == -1) {
- memcpy(gctx->iv, ptr, gctx->ivlen);
+ OPENSSL_memcpy(gctx->iv, ptr, gctx->ivlen);
gctx->iv_gen = 1;
return 1;
}
@@ -569,7 +569,7 @@
return 0;
}
if (arg) {
- memcpy(gctx->iv, ptr, arg);
+ OPENSSL_memcpy(gctx->iv, ptr, arg);
}
if (c->encrypt && !RAND_bytes(gctx->iv + arg, gctx->ivlen - arg)) {
return 0;
@@ -585,7 +585,7 @@
if (arg <= 0 || arg > gctx->ivlen) {
arg = gctx->ivlen;
}
- memcpy(ptr, gctx->iv + gctx->ivlen - arg, arg);
+ OPENSSL_memcpy(ptr, gctx->iv + gctx->ivlen - arg, arg);
/* Invocation field will be at least 8 bytes in size and
* so no need to check wrap around or increment more than
* last 8 bytes. */
@@ -597,7 +597,7 @@
if (gctx->iv_gen == 0 || gctx->key_set == 0 || c->encrypt) {
return 0;
}
- memcpy(gctx->iv + gctx->ivlen - arg, ptr, arg);
+ OPENSSL_memcpy(gctx->iv + gctx->ivlen - arg, ptr, arg);
CRYPTO_gcm128_setiv(&gctx->gcm, &gctx->ks.ks, gctx->iv, gctx->ivlen);
gctx->iv_set = 1;
return 1;
@@ -612,7 +612,7 @@
if (!gctx_out->iv) {
return 0;
}
- memcpy(gctx_out->iv, gctx->iv, gctx->ivlen);
+ OPENSSL_memcpy(gctx_out->iv, gctx->iv, gctx->ivlen);
}
return 1;
}
@@ -860,7 +860,7 @@
if (gctx->key_set) {
CRYPTO_gcm128_setiv(&gctx->gcm, &gctx->ks.ks, iv, gctx->ivlen);
} else {
- memcpy(gctx->iv, iv, gctx->ivlen);
+ OPENSSL_memcpy(gctx->iv, iv, gctx->ivlen);
}
gctx->iv_set = 1;
gctx->iv_gen = 0;
@@ -1073,7 +1073,7 @@
const AES_KEY *key = &gcm_ctx->ks.ks;
- memcpy(&gcm, &gcm_ctx->gcm, sizeof(gcm));
+ OPENSSL_memcpy(&gcm, &gcm_ctx->gcm, sizeof(gcm));
CRYPTO_gcm128_setiv(&gcm, key, nonce, nonce_len);
if (ad_len > 0 && !CRYPTO_gcm128_aad(&gcm, ad, ad_len)) {
@@ -1120,7 +1120,7 @@
const AES_KEY *key = &gcm_ctx->ks.ks;
- memcpy(&gcm, &gcm_ctx->gcm, sizeof(gcm));
+ OPENSSL_memcpy(&gcm, &gcm_ctx->gcm, sizeof(gcm));
CRYPTO_gcm128_setiv(&gcm, key, nonce, nonce_len);
if (!CRYPTO_gcm128_aad(&gcm, ad, ad_len)) {
@@ -1198,8 +1198,8 @@
const uint8_t hmac_key[32]) {
static const size_t hmac_key_len = 32;
uint8_t block[SHA256_CBLOCK];
- memcpy(block, hmac_key, hmac_key_len);
- memset(block + hmac_key_len, 0x36, sizeof(block) - hmac_key_len);
+ OPENSSL_memcpy(block, hmac_key, hmac_key_len);
+ OPENSSL_memset(block + hmac_key_len, 0x36, sizeof(block) - hmac_key_len);
unsigned i;
for (i = 0; i < hmac_key_len; i++) {
@@ -1209,7 +1209,7 @@
SHA256_Init(out_inner);
SHA256_Update(out_inner, block, sizeof(block));
- memset(block + hmac_key_len, 0x5c, sizeof(block) - hmac_key_len);
+ OPENSSL_memset(block + hmac_key_len, 0x5c, sizeof(block) - hmac_key_len);
for (i = 0; i < hmac_key_len; i++) {
block[i] ^= (0x36 ^ 0x5c);
}
@@ -1284,7 +1284,7 @@
const uint8_t *nonce, const uint8_t *ciphertext,
size_t ciphertext_len) {
SHA256_CTX sha256;
- memcpy(&sha256, inner_init_state, sizeof(sha256));
+ OPENSSL_memcpy(&sha256, inner_init_state, sizeof(sha256));
hmac_update_uint64(&sha256, ad_len);
hmac_update_uint64(&sha256, ciphertext_len);
SHA256_Update(&sha256, nonce, EVP_AEAD_AES_CTR_HMAC_SHA256_NONCE_LEN);
@@ -1297,7 +1297,7 @@
SHA256_CBLOCK)) %
SHA256_CBLOCK;
uint8_t padding[SHA256_CBLOCK];
- memset(padding, 0, num_padding);
+ OPENSSL_memset(padding, 0, num_padding);
SHA256_Update(&sha256, padding, num_padding);
SHA256_Update(&sha256, ciphertext, ciphertext_len);
@@ -1305,7 +1305,7 @@
uint8_t inner_digest[SHA256_DIGEST_LENGTH];
SHA256_Final(inner_digest, &sha256);
- memcpy(&sha256, outer_init_state, sizeof(sha256));
+ OPENSSL_memcpy(&sha256, outer_init_state, sizeof(sha256));
SHA256_Update(&sha256, inner_digest, sizeof(inner_digest));
SHA256_Final(out, &sha256);
}
@@ -1317,11 +1317,11 @@
* bytes is pointless. However, |CRYPTO_ctr128_encrypt| requires it. */
uint8_t partial_block_buffer[AES_BLOCK_SIZE];
unsigned partial_block_offset = 0;
- memset(partial_block_buffer, 0, sizeof(partial_block_buffer));
+ OPENSSL_memset(partial_block_buffer, 0, sizeof(partial_block_buffer));
uint8_t counter[AES_BLOCK_SIZE];
- memcpy(counter, nonce, EVP_AEAD_AES_CTR_HMAC_SHA256_NONCE_LEN);
- memset(counter + EVP_AEAD_AES_CTR_HMAC_SHA256_NONCE_LEN, 0, 4);
+ OPENSSL_memcpy(counter, nonce, EVP_AEAD_AES_CTR_HMAC_SHA256_NONCE_LEN);
+ OPENSSL_memset(counter + EVP_AEAD_AES_CTR_HMAC_SHA256_NONCE_LEN, 0, 4);
if (aes_ctx->ctr) {
CRYPTO_ctr128_encrypt_ctr32(in, out, len, &aes_ctx->ks.ks, counter,
@@ -1364,7 +1364,7 @@
uint8_t hmac_result[SHA256_DIGEST_LENGTH];
hmac_calculate(hmac_result, &aes_ctx->inner_init_state,
&aes_ctx->outer_init_state, ad, ad_len, nonce, out, in_len);
- memcpy(out + in_len, hmac_result, aes_ctx->tag_len);
+ OPENSSL_memcpy(out + in_len, hmac_result, aes_ctx->tag_len);
*out_len = in_len + aes_ctx->tag_len;
return 1;
@@ -1482,7 +1482,7 @@
if (gcm_siv_ctx == NULL) {
return 0;
}
- memset(gcm_siv_ctx, 0, sizeof(struct aead_aes_gcm_siv_ctx));
+ OPENSSL_memset(gcm_siv_ctx, 0, sizeof(struct aead_aes_gcm_siv_ctx));
if (aesni_capable()) {
aesni_set_encrypt_key(key, key_len * 8, &gcm_siv_ctx->ks.ks);
@@ -1525,7 +1525,7 @@
uint8_t c[16];
} counter;
- memcpy(counter.c, initial_counter, AES_BLOCK_SIZE);
+ OPENSSL_memcpy(counter.c, initial_counter, AES_BLOCK_SIZE);
counter.c[15] |= 0x80;
for (size_t done = 0; done < in_len;) {
@@ -1558,15 +1558,15 @@
uint8_t scratch[16];
if (ad_len & 15) {
- memset(scratch, 0, sizeof(scratch));
- memcpy(scratch, &ad[ad_len & ~15], ad_len & 15);
+ OPENSSL_memset(scratch, 0, sizeof(scratch));
+ OPENSSL_memcpy(scratch, &ad[ad_len & ~15], ad_len & 15);
CRYPTO_POLYVAL_update_blocks(&polyval_ctx, scratch, sizeof(scratch));
}
CRYPTO_POLYVAL_update_blocks(&polyval_ctx, in, in_len & ~15);
if (in_len & 15) {
- memset(scratch, 0, sizeof(scratch));
- memcpy(scratch, &in[in_len & ~15], in_len & 15);
+ OPENSSL_memset(scratch, 0, sizeof(scratch));
+ OPENSSL_memcpy(scratch, &in[in_len & ~15], in_len & 15);
CRYPTO_POLYVAL_update_blocks(&polyval_ctx, scratch, sizeof(scratch));
}
@@ -1655,7 +1655,7 @@
gcm_siv_crypt(out, in, in_len, tag, keys.enc_block, &keys.enc_key.ks);
- memcpy(&out[in_len], tag, EVP_AEAD_AES_GCM_SIV_TAG_LEN);
+ OPENSSL_memcpy(&out[in_len], tag, EVP_AEAD_AES_GCM_SIV_TAG_LEN);
*out_len = in_len + EVP_AEAD_AES_GCM_SIV_TAG_LEN;
return 1;
diff --git a/crypto/cipher/e_chacha20poly1305.c b/crypto/cipher/e_chacha20poly1305.c
index 9c80ba1..ed0d74c 100644
--- a/crypto/cipher/e_chacha20poly1305.c
+++ b/crypto/cipher/e_chacha20poly1305.c
@@ -55,7 +55,7 @@
return 0;
}
- memcpy(c20_ctx->key, key, key_len);
+ OPENSSL_memcpy(c20_ctx->key, key, key_len);
c20_ctx->tag_len = tag_len;
ctx->aead_state = c20_ctx;
@@ -94,7 +94,7 @@
size_t ad_len, const uint8_t *ciphertext,
size_t ciphertext_len) {
alignas(16) uint8_t poly1305_key[32];
- memset(poly1305_key, 0, sizeof(poly1305_key));
+ OPENSSL_memset(poly1305_key, 0, sizeof(poly1305_key));
CRYPTO_chacha_20(poly1305_key, poly1305_key, sizeof(poly1305_key),
c20_ctx->key, nonce, 0);
poly1305_state ctx;
@@ -137,7 +137,7 @@
alignas(16) uint8_t tag[POLY1305_TAG_LEN];
aead_poly1305(poly1305_update, tag, c20_ctx, nonce, ad, ad_len, out, in_len);
- memcpy(out + in_len, tag, c20_ctx->tag_len);
+ OPENSSL_memcpy(out + in_len, tag, c20_ctx->tag_len);
*out_len = in_len + c20_ctx->tag_len;
return 1;
}
@@ -261,8 +261,8 @@
return 0;
}
uint8_t nonce_96[12];
- memset(nonce_96, 0, 4);
- memcpy(nonce_96 + 4, nonce, 8);
+ OPENSSL_memset(nonce_96, 0, 4);
+ OPENSSL_memcpy(nonce_96 + 4, nonce, 8);
return seal_impl(poly1305_update_old, ctx, out, out_len, max_out_len,
nonce_96, in, in_len, ad, ad_len);
}
@@ -276,8 +276,8 @@
return 0;
}
uint8_t nonce_96[12];
- memset(nonce_96, 0, 4);
- memcpy(nonce_96 + 4, nonce, 8);
+ OPENSSL_memset(nonce_96, 0, 4);
+ OPENSSL_memcpy(nonce_96 + 4, nonce, 8);
return open_impl(poly1305_update_old, ctx, out, out_len, max_out_len,
nonce_96, in, in_len, ad, ad_len);
}
diff --git a/crypto/cipher/e_null.c b/crypto/cipher/e_null.c
index 3d6a24c..9f89308 100644
--- a/crypto/cipher/e_null.c
+++ b/crypto/cipher/e_null.c
@@ -60,6 +60,7 @@
#include <openssl/nid.h>
+#include "../internal.h"
#include "internal.h"
@@ -71,7 +72,7 @@
static int null_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out,
const uint8_t *in, size_t in_len) {
if (in != out) {
- memcpy(out, in, in_len);
+ OPENSSL_memcpy(out, in, in_len);
}
return 1;
}
diff --git a/crypto/cipher/e_ssl3.c b/crypto/cipher/e_ssl3.c
index ef87594..f1dad2b 100644
--- a/crypto/cipher/e_ssl3.c
+++ b/crypto/cipher/e_ssl3.c
@@ -25,6 +25,7 @@
#include <openssl/sha.h>
#include "internal.h"
+#include "../internal.h"
typedef struct {
@@ -49,7 +50,7 @@
uint8_t pad[48];
uint8_t tmp[EVP_MAX_MD_SIZE];
- memset(pad, 0x36, pad_len);
+ OPENSSL_memset(pad, 0x36, pad_len);
if (!EVP_MD_CTX_copy_ex(&md_ctx, &ssl3_ctx->md_ctx) ||
!EVP_DigestUpdate(&md_ctx, pad, pad_len) ||
!EVP_DigestUpdate(&md_ctx, ad, ad_len) ||
@@ -60,7 +61,7 @@
return 0;
}
- memset(pad, 0x5c, pad_len);
+ OPENSSL_memset(pad, 0x5c, pad_len);
if (!EVP_MD_CTX_copy_ex(&md_ctx, &ssl3_ctx->md_ctx) ||
!EVP_DigestUpdate(&md_ctx, pad, pad_len) ||
!EVP_DigestUpdate(&md_ctx, tmp, md_size) ||
@@ -188,7 +189,7 @@
/* Compute padding and feed that into the cipher. */
uint8_t padding[256];
unsigned padding_len = block_size - ((in_len + mac_len) % block_size);
- memset(padding, 0, padding_len - 1);
+ OPENSSL_memset(padding, 0, padding_len - 1);
padding[padding_len - 1] = padding_len - 1;
if (!EVP_EncryptUpdate(&ssl3_ctx->cipher_ctx, out + total, &len, padding,
(int)padding_len)) {
diff --git a/crypto/cipher/e_tls.c b/crypto/cipher/e_tls.c
index c0d18fd..7d9bbee 100644
--- a/crypto/cipher/e_tls.c
+++ b/crypto/cipher/e_tls.c
@@ -80,7 +80,7 @@
EVP_CIPHER_CTX_init(&tls_ctx->cipher_ctx);
HMAC_CTX_init(&tls_ctx->hmac_ctx);
assert(mac_key_len <= EVP_MAX_MD_SIZE);
- memcpy(tls_ctx->mac_key, key, mac_key_len);
+ OPENSSL_memcpy(tls_ctx->mac_key, key, mac_key_len);
tls_ctx->mac_key_len = (uint8_t)mac_key_len;
tls_ctx->implicit_iv = implicit_iv;
@@ -182,7 +182,7 @@
/* Compute padding and feed that into the cipher. */
uint8_t padding[256];
unsigned padding_len = block_size - ((in_len + mac_len) % block_size);
- memset(padding, padding_len - 1, padding_len);
+ OPENSSL_memset(padding, padding_len - 1, padding_len);
if (!EVP_EncryptUpdate(&tls_ctx->cipher_ctx, out + total, &len, padding,
(int)padding_len)) {
return 0;
@@ -288,7 +288,7 @@
/* To allow for CBC mode which changes cipher length, |ad| doesn't include the
* length for legacy ciphers. */
uint8_t ad_fixed[13];
- memcpy(ad_fixed, ad, 11);
+ OPENSSL_memcpy(ad_fixed, ad, 11);
ad_fixed[11] = (uint8_t)(data_len >> 8);
ad_fixed[12] = (uint8_t)(data_len & 0xff);
ad_len += 2;
diff --git a/crypto/cipher/tls_cbc.c b/crypto/cipher/tls_cbc.c
index eb56604..52880b0 100644
--- a/crypto/cipher/tls_cbc.c
+++ b/crypto/cipher/tls_cbc.c
@@ -148,7 +148,7 @@
unsigned rotate_offset = 0;
uint8_t mac_started = 0;
- memset(rotated_mac, 0, md_size);
+ OPENSSL_memset(rotated_mac, 0, md_size);
for (unsigned i = scan_start, j = 0; i < orig_len; i++, j++) {
if (j >= md_size) {
j -= md_size;
@@ -184,7 +184,7 @@
rotated_mac_tmp = tmp;
}
- memcpy(out, rotated_mac, md_size);
+ OPENSSL_memcpy(out, rotated_mac, md_size);
}
/* u32toBE serialises an unsigned, 32-bit number (n) as four bytes at (p) in
@@ -382,16 +382,16 @@
/* Compute the initial HMAC block. */
bits += 8 * md_block_size;
- memset(hmac_pad, 0, md_block_size);
+ OPENSSL_memset(hmac_pad, 0, md_block_size);
assert(mac_secret_length <= sizeof(hmac_pad));
- memcpy(hmac_pad, mac_secret, mac_secret_length);
+ OPENSSL_memcpy(hmac_pad, mac_secret, mac_secret_length);
for (i = 0; i < md_block_size; i++) {
hmac_pad[i] ^= 0x36;
}
md_transform(md_state.c, hmac_pad);
- memset(length_bytes, 0, md_length_size - 4);
+ OPENSSL_memset(length_bytes, 0, md_length_size - 4);
length_bytes[md_length_size - 4] = (uint8_t)(bits >> 24);
length_bytes[md_length_size - 3] = (uint8_t)(bits >> 16);
length_bytes[md_length_size - 2] = (uint8_t)(bits >> 8);
@@ -399,15 +399,15 @@
if (k > 0) {
/* k is a multiple of md_block_size. */
- memcpy(first_block, header, 13);
- memcpy(first_block + 13, data, md_block_size - 13);
+ OPENSSL_memcpy(first_block, header, 13);
+ OPENSSL_memcpy(first_block + 13, data, md_block_size - 13);
md_transform(md_state.c, first_block);
for (i = 1; i < k / md_block_size; i++) {
md_transform(md_state.c, data + md_block_size * i - 13);
}
}
- memset(mac_out, 0, sizeof(mac_out));
+ OPENSSL_memset(mac_out, 0, sizeof(mac_out));
/* We now process the final hash blocks. For each block, we construct
* it in constant time. If the |i==index_a| then we'll include the 0x80
diff --git a/crypto/cmac/cmac.c b/crypto/cmac/cmac.c
index fa4c3c4..a9a527d 100644
--- a/crypto/cmac/cmac.c
+++ b/crypto/cmac/cmac.c
@@ -55,6 +55,8 @@
#include <openssl/cipher.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
struct cmac_ctx_st {
EVP_CIPHER_CTX cipher_ctx;
@@ -176,7 +178,7 @@
todo = in_len;
}
- memcpy(ctx->block + ctx->block_used, in, todo);
+ OPENSSL_memcpy(ctx->block + ctx->block_used, in, todo);
in += todo;
in_len -= todo;
ctx->block_used += todo;
@@ -206,7 +208,7 @@
in_len -= AES_BLOCK_SIZE;
}
- memcpy(ctx->block, in, in_len);
+ OPENSSL_memcpy(ctx->block, in, in_len);
ctx->block_used = in_len;
return 1;
@@ -224,8 +226,8 @@
/* If the last block is incomplete, terminate it with a single 'one' bit
* followed by zeros. */
ctx->block[ctx->block_used] = 0x80;
- memset(ctx->block + ctx->block_used + 1, 0,
- AES_BLOCK_SIZE - (ctx->block_used + 1));
+ OPENSSL_memset(ctx->block + ctx->block_used + 1, 0,
+ AES_BLOCK_SIZE - (ctx->block_used + 1));
mask = ctx->k2;
}
diff --git a/crypto/conf/conf.c b/crypto/conf/conf.c
index 96a534a..5b51d22 100644
--- a/crypto/conf/conf.c
+++ b/crypto/conf/conf.c
@@ -66,6 +66,7 @@
#include "conf_def.h"
#include "internal.h"
+#include "../internal.h"
static uint32_t conf_value_hash(const CONF_VALUE *v) {
@@ -118,7 +119,7 @@
OPENSSL_PUT_ERROR(CONF, ERR_R_MALLOC_FAILURE);
return NULL;
}
- memset(v, 0, sizeof(CONF_VALUE));
+ OPENSSL_memset(v, 0, sizeof(CONF_VALUE));
return v;
}
@@ -353,7 +354,7 @@
static CONF_VALUE *get_section(const CONF *conf, const char *section) {
CONF_VALUE template;
- memset(&template, 0, sizeof(template));
+ OPENSSL_memset(&template, 0, sizeof(template));
template.section = (char *) section;
return lh_CONF_VALUE_retrieve(conf->data, &template);
}
@@ -370,7 +371,7 @@
const char *name) {
CONF_VALUE template, *value;
- memset(&template, 0, sizeof(template));
+ OPENSSL_memset(&template, 0, sizeof(template));
template.section = (char *) section;
template.name = (char *) name;
value = lh_CONF_VALUE_retrieve(conf->data, &template);
diff --git a/crypto/cpu-arm-linux.c b/crypto/cpu-arm-linux.c
index 73c38ec..95bb5ee 100644
--- a/crypto/cpu-arm-linux.c
+++ b/crypto/cpu-arm-linux.c
@@ -161,7 +161,7 @@
static int STRING_PIECE_equals(const STRING_PIECE *a, const char *b) {
size_t b_len = strlen(b);
- return a->len == b_len && memcmp(a->data, b, b_len) == 0;
+ return a->len == b_len && OPENSSL_memcmp(a->data, b, b_len) == 0;
}
/* STRING_PIECE_split finds the first occurence of |sep| in |in| and, if found,
@@ -169,7 +169,7 @@
* returns one if |sep| was found and zero otherwise. */
static int STRING_PIECE_split(STRING_PIECE *out_left, STRING_PIECE *out_right,
const STRING_PIECE *in, char sep) {
- const char *p = memchr(in->data, sep, in->len);
+ const char *p = OPENSSL_memchr(in->data, sep, in->len);
if (p == NULL) {
return 0;
}
diff --git a/crypto/curve25519/curve25519.c b/crypto/curve25519/curve25519.c
index d660b6c..c91e78e 100644
--- a/crypto/curve25519/curve25519.c
+++ b/crypto/curve25519/curve25519.c
@@ -29,6 +29,7 @@
#include <openssl/sha.h>
#include "internal.h"
+#include "../internal.h"
static const int64_t kBottom25Bits = INT64_C(0x1ffffff);
@@ -204,15 +205,15 @@
/* h = f */
static void fe_copy(fe h, const fe f) {
- memmove(h, f, sizeof(int32_t) * 10);
+ OPENSSL_memmove(h, f, sizeof(int32_t) * 10);
}
/* h = 0 */
-static void fe_0(fe h) { memset(h, 0, sizeof(int32_t) * 10); }
+static void fe_0(fe h) { OPENSSL_memset(h, 0, sizeof(int32_t) * 10); }
/* h = 1 */
static void fe_1(fe h) {
- memset(h, 0, sizeof(int32_t) * 10);
+ OPENSSL_memset(h, 0, sizeof(int32_t) * 10);
h[0] = 1;
}
@@ -4662,11 +4663,11 @@
fe_neg(A.T, A.T);
uint8_t pkcopy[32];
- memcpy(pkcopy, public_key, 32);
+ OPENSSL_memcpy(pkcopy, public_key, 32);
uint8_t rcopy[32];
- memcpy(rcopy, signature, 32);
+ OPENSSL_memcpy(rcopy, signature, 32);
uint8_t scopy[32];
- memcpy(scopy, signature + 32, 32);
+ OPENSSL_memcpy(scopy, signature + 32, 32);
SHA512_CTX hash_ctx;
SHA512_Init(&hash_ctx);
@@ -4701,8 +4702,8 @@
x25519_ge_scalarmult_base(&A, az);
ge_p3_tobytes(out_public_key, &A);
- memcpy(out_private_key, seed, 32);
- memcpy(out_private_key + 32, out_public_key, 32);
+ OPENSSL_memcpy(out_private_key, seed, 32);
+ OPENSSL_memcpy(out_private_key + 32, out_public_key, 32);
}
@@ -4800,7 +4801,7 @@
fe x1, x2, z2, x3, z3, tmp0, tmp1;
uint8_t e[32];
- memcpy(e, scalar, 32);
+ OPENSSL_memcpy(e, scalar, 32);
e[0] &= 248;
e[31] &= 127;
e[31] |= 64;
@@ -4916,7 +4917,7 @@
#endif
uint8_t e[32];
- memcpy(e, private_key, 32);
+ OPENSSL_memcpy(e, private_key, 32);
e[0] &= 248;
e[31] &= 127;
e[31] |= 64;
diff --git a/crypto/curve25519/ed25519_test.cc b/crypto/curve25519/ed25519_test.cc
index 5af8ba7..7581730 100644
--- a/crypto/curve25519/ed25519_test.cc
+++ b/crypto/curve25519/ed25519_test.cc
@@ -17,6 +17,7 @@
#include <openssl/curve25519.h>
+#include "../internal.h"
#include "../test/file_test.h"
@@ -58,13 +59,13 @@
ED25519_keypair(public_key1, private_key1);
uint8_t seed[32];
- memcpy(seed, private_key1, sizeof(seed));
+ OPENSSL_memcpy(seed, private_key1, sizeof(seed));
uint8_t public_key2[32], private_key2[64];
ED25519_keypair_from_seed(public_key2, private_key2, seed);
- if (memcmp(public_key1, public_key2, sizeof(public_key1)) != 0 ||
- memcmp(private_key1, private_key2, sizeof(private_key1)) != 0) {
+ if (OPENSSL_memcmp(public_key1, public_key2, sizeof(public_key1)) != 0 ||
+ OPENSSL_memcmp(private_key1, private_key2, sizeof(private_key1)) != 0) {
fprintf(stderr, "TestKeypairFromSeed: resulting keypairs did not match.\n");
return false;
}
diff --git a/crypto/curve25519/spake25519.c b/crypto/curve25519/spake25519.c
index 617418c..5b794b3 100644
--- a/crypto/curve25519/spake25519.c
+++ b/crypto/curve25519/spake25519.c
@@ -22,6 +22,7 @@
#include <openssl/sha.h>
#include "internal.h"
+#include "../internal.h"
/* The following precomputation tables are for the following
@@ -291,7 +292,7 @@
return NULL;
}
- memset(ctx, 0, sizeof(SPAKE2_CTX));
+ OPENSSL_memset(ctx, 0, sizeof(SPAKE2_CTX));
ctx->my_role = my_role;
CBS my_name_cbs, their_name_cbs;
@@ -346,7 +347,7 @@
/* Multiply by the cofactor (eight) so that we'll clear it when operating on
* the peer's point later in the protocol. */
left_shift_3(private_tmp);
- memcpy(ctx->private_key, private_tmp, sizeof(ctx->private_key));
+ OPENSSL_memcpy(ctx->private_key, private_tmp, sizeof(ctx->private_key));
ge_p3 P;
x25519_ge_scalarmult_base(&P, ctx->private_key);
@@ -354,9 +355,9 @@
/* mask = h(password) * <N or M>. */
uint8_t password_tmp[SHA512_DIGEST_LENGTH];
SHA512(password, password_len, password_tmp);
- memcpy(ctx->password_hash, password_tmp, sizeof(ctx->password_hash));
+ OPENSSL_memcpy(ctx->password_hash, password_tmp, sizeof(ctx->password_hash));
x25519_sc_reduce(password_tmp);
- memcpy(ctx->password_scalar, password_tmp, sizeof(ctx->password_scalar));
+ OPENSSL_memcpy(ctx->password_scalar, password_tmp, sizeof(ctx->password_scalar));
ge_p3 mask;
x25519_ge_scalarmult_small_precomp(&mask, ctx->password_scalar,
@@ -375,7 +376,7 @@
x25519_ge_p1p1_to_p2(&Pstar_proj, &Pstar);
x25519_ge_tobytes(ctx->my_msg, &Pstar_proj);
- memcpy(out, ctx->my_msg, sizeof(ctx->my_msg));
+ OPENSSL_memcpy(out, ctx->my_msg, sizeof(ctx->my_msg));
*out_len = sizeof(ctx->my_msg);
ctx->state = spake2_state_msg_generated;
@@ -456,7 +457,7 @@
if (to_copy > sizeof(key)) {
to_copy = sizeof(key);
}
- memcpy(out_key, key, to_copy);
+ OPENSSL_memcpy(out_key, key, to_copy);
*out_key_len = to_copy;
ctx->state = spake2_state_key_generated;
diff --git a/crypto/curve25519/spake25519_test.cc b/crypto/curve25519/spake25519_test.cc
index 363b60c..3af073d 100644
--- a/crypto/curve25519/spake25519_test.cc
+++ b/crypto/curve25519/spake25519_test.cc
@@ -20,6 +20,8 @@
#include <openssl/curve25519.h>
+#include "../internal.h"
+
struct SPAKE2Run {
bool Run() {
@@ -71,7 +73,7 @@
}
key_matches_ = (alice_key_len == bob_key_len &&
- memcmp(alice_key, bob_key, alice_key_len) == 0);
+ OPENSSL_memcmp(alice_key, bob_key, alice_key_len) == 0);
return true;
}
diff --git a/crypto/curve25519/x25519-x86_64.c b/crypto/curve25519/x25519-x86_64.c
index 1bd86a0..9c3d414 100644
--- a/crypto/curve25519/x25519-x86_64.c
+++ b/crypto/curve25519/x25519-x86_64.c
@@ -23,6 +23,7 @@
#include <string.h>
+#include "../internal.h"
#include "internal.h"
@@ -228,7 +229,7 @@
void x25519_x86_64(uint8_t out[32], const uint8_t scalar[32],
const uint8_t point[32]) {
uint8_t e[32];
- memcpy(e, scalar, sizeof(e));
+ OPENSSL_memcpy(e, scalar, sizeof(e));
e[0] &= 248;
e[31] &= 127;
diff --git a/crypto/curve25519/x25519_test.cc b/crypto/curve25519/x25519_test.cc
index 24dfa65..b1a37d4 100644
--- a/crypto/curve25519/x25519_test.cc
+++ b/crypto/curve25519/x25519_test.cc
@@ -18,6 +18,8 @@
#include <openssl/curve25519.h>
+#include "../internal.h"
+
static bool TestX25519() {
/* Taken from https://tools.ietf.org/html/rfc7748#section-5.2 */
@@ -40,7 +42,7 @@
0x4d, 0xf2, 0x8d, 0x08, 0x4f, 0x32, 0xec, 0xcf, 0x03, 0x49, 0x1c,
0x71, 0xf7, 0x54, 0xb4, 0x07, 0x55, 0x77, 0xa2, 0x85, 0x52,
};
- if (memcmp(kExpected1, out, sizeof(out)) != 0) {
+ if (OPENSSL_memcmp(kExpected1, out, sizeof(out)) != 0) {
fprintf(stderr, "X25519 test one failed.\n");
return false;
}
@@ -63,7 +65,7 @@
0x5c, 0xb4, 0xb8, 0x73, 0xf8, 0x8b, 0x59, 0x5a, 0x68, 0x79, 0x9f,
0xa1, 0x52, 0xe6, 0xf8, 0xf7, 0x64, 0x7a, 0xac, 0x79, 0x57,
};
- if (memcmp(kExpected2, out, sizeof(out)) != 0) {
+ if (OPENSSL_memcmp(kExpected2, out, sizeof(out)) != 0) {
fprintf(stderr, "X25519 test two failed.\n");
return false;
}
@@ -79,7 +81,7 @@
};
uint8_t out[32], private_key[32];
- memset(private_key, 0x11, sizeof(private_key));
+ OPENSSL_memset(private_key, 0x11, sizeof(private_key));
if (X25519(out, private_key, kSmallOrderPoint)) {
fprintf(stderr, "X25519 returned success with a small-order input.\n");
@@ -96,8 +98,8 @@
unsigned i;
for (i = 0; i < 1000; i++) {
X25519(out, scalar, point);
- memcpy(point, scalar, sizeof(point));
- memcpy(scalar, out, sizeof(scalar));
+ OPENSSL_memcpy(point, scalar, sizeof(point));
+ OPENSSL_memcpy(scalar, out, sizeof(scalar));
}
static const uint8_t kExpected[32] = {
@@ -106,7 +108,7 @@
0xe3, 0x87, 0x5f, 0x2e, 0xb9, 0x4d, 0x99, 0x53, 0x2c, 0x51,
};
- if (memcmp(kExpected, scalar, sizeof(kExpected)) != 0) {
+ if (OPENSSL_memcmp(kExpected, scalar, sizeof(kExpected)) != 0) {
fprintf(stderr, "Iterated X25519 test failed\n");
return false;
}
diff --git a/crypto/dh/dh.c b/crypto/dh/dh.c
index 7545071..69a7ec8 100644
--- a/crypto/dh/dh.c
+++ b/crypto/dh/dh.c
@@ -79,7 +79,7 @@
return NULL;
}
- memset(dh, 0, sizeof(DH));
+ OPENSSL_memset(dh, 0, sizeof(DH));
CRYPTO_MUTEX_init(&dh->method_mont_p_lock);
diff --git a/crypto/dh/dh_test.cc b/crypto/dh/dh_test.cc
index 99bb945..8165c1a 100644
--- a/crypto/dh/dh_test.cc
+++ b/crypto/dh/dh_test.cc
@@ -68,6 +68,8 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
static bool RunBasicTests();
static bool RunRFC5114Tests();
@@ -470,9 +472,9 @@
}
if (static_cast<size_t>(ret1) != td->Z_len ||
- memcmp(Z1.data(), td->Z, td->Z_len) != 0 ||
+ OPENSSL_memcmp(Z1.data(), td->Z, td->Z_len) != 0 ||
static_cast<size_t>(ret2) != td->Z_len ||
- memcmp(Z2.data(), td->Z, td->Z_len) != 0) {
+ OPENSSL_memcmp(Z2.data(), td->Z, td->Z_len) != 0) {
fprintf(stderr, "Test failed RFC5114 set %u\n", i + 1);
return false;
}
@@ -576,7 +578,8 @@
return false;
}
bssl::UniquePtr<uint8_t> free_der(der);
- if (der_len != sizeof(kParams) || memcmp(der, kParams, der_len) != 0) {
+ if (der_len != sizeof(kParams) ||
+ OPENSSL_memcmp(der, kParams, der_len) != 0) {
return false;
}
@@ -618,7 +621,8 @@
return false;
}
bssl::UniquePtr<uint8_t> free_der2(der);
- if (der_len != sizeof(kParamsDSA) || memcmp(der, kParamsDSA, der_len) != 0) {
+ if (der_len != sizeof(kParamsDSA) ||
+ OPENSSL_memcmp(der, kParamsDSA, der_len) != 0) {
return false;
}
@@ -653,7 +657,7 @@
uint8_t buffer[sizeof(kPrime1536)];
if (BN_num_bytes(bn.get()) != sizeof(kPrime1536) ||
BN_bn2bin(bn.get(), buffer) != sizeof(kPrime1536) ||
- memcmp(buffer, kPrime1536, sizeof(kPrime1536)) != 0) {
+ OPENSSL_memcmp(buffer, kPrime1536, sizeof(kPrime1536)) != 0) {
fprintf(stderr, "1536-bit MODP prime did not match.\n");
return false;
}
diff --git a/crypto/digest/digest.c b/crypto/digest/digest.c
index fdd9fe5..9c9962b 100644
--- a/crypto/digest/digest.c
+++ b/crypto/digest/digest.c
@@ -63,6 +63,7 @@
#include <openssl/mem.h>
#include "internal.h"
+#include "../internal.h"
int EVP_MD_type(const EVP_MD *md) { return md->type; }
@@ -74,7 +75,9 @@
size_t EVP_MD_block_size(const EVP_MD *md) { return md->block_size; }
-void EVP_MD_CTX_init(EVP_MD_CTX *ctx) { memset(ctx, 0, sizeof(EVP_MD_CTX)); }
+void EVP_MD_CTX_init(EVP_MD_CTX *ctx) {
+ OPENSSL_memset(ctx, 0, sizeof(EVP_MD_CTX));
+}
EVP_MD_CTX *EVP_MD_CTX_create(void) {
EVP_MD_CTX *ctx = OPENSSL_malloc(sizeof(EVP_MD_CTX));
@@ -140,7 +143,7 @@
return 0;
}
}
- memcpy(out->md_data, in->md_data, in->digest->ctx_size);
+ OPENSSL_memcpy(out->md_data, in->md_data, in->digest->ctx_size);
}
assert(in->pctx == NULL || in->pctx_ops != NULL);
diff --git a/crypto/digest/md32_common.h b/crypto/digest/md32_common.h
index 818eb63..45fe939 100644
--- a/crypto/digest/md32_common.h
+++ b/crypto/digest/md32_common.h
@@ -53,6 +53,8 @@
#include <assert.h>
+#include "../internal.h"
+
#if defined(__cplusplus)
extern "C" {
#endif
@@ -194,16 +196,16 @@
size_t n = c->num;
if (n != 0) {
if (len >= HASH_CBLOCK || len + n >= HASH_CBLOCK) {
- memcpy(c->data + n, data, HASH_CBLOCK - n);
+ OPENSSL_memcpy(c->data + n, data, HASH_CBLOCK - n);
HASH_BLOCK_DATA_ORDER(c->h, c->data, 1);
n = HASH_CBLOCK - n;
data += n;
len -= n;
c->num = 0;
/* Keep |c->data| zeroed when unused. */
- memset(c->data, 0, HASH_CBLOCK);
+ OPENSSL_memset(c->data, 0, HASH_CBLOCK);
} else {
- memcpy(c->data + n, data, len);
+ OPENSSL_memcpy(c->data + n, data, len);
c->num += (unsigned)len;
return 1;
}
@@ -219,7 +221,7 @@
if (len != 0) {
c->num = (unsigned)len;
- memcpy(c->data, data, len);
+ OPENSSL_memcpy(c->data, data, len);
}
return 1;
}
@@ -240,11 +242,11 @@
/* Fill the block with zeros if there isn't room for a 64-bit length. */
if (n > (HASH_CBLOCK - 8)) {
- memset(c->data + n, 0, HASH_CBLOCK - n);
+ OPENSSL_memset(c->data + n, 0, HASH_CBLOCK - n);
n = 0;
HASH_BLOCK_DATA_ORDER(c->h, c->data, 1);
}
- memset(c->data + n, 0, HASH_CBLOCK - 8 - n);
+ OPENSSL_memset(c->data + n, 0, HASH_CBLOCK - 8 - n);
/* Append a 64-bit length to the block and process it. */
uint8_t *p = c->data + HASH_CBLOCK - 8;
@@ -258,7 +260,7 @@
assert(p == c->data + HASH_CBLOCK);
HASH_BLOCK_DATA_ORDER(c->h, c->data, 1);
c->num = 0;
- memset(c->data, 0, HASH_CBLOCK);
+ OPENSSL_memset(c->data, 0, HASH_CBLOCK);
HASH_MAKE_STRING(c, md);
return 1;
diff --git a/crypto/dsa/dsa.c b/crypto/dsa/dsa.c
index 3e5894a..65e4091 100644
--- a/crypto/dsa/dsa.c
+++ b/crypto/dsa/dsa.c
@@ -90,7 +90,7 @@
return NULL;
}
- memset(dsa, 0, sizeof(DSA));
+ OPENSSL_memset(dsa, 0, sizeof(DSA));
dsa->references = 1;
@@ -188,7 +188,7 @@
/* Only consume as much seed as is expected. */
seed_len = qsize;
}
- memcpy(seed, seed_in, seed_len);
+ OPENSSL_memcpy(seed, seed_in, seed_len);
}
ctx = BN_CTX_new();
@@ -232,8 +232,8 @@
/* If we come back through, use random seed next time. */
seed_in = NULL;
}
- memcpy(buf, seed, qsize);
- memcpy(buf2, seed, qsize);
+ OPENSSL_memcpy(buf, seed, qsize);
+ OPENSSL_memcpy(buf2, seed, qsize);
/* precompute "SEED + 1" for step 7: */
for (i = qsize - 1; i < qsize; i--) {
buf[i]++;
@@ -763,7 +763,8 @@
/* Ensure that the signature uses DER and doesn't have trailing garbage. */
int der_len = i2d_DSA_SIG(s, &der);
- if (der_len < 0 || (size_t)der_len != sig_len || memcmp(sig, der, sig_len)) {
+ if (der_len < 0 || (size_t)der_len != sig_len ||
+ OPENSSL_memcmp(sig, der, sig_len)) {
goto err;
}
diff --git a/crypto/dsa/dsa_test.c b/crypto/dsa/dsa_test.c
index 6296c8f..e95c3b0 100644
--- a/crypto/dsa/dsa_test.c
+++ b/crypto/dsa/dsa_test.c
@@ -65,6 +65,8 @@
#include <openssl/crypto.h>
#include <openssl/err.h>
+#include "../internal.h"
+
static int dsa_cb(int p, int n, BN_GENCB *arg);
@@ -217,21 +219,21 @@
i = BN_bn2bin(dsa->q, buf);
j = sizeof(fips_q);
- if (i != j || memcmp(buf, fips_q, i) != 0) {
+ if (i != j || OPENSSL_memcmp(buf, fips_q, i) != 0) {
fprintf(stderr, "q value is wrong\n");
goto end;
}
i = BN_bn2bin(dsa->p, buf);
j = sizeof(fips_p);
- if (i != j || memcmp(buf, fips_p, i) != 0) {
+ if (i != j || OPENSSL_memcmp(buf, fips_p, i) != 0) {
fprintf(stderr, "p value is wrong\n");
goto end;
}
i = BN_bn2bin(dsa->g, buf);
j = sizeof(fips_g);
- if (i != j || memcmp(buf, fips_g, i) != 0) {
+ if (i != j || OPENSSL_memcmp(buf, fips_g, i) != 0) {
fprintf(stderr, "g value is wrong\n");
goto end;
}
diff --git a/crypto/ec/ec.c b/crypto/ec/ec.c
index 7e76dfe..96bb703 100644
--- a/crypto/ec/ec.c
+++ b/crypto/ec/ec.c
@@ -350,7 +350,7 @@
OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);
return NULL;
}
- memset(ret, 0, sizeof(EC_GROUP));
+ OPENSSL_memset(ret, 0, sizeof(EC_GROUP));
ret->meth = meth;
BN_init(&ret->order);
diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c
index f31e158..35c8f27 100644
--- a/crypto/ec/ec_asn1.c
+++ b/crypto/ec/ec_asn1.c
@@ -64,6 +64,7 @@
#include "internal.h"
#include "../bytestring/internal.h"
+#include "../internal.h"
static const uint8_t kParametersTag =
@@ -271,7 +272,7 @@
!CBS_get_asn1(¶ms, &field_id, CBS_ASN1_SEQUENCE) ||
!CBS_get_asn1(&field_id, &field_type, CBS_ASN1_OBJECT) ||
CBS_len(&field_type) != sizeof(kPrimeField) ||
- memcmp(CBS_data(&field_type), kPrimeField, sizeof(kPrimeField)) != 0 ||
+ OPENSSL_memcmp(CBS_data(&field_type), kPrimeField, sizeof(kPrimeField)) != 0 ||
!CBS_get_asn1(&field_id, out_prime, CBS_ASN1_INTEGER) ||
!is_unsigned_integer(out_prime) ||
CBS_len(&field_id) != 0 ||
@@ -335,7 +336,7 @@
for (i = 0; OPENSSL_built_in_curves[i].nid != NID_undef; i++) {
const struct built_in_curve *curve = &OPENSSL_built_in_curves[i];
if (CBS_len(&named_curve) == curve->oid_len &&
- memcmp(CBS_data(&named_curve), curve->oid, curve->oid_len) == 0) {
+ OPENSSL_memcmp(CBS_data(&named_curve), curve->oid, curve->oid_len) == 0) {
return EC_GROUP_new_by_curve_name(curve->nid);
}
}
diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c
index 3e4456c..1a93346 100644
--- a/crypto/ec/ec_key.c
+++ b/crypto/ec/ec_key.c
@@ -91,7 +91,7 @@
return NULL;
}
- memset(ret, 0, sizeof(EC_KEY));
+ OPENSSL_memset(ret, 0, sizeof(EC_KEY));
if (engine) {
ret->ecdsa_meth = ENGINE_get_ECDSA_method(engine);
diff --git a/crypto/ec/p224-64.c b/crypto/ec/p224-64.c
index 825bbc3..b948b31 100644
--- a/crypto/ec/p224-64.c
+++ b/crypto/ec/p224-64.c
@@ -211,7 +211,7 @@
static int BN_to_felem(felem out, const BIGNUM *bn) {
/* BN_bn2bin eats leading zeroes */
felem_bytearray b_out;
- memset(b_out, 0, sizeof(b_out));
+ OPENSSL_memset(b_out, 0, sizeof(b_out));
size_t num_bytes = BN_num_bytes(bn);
if (num_bytes > sizeof(b_out) ||
BN_is_negative(bn)) {
@@ -860,7 +860,7 @@
static void select_point(const u64 idx, size_t size,
const felem pre_comp[/*size*/][3], felem out[3]) {
limb *outlimbs = &out[0][0];
- memset(outlimbs, 0, 3 * sizeof(felem));
+ OPENSSL_memset(outlimbs, 0, 3 * sizeof(felem));
for (size_t i = 0; i < size; i++) {
const limb *inlimbs = &pre_comp[i][0][0];
@@ -898,7 +898,7 @@
u8 sign, digit;
/* set nq to the point at infinity */
- memset(nq, 0, 3 * sizeof(felem));
+ OPENSSL_memset(nq, 0, 3 * sizeof(felem));
/* Loop over all scalars msb-to-lsb, interleaving additions
* of multiples of the generator (two in each of the last 28 rounds)
@@ -925,7 +925,7 @@
point_add(nq[0], nq[1], nq[2], nq[0], nq[1], nq[2], 1 /* mixed */,
tmp[0], tmp[1], tmp[2]);
} else {
- memcpy(nq, tmp, 3 * sizeof(felem));
+ OPENSSL_memcpy(nq, tmp, 3 * sizeof(felem));
skip = 0;
}
@@ -962,7 +962,7 @@
point_add(nq[0], nq[1], nq[2], nq[0], nq[1], nq[2], 0 /* mixed */,
tmp[0], tmp[1], tmp[2]);
} else {
- memcpy(nq, tmp, 3 * sizeof(felem));
+ OPENSSL_memcpy(nq, tmp, 3 * sizeof(felem));
skip = 0;
}
}
@@ -1074,8 +1074,8 @@
/* we treat NULL scalars as 0, and NULL points as points at infinity,
* i.e., they contribute nothing to the linear combination */
- memset(secrets, 0, num_points * sizeof(felem_bytearray));
- memset(pre_comp, 0, num_points * 17 * 3 * sizeof(felem));
+ OPENSSL_memset(secrets, 0, num_points * sizeof(felem_bytearray));
+ OPENSSL_memset(pre_comp, 0, num_points * 17 * 3 * sizeof(felem));
for (size_t i = 0; i < num_points; ++i) {
if (i == num) {
/* the generator */
@@ -1131,7 +1131,7 @@
}
if (g_scalar != NULL) {
- memset(g_secret, 0, sizeof(g_secret));
+ OPENSSL_memset(g_secret, 0, sizeof(g_secret));
size_t num_bytes;
/* reduce g_scalar to 0 <= g_scalar < 2^224 */
if (BN_num_bits(g_scalar) > 224 || BN_is_negative(g_scalar)) {
diff --git a/crypto/ec/p256-64.c b/crypto/ec/p256-64.c
index 6a54200..38fee45 100644
--- a/crypto/ec/p256-64.c
+++ b/crypto/ec/p256-64.c
@@ -108,7 +108,7 @@
felem_bytearray b_out;
/* BN_bn2bin eats leading zeroes */
- memset(b_out, 0, sizeof(b_out));
+ OPENSSL_memset(b_out, 0, sizeof(b_out));
size_t num_bytes = BN_num_bytes(bn);
if (num_bytes > sizeof(b_out)) {
OPENSSL_PUT_ERROR(EC, EC_R_BIGNUM_OUT_OF_RANGE);
@@ -1402,7 +1402,7 @@
const smallfelem pre_comp[/*size*/][3],
smallfelem out[3]) {
u64 *outlimbs = &out[0][0];
- memset(outlimbs, 0, 3 * sizeof(smallfelem));
+ OPENSSL_memset(outlimbs, 0, 3 * sizeof(smallfelem));
for (size_t i = 0; i < size; i++) {
const u64 *inlimbs = (const u64 *)&pre_comp[i][0][0];
@@ -1441,7 +1441,7 @@
u8 sign, digit;
/* set nq to the point at infinity */
- memset(nq, 0, 3 * sizeof(felem));
+ OPENSSL_memset(nq, 0, 3 * sizeof(felem));
/* Loop over all scalars msb-to-lsb, interleaving additions of multiples
* of the generator (two in each of the last 32 rounds) and additions of
@@ -1632,8 +1632,8 @@
/* we treat NULL scalars as 0, and NULL points as points at infinity,
* i.e., they contribute nothing to the linear combination. */
- memset(secrets, 0, num_points * sizeof(felem_bytearray));
- memset(pre_comp, 0, num_points * 17 * 3 * sizeof(smallfelem));
+ OPENSSL_memset(secrets, 0, num_points * sizeof(felem_bytearray));
+ OPENSSL_memset(pre_comp, 0, num_points * 17 * 3 * sizeof(smallfelem));
for (size_t i = 0; i < num_points; ++i) {
if (i == num) {
/* we didn't have a valid precomputation, so we pick the generator. */
@@ -1688,7 +1688,7 @@
if (g_scalar != NULL) {
size_t num_bytes;
- memset(g_secret, 0, sizeof(g_secret));
+ OPENSSL_memset(g_secret, 0, sizeof(g_secret));
/* reduce g_scalar to 0 <= g_scalar < 2^256 */
if (BN_num_bits(g_scalar) > 256 || BN_is_negative(g_scalar)) {
/* this is an unusual input, and we don't guarantee
diff --git a/crypto/ec/p256-x86_64.c b/crypto/ec/p256-x86_64.c
index 0a3be92..2400740 100644
--- a/crypto/ec/p256-x86_64.c
+++ b/crypto/ec/p256-x86_64.c
@@ -208,8 +208,8 @@
return 0;
}
- memset(out, 0, sizeof(BN_ULONG) * P256_LIMBS);
- memcpy(out, in->d, sizeof(BN_ULONG) * in->top);
+ OPENSSL_memset(out, 0, sizeof(BN_ULONG) * P256_LIMBS);
+ OPENSSL_memcpy(out, in->d, sizeof(BN_ULONG) * in->top);
return 1;
}
@@ -441,7 +441,7 @@
/* Convert |p| from affine to Jacobian coordinates. We set Z to zero if |p|
* is infinity and |ONE| otherwise. |p| was computed from the table, so it
* is infinity iff |wvalue >> 1| is zero. */
- memset(p.p.Z, 0, sizeof(p.p.Z));
+ OPENSSL_memset(p.p.Z, 0, sizeof(p.p.Z));
copy_conditional(p.p.Z, ONE, is_not_zero(wvalue >> 1));
for (i = 1; i < 37; i++) {
diff --git a/crypto/ec/p256-x86_64_test.cc b/crypto/ec/p256-x86_64_test.cc
index 531edcf..afc3b54 100644
--- a/crypto/ec/p256-x86_64_test.cc
+++ b/crypto/ec/p256-x86_64_test.cc
@@ -38,9 +38,9 @@
// Fill a table with some garbage input.
P256_POINT table[16];
for (size_t i = 0; i < 16; i++) {
- memset(table[i].X, 3 * i, sizeof(table[i].X));
- memset(table[i].Y, 3 * i + 1, sizeof(table[i].Y));
- memset(table[i].Z, 3 * i + 2, sizeof(table[i].Z));
+ OPENSSL_memset(table[i].X, 3 * i, sizeof(table[i].X));
+ OPENSSL_memset(table[i].Y, 3 * i + 1, sizeof(table[i].Y));
+ OPENSSL_memset(table[i].Z, 3 * i + 2, sizeof(table[i].Z));
}
for (int i = 0; i <= 16; i++) {
@@ -49,12 +49,12 @@
P256_POINT expected;
if (i == 0) {
- memset(&expected, 0, sizeof(expected));
+ OPENSSL_memset(&expected, 0, sizeof(expected));
} else {
expected = table[i-1];
}
- if (memcmp(&val, &expected, sizeof(P256_POINT)) != 0) {
+ if (OPENSSL_memcmp(&val, &expected, sizeof(P256_POINT)) != 0) {
fprintf(stderr, "ecp_nistz256_select_w5(%d) gave the wrong value.\n", i);
return false;
}
@@ -67,8 +67,8 @@
// Fill a table with some garbage input.
P256_POINT_AFFINE table[64];
for (size_t i = 0; i < 64; i++) {
- memset(table[i].X, 2 * i, sizeof(table[i].X));
- memset(table[i].Y, 2 * i + 1, sizeof(table[i].Y));
+ OPENSSL_memset(table[i].X, 2 * i, sizeof(table[i].X));
+ OPENSSL_memset(table[i].Y, 2 * i + 1, sizeof(table[i].Y));
}
for (int i = 0; i <= 64; i++) {
@@ -77,12 +77,12 @@
P256_POINT_AFFINE expected;
if (i == 0) {
- memset(&expected, 0, sizeof(expected));
+ OPENSSL_memset(&expected, 0, sizeof(expected));
} else {
expected = table[i-1];
}
- if (memcmp(&val, &expected, sizeof(P256_POINT_AFFINE)) != 0) {
+ if (OPENSSL_memcmp(&val, &expected, sizeof(P256_POINT_AFFINE)) != 0) {
fprintf(stderr, "ecp_nistz256_select_w7(%d) gave the wrong value.\n", i);
return false;
}
@@ -105,7 +105,7 @@
// |byte| contains bytes in big-endian while |out| should contain |BN_ULONG|s
// in little-endian.
- memset(out, 0, P256_LIMBS * sizeof(BN_ULONG));
+ OPENSSL_memset(out, 0, P256_LIMBS * sizeof(BN_ULONG));
for (size_t i = 0; i < bytes.size(); i++) {
out[P256_LIMBS - 1 - (i / BN_BYTES)] <<= 8;
out[P256_LIMBS - 1 - (i / BN_BYTES)] |= bytes[i];
@@ -127,7 +127,7 @@
static bool ExpectFieldElementsEqual(FileTest *t, const char *message,
const BN_ULONG expected[P256_LIMBS],
const BN_ULONG actual[P256_LIMBS]) {
- if (memcmp(expected, actual, sizeof(BN_ULONG) * P256_LIMBS) == 0) {
+ if (OPENSSL_memcmp(expected, actual, sizeof(BN_ULONG) * P256_LIMBS) == 0) {
return true;
}
@@ -160,7 +160,7 @@
return false;
}
- memset(out, 0, sizeof(P256_POINT_AFFINE));
+ OPENSSL_memset(out, 0, sizeof(P256_POINT_AFFINE));
if (BN_is_zero(z.get())) {
// The point at infinity is represented as (0, 0).
@@ -189,8 +189,8 @@
return false;
}
- memcpy(out->X, x->d, sizeof(BN_ULONG) * x->top);
- memcpy(out->Y, y->d, sizeof(BN_ULONG) * y->top);
+ OPENSSL_memcpy(out->X, x->d, sizeof(BN_ULONG) * x->top);
+ OPENSSL_memcpy(out->Y, y->d, sizeof(BN_ULONG) * y->top);
return true;
}
@@ -209,7 +209,7 @@
return false;
}
- if (memcmp(expected, &affine, sizeof(P256_POINT_AFFINE)) != 0) {
+ if (OPENSSL_memcmp(expected, &affine, sizeof(P256_POINT_AFFINE)) != 0) {
t->PrintLine("%s", message);
t->PrintLine("Expected: (%s, %s)",
FieldElementToString(expected->X).c_str(),
@@ -237,7 +237,7 @@
return false;
}
- memcpy(ret, a, sizeof(ret));
+ OPENSSL_memcpy(ret, a, sizeof(ret));
ecp_nistz256_neg(ret, ret);
if (!ExpectFieldElementsEqual(
t, "In-place ecp_nistz256_neg(A) was incorrect.", b, ret)) {
@@ -251,7 +251,7 @@
return false;
}
- memcpy(ret, b, sizeof(ret));
+ OPENSSL_memcpy(ret, b, sizeof(ret));
ecp_nistz256_neg(ret, ret);
if (!ExpectFieldElementsEqual(
t, "In-place ecp_nistz256_neg(B) was incorrect.", a, ret)) {
@@ -282,42 +282,42 @@
return false;
}
- memcpy(ret, a, sizeof(ret));
+ OPENSSL_memcpy(ret, a, sizeof(ret));
ecp_nistz256_mul_mont(ret, ret, b);
if (!ExpectFieldElementsEqual(
t, "ecp_nistz256_mul_mont(ret = A, B) was incorrect.", result, ret)) {
return false;
}
- memcpy(ret, a, sizeof(ret));
+ OPENSSL_memcpy(ret, a, sizeof(ret));
ecp_nistz256_mul_mont(ret, b, ret);
if (!ExpectFieldElementsEqual(
t, "ecp_nistz256_mul_mont(B, ret = A) was incorrect.", result, ret)) {
return false;
}
- memcpy(ret, b, sizeof(ret));
+ OPENSSL_memcpy(ret, b, sizeof(ret));
ecp_nistz256_mul_mont(ret, a, ret);
if (!ExpectFieldElementsEqual(
t, "ecp_nistz256_mul_mont(A, ret = B) was incorrect.", result, ret)) {
return false;
}
- memcpy(ret, b, sizeof(ret));
+ OPENSSL_memcpy(ret, b, sizeof(ret));
ecp_nistz256_mul_mont(ret, ret, a);
if (!ExpectFieldElementsEqual(
t, "ecp_nistz256_mul_mont(ret = B, A) was incorrect.", result, ret)) {
return false;
}
- if (memcmp(a, b, sizeof(a)) == 0) {
+ if (OPENSSL_memcmp(a, b, sizeof(a)) == 0) {
ecp_nistz256_sqr_mont(ret, a);
if (!ExpectFieldElementsEqual(t, "ecp_nistz256_sqr_mont(A) was incorrect.",
result, ret)) {
return false;
}
- memcpy(ret, a, sizeof(ret));
+ OPENSSL_memcpy(ret, a, sizeof(ret));
ecp_nistz256_sqr_mont(ret, ret);
if (!ExpectFieldElementsEqual(
t, "ecp_nistz256_sqr_mont(ret = A) was incorrect.", result, ret)) {
@@ -342,7 +342,7 @@
return false;
}
- memcpy(ret, a, sizeof(ret));
+ OPENSSL_memcpy(ret, a, sizeof(ret));
ecp_nistz256_from_mont(ret, ret);
if (!ExpectFieldElementsEqual(
t, "ecp_nistz256_from_mont(ret = A) was incorrect.", result, ret)) {
@@ -379,28 +379,28 @@
return false;
}
- memcpy(&ret, &a, sizeof(ret));
+ OPENSSL_memcpy(&ret, &a, sizeof(ret));
ecp_nistz256_point_add(&ret, &ret, &b);
if (!ExpectPointsEqual(t, "ecp_nistz256_point_add(ret = A, B) was incorrect.",
&result, &ret)) {
return false;
}
- memcpy(&ret, &a, sizeof(ret));
+ OPENSSL_memcpy(&ret, &a, sizeof(ret));
ecp_nistz256_point_add(&ret, &b, &ret);
if (!ExpectPointsEqual(t, "ecp_nistz256_point_add(B, ret = A) was incorrect.",
&result, &ret)) {
return false;
}
- memcpy(&ret, &b, sizeof(ret));
+ OPENSSL_memcpy(&ret, &b, sizeof(ret));
ecp_nistz256_point_add(&ret, &a, &ret);
if (!ExpectPointsEqual(t, "ecp_nistz256_point_add(ret = A, B) was incorrect.",
&result, &ret)) {
return false;
}
- memcpy(&ret, &b, sizeof(ret));
+ OPENSSL_memcpy(&ret, &b, sizeof(ret));
ecp_nistz256_point_add(&ret, &ret, &a);
if (!ExpectPointsEqual(t, "ecp_nistz256_point_add(ret = B, A) was incorrect.",
&result, &ret)) {
@@ -408,7 +408,7 @@
}
P256_POINT_AFFINE a_affine, b_affine, infinity;
- memset(&infinity, 0, sizeof(infinity));
+ OPENSSL_memset(&infinity, 0, sizeof(infinity));
if (!PointToAffine(&a_affine, &a) ||
!PointToAffine(&b_affine, &b)) {
return false;
@@ -416,8 +416,8 @@
// ecp_nistz256_point_add_affine does not work when a == b unless doubling the
// point at infinity.
- if (memcmp(&a_affine, &b_affine, sizeof(a_affine)) != 0 ||
- memcmp(&a_affine, &infinity, sizeof(a_affine)) == 0) {
+ if (OPENSSL_memcmp(&a_affine, &b_affine, sizeof(a_affine)) != 0 ||
+ OPENSSL_memcmp(&a_affine, &infinity, sizeof(a_affine)) == 0) {
ecp_nistz256_point_add_affine(&ret, &a, &b_affine);
if (!ExpectPointsEqual(t,
"ecp_nistz256_point_add_affine(A, B) was incorrect.",
@@ -425,7 +425,7 @@
return false;
}
- memcpy(&ret, &a, sizeof(ret));
+ OPENSSL_memcpy(&ret, &a, sizeof(ret));
ecp_nistz256_point_add_affine(&ret, &ret, &b_affine);
if (!ExpectPointsEqual(
t, "ecp_nistz256_point_add_affine(ret = A, B) was incorrect.",
@@ -440,7 +440,7 @@
return false;
}
- memcpy(&ret, &b, sizeof(ret));
+ OPENSSL_memcpy(&ret, &b, sizeof(ret));
ecp_nistz256_point_add_affine(&ret, &ret, &a_affine);
if (!ExpectPointsEqual(
t, "ecp_nistz256_point_add_affine(ret = B, A) was incorrect.",
@@ -449,7 +449,7 @@
}
}
- if (memcmp(&a, &b, sizeof(a)) == 0) {
+ if (OPENSSL_memcmp(&a, &b, sizeof(a)) == 0) {
ecp_nistz256_point_double(&ret, &a);
if (!ExpectPointsEqual(t, "ecp_nistz256_point_double(A) was incorrect.",
&result, &ret)) {
diff --git a/crypto/ec/simple.c b/crypto/ec/simple.c
index a1e6229..880b717 100644
--- a/crypto/ec/simple.c
+++ b/crypto/ec/simple.c
@@ -74,6 +74,7 @@
#include <openssl/mem.h>
#include "internal.h"
+#include "../internal.h"
/* Most method functions in this file are designed to work with non-trivial
@@ -988,7 +989,7 @@
if (prod_Z == NULL) {
goto err;
}
- memset(prod_Z, 0, num * sizeof(prod_Z[0]));
+ OPENSSL_memset(prod_Z, 0, num * sizeof(prod_Z[0]));
for (size_t i = 0; i < num; i++) {
prod_Z[i] = BN_new();
if (prod_Z[i] == NULL) {
diff --git a/crypto/ecdh/ecdh.c b/crypto/ecdh/ecdh.c
index 50a844e..22b216e 100644
--- a/crypto/ecdh/ecdh.c
+++ b/crypto/ecdh/ecdh.c
@@ -74,6 +74,8 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
const EC_KEY *priv_key,
@@ -140,7 +142,7 @@
if (buflen < outlen) {
outlen = buflen;
}
- memcpy(out, buf, outlen);
+ OPENSSL_memcpy(out, buf, outlen);
}
if (outlen > INT_MAX) {
diff --git a/crypto/ecdsa/ecdsa.c b/crypto/ecdsa/ecdsa.c
index 6320992..b4e6d0d 100644
--- a/crypto/ecdsa/ecdsa.c
+++ b/crypto/ecdsa/ecdsa.c
@@ -61,6 +61,7 @@
#include <openssl/mem.h>
#include "../ec/internal.h"
+#include "../internal.h"
int ECDSA_sign(int type, const uint8_t *digest, size_t digest_len, uint8_t *sig,
@@ -88,7 +89,7 @@
/* Defend against potential laxness in the DER parser. */
size_t der_len;
if (!ECDSA_SIG_to_bytes(&der, &der_len, s) ||
- der_len != sig_len || memcmp(sig, der, sig_len) != 0) {
+ der_len != sig_len || OPENSSL_memcmp(sig, der, sig_len) != 0) {
/* This should never happen. crypto/bytestring is strictly DER. */
OPENSSL_PUT_ERROR(ECDSA, ERR_R_INTERNAL_ERROR);
goto err;
diff --git a/crypto/engine/engine.c b/crypto/engine/engine.c
index f1037d4..141ed23 100644
--- a/crypto/engine/engine.c
+++ b/crypto/engine/engine.c
@@ -23,6 +23,8 @@
#include <openssl/rsa.h>
#include <openssl/thread.h>
+#include "../internal.h"
+
struct engine_st {
RSA_METHOD *rsa_method;
@@ -35,7 +37,7 @@
return NULL;
}
- memset(engine, 0, sizeof(ENGINE));
+ OPENSSL_memset(engine, 0, sizeof(ENGINE));
return engine;
}
diff --git a/crypto/err/err.c b/crypto/err/err.c
index 48d631f..cbb1260 100644
--- a/crypto/err/err.c
+++ b/crypto/err/err.c
@@ -141,7 +141,7 @@
/* err_clear clears the given queued error. */
static void err_clear(struct err_error_st *error) {
err_clear_data(error);
- memset(error, 0, sizeof(struct err_error_st));
+ OPENSSL_memset(error, 0, sizeof(struct err_error_st));
}
/* global_next_library contains the next custom library value to return. */
@@ -175,7 +175,7 @@
if (state == NULL) {
return NULL;
}
- memset(state, 0, sizeof(ERR_STATE));
+ OPENSSL_memset(state, 0, sizeof(ERR_STATE));
if (!CRYPTO_set_thread_local(OPENSSL_THREAD_LOCAL_ERR, state,
err_state_free)) {
return NULL;
@@ -349,7 +349,7 @@
#if !defined(NDEBUG)
/* This is aimed to help catch callers who don't provide
* |ERR_ERROR_STRING_BUF_LEN| bytes of space. */
- memset(ret, 0, ERR_ERROR_STRING_BUF_LEN);
+ OPENSSL_memset(ret, 0, ERR_ERROR_STRING_BUF_LEN);
#endif
ERR_error_string_n(packed_error, ret, ERR_ERROR_STRING_BUF_LEN);
@@ -407,7 +407,7 @@
* terminating 0). If we're setting this colon, then all whole of the
* rest of the string must be colons in order to have the correct
* number. */
- memset(last_pos, ':', num_colons - i);
+ OPENSSL_memset(last_pos, ':', num_colons - i);
break;
}
@@ -675,7 +675,7 @@
buf = new_buf;
}
- memcpy(buf + len, substr, substr_len);
+ OPENSSL_memcpy(buf + len, substr, substr_len);
len = new_len;
}
diff --git a/crypto/evp/evp.c b/crypto/evp/evp.c
index 0916092..f083879 100644
--- a/crypto/evp/evp.c
+++ b/crypto/evp/evp.c
@@ -80,7 +80,7 @@
return NULL;
}
- memset(ret, 0, sizeof(EVP_PKEY));
+ OPENSSL_memset(ret, 0, sizeof(EVP_PKEY));
ret->type = EVP_PKEY_NONE;
ret->references = 1;
diff --git a/crypto/evp/evp_asn1.c b/crypto/evp/evp_asn1.c
index 2b24858..6c90571 100644
--- a/crypto/evp/evp_asn1.c
+++ b/crypto/evp/evp_asn1.c
@@ -84,7 +84,7 @@
for (i = 0; i < OPENSSL_ARRAY_SIZE(kASN1Methods); i++) {
const EVP_PKEY_ASN1_METHOD *method = kASN1Methods[i];
if (CBS_len(&oid) == method->oid_len &&
- memcmp(CBS_data(&oid), method->oid, method->oid_len) == 0) {
+ OPENSSL_memcmp(CBS_data(&oid), method->oid, method->oid_len) == 0) {
*out_type = method->pkey_id;
return 1;
}
diff --git a/crypto/evp/evp_ctx.c b/crypto/evp/evp_ctx.c
index f7d4b41..8cf23bb 100644
--- a/crypto/evp/evp_ctx.c
+++ b/crypto/evp/evp_ctx.c
@@ -61,6 +61,7 @@
#include <openssl/err.h>
#include <openssl/mem.h>
+#include "../internal.h"
#include "internal.h"
@@ -105,7 +106,7 @@
OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE);
return NULL;
}
- memset(ret, 0, sizeof(EVP_PKEY_CTX));
+ OPENSSL_memset(ret, 0, sizeof(EVP_PKEY_CTX));
ret->engine = e;
ret->pmeth = pmeth;
@@ -159,7 +160,7 @@
return NULL;
}
- memset(rctx, 0, sizeof(EVP_PKEY_CTX));
+ OPENSSL_memset(rctx, 0, sizeof(EVP_PKEY_CTX));
rctx->pmeth = pctx->pmeth;
rctx->engine = pctx->engine;
diff --git a/crypto/evp/evp_extra_test.cc b/crypto/evp/evp_extra_test.cc
index 4d41760..2758917 100644
--- a/crypto/evp/evp_extra_test.cc
+++ b/crypto/evp/evp_extra_test.cc
@@ -27,6 +27,8 @@
#include <openssl/pkcs8.h>
#include <openssl/rsa.h>
+#include "../internal.h"
+
// kExampleRSAKeyDER is an RSA private key in ASN.1, DER format. Of course, you
// should never use this key anywhere but in an example.
@@ -469,7 +471,7 @@
return false;
}
- if (memcmp(recovered.data(), kDummyHash, sizeof(kDummyHash)) != 0) {
+ if (OPENSSL_memcmp(recovered.data(), kDummyHash, sizeof(kDummyHash)) != 0) {
fprintf(stderr, "verify_recover got wrong value.\n");
ERR_print_errors_fp(stderr);
return false;
diff --git a/crypto/evp/p_ec.c b/crypto/evp/p_ec.c
index f92c87c..dc1ea6f 100644
--- a/crypto/evp/p_ec.c
+++ b/crypto/evp/p_ec.c
@@ -70,6 +70,7 @@
#include "internal.h"
#include "../ec/internal.h"
+#include "../internal.h"
typedef struct {
@@ -84,7 +85,7 @@
if (!dctx) {
return 0;
}
- memset(dctx, 0, sizeof(EC_PKEY_CTX));
+ OPENSSL_memset(dctx, 0, sizeof(EC_PKEY_CTX));
ctx->data = dctx;
diff --git a/crypto/evp/p_rsa.c b/crypto/evp/p_rsa.c
index b01230a..ea2ba99 100644
--- a/crypto/evp/p_rsa.c
+++ b/crypto/evp/p_rsa.c
@@ -67,6 +67,7 @@
#include <openssl/nid.h>
#include <openssl/rsa.h>
+#include "../internal.h"
#include "../rsa/internal.h"
#include "internal.h"
@@ -97,7 +98,7 @@
if (!rctx) {
return 0;
}
- memset(rctx, 0, sizeof(RSA_PKEY_CTX));
+ OPENSSL_memset(rctx, 0, sizeof(RSA_PKEY_CTX));
rctx->nbits = 2048;
rctx->pad_mode = RSA_PKCS1_PADDING;
@@ -289,7 +290,7 @@
return 0;
}
*out_len = ret;
- memcpy(out, rctx->tbuf, *out_len);
+ OPENSSL_memcpy(out, rctx->tbuf, *out_len);
return 1;
}
@@ -329,7 +330,7 @@
}
if (out != NULL) {
- memcpy(out, rctx->tbuf + asn1_prefix_len, result_len);
+ OPENSSL_memcpy(out, rctx->tbuf + asn1_prefix_len, result_len);
}
*out_len = result_len;
diff --git a/crypto/evp/pbkdf.c b/crypto/evp/pbkdf.c
index b06b922..1792cdc 100644
--- a/crypto/evp/pbkdf.c
+++ b/crypto/evp/pbkdf.c
@@ -59,6 +59,8 @@
#include <openssl/hmac.h>
+#include "../internal.h"
+
int PKCS5_PBKDF2_HMAC(const char *password, size_t password_len,
const uint8_t *salt, size_t salt_len, unsigned iterations,
@@ -101,7 +103,7 @@
return 0;
}
HMAC_CTX_cleanup(&hctx);
- memcpy(p, digest_tmp, cplen);
+ OPENSSL_memcpy(p, digest_tmp, cplen);
for (j = 1; j < iterations; j++) {
if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) {
HMAC_CTX_cleanup(&hctx_tpl);
diff --git a/crypto/evp/pbkdf_test.cc b/crypto/evp/pbkdf_test.cc
index 438ab64..5284700 100644
--- a/crypto/evp/pbkdf_test.cc
+++ b/crypto/evp/pbkdf_test.cc
@@ -20,6 +20,8 @@
#include <openssl/err.h>
#include <openssl/evp.h>
+#include "../internal.h"
+
// Prints out the data buffer as a sequence of hex bytes.
static void PrintDataHex(const void *data, size_t len) {
@@ -49,7 +51,7 @@
return false;
}
- if (memcmp(key, expected_key, key_len) != 0) {
+ if (OPENSSL_memcmp(key, expected_key, key_len) != 0) {
fprintf(stderr, "Resulting key material does not match expectation\n");
fprintf(stderr, "Expected:\n ");
PrintDataHex(expected_key, key_len);
diff --git a/crypto/hkdf/hkdf.c b/crypto/hkdf/hkdf.c
index f21cb42..ae43b69 100644
--- a/crypto/hkdf/hkdf.c
+++ b/crypto/hkdf/hkdf.c
@@ -20,6 +20,8 @@
#include <openssl/err.h>
#include <openssl/hmac.h>
+#include "../internal.h"
+
int HKDF(uint8_t *out_key, size_t out_len, const EVP_MD *digest,
const uint8_t *secret, size_t secret_len, const uint8_t *salt,
@@ -95,7 +97,7 @@
if (done + todo > out_len) {
todo = out_len - done;
}
- memcpy(out_key + done, previous, todo);
+ OPENSSL_memcpy(out_key + done, previous, todo);
done += todo;
}
diff --git a/crypto/hkdf/hkdf_test.c b/crypto/hkdf/hkdf_test.c
index 4499cc0..d9b50fa 100644
--- a/crypto/hkdf/hkdf_test.c
+++ b/crypto/hkdf/hkdf_test.c
@@ -262,7 +262,7 @@
return 1;
}
if (prk_len != test->prk_len ||
- memcmp(prk, test->prk, test->prk_len) != 0) {
+ OPENSSL_memcmp(prk, test->prk, test->prk_len) != 0) {
fprintf(stderr, "%zu: Resulting PRK does not match test vector\n", i);
return 1;
}
@@ -272,7 +272,7 @@
ERR_print_errors_fp(stderr);
return 1;
}
- if (memcmp(buf, test->out, test->out_len) != 0) {
+ if (OPENSSL_memcmp(buf, test->out, test->out_len) != 0) {
fprintf(stderr,
"%zu: Resulting key material does not match test vector\n", i);
return 1;
@@ -284,7 +284,7 @@
ERR_print_errors_fp(stderr);
return 1;
}
- if (memcmp(buf, test->out, test->out_len) != 0) {
+ if (OPENSSL_memcmp(buf, test->out, test->out_len) != 0) {
fprintf(stderr,
"%zu: Resulting key material does not match test vector\n", i);
return 1;
diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index 2eae9e8..a252667 100644
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -62,6 +62,8 @@
#include <openssl/digest.h>
#include <openssl/mem.h>
+#include "../internal.h"
+
uint8_t *HMAC(const EVP_MD *evp_md, const void *key, size_t key_len,
const uint8_t *data, size_t data_len, uint8_t *out,
@@ -130,12 +132,12 @@
}
} else {
assert(key_len <= sizeof(key_block));
- memcpy(key_block, key, key_len);
+ OPENSSL_memcpy(key_block, key, key_len);
key_block_len = (unsigned)key_len;
}
/* Keys are then padded with zeros. */
if (key_block_len != EVP_MAX_MD_BLOCK_SIZE) {
- memset(&key_block[key_block_len], 0, sizeof(key_block) - key_block_len);
+ OPENSSL_memset(&key_block[key_block_len], 0, sizeof(key_block) - key_block_len);
}
for (size_t i = 0; i < EVP_MAX_MD_BLOCK_SIZE; i++) {
diff --git a/crypto/internal.h b/crypto/internal.h
index 896cc3b..e94383b 100644
--- a/crypto/internal.h
+++ b/crypto/internal.h
@@ -112,6 +112,8 @@
#include <openssl/ex_data.h>
#include <openssl/thread.h>
+#include <string.h>
+
#if defined(_MSC_VER)
#if !defined(__cplusplus) || _MSC_VER < 1900
#define alignas(x) __declspec(align(x))
@@ -520,6 +522,86 @@
void *obj, CRYPTO_EX_DATA *ad);
+/* Language bug workarounds.
+ *
+ * Most C standard library functions are undefined if passed NULL, even when the
+ * corresponding length is zero. This gives them (and, in turn, all functions
+ * which call them) surprising behavior on empty arrays. Some compilers will
+ * miscompile code due to this rule. See also
+ * https://www.imperialviolet.org/2016/06/26/nonnull.html
+ *
+ * If building BoringSSL itself, replace C standard library functions with more
+ * well-behaved versions. Due to some C++ toolchains defining versions of these
+ * functions under namespaces, this is limited to our C files.
+ *
+ * Note |OPENSSL_memcmp| is a different function from |CRYPTO_memcmp|. */
+
+/* C++ defines |memchr| as a const-correct overload. */
+#if defined(__cplusplus)
+extern "C++" {
+
+static inline const void *OPENSSL_memchr(const void *s, int c, size_t n) {
+ if (n == 0) {
+ return NULL;
+ }
+
+ return memchr(s, c, n);
+}
+
+static inline void *OPENSSL_memchr(void *s, int c, size_t n) {
+ if (n == 0) {
+ return NULL;
+ }
+
+ return memchr(s, c, n);
+}
+
+} /* extern "C++" */
+#else /* __cplusplus */
+
+static inline void *OPENSSL_memchr(const void *s, int c, size_t n) {
+ if (n == 0) {
+ return NULL;
+ }
+
+ return memchr(s, c, n);
+}
+
+#endif /* __cplusplus */
+
+static inline int OPENSSL_memcmp(const void *s1, const void *s2, size_t n) {
+ if (n == 0) {
+ return 0;
+ }
+
+ return memcmp(s1, s2, n);
+}
+
+static inline void *OPENSSL_memcpy(void *dst, const void *src, size_t n) {
+ if (n == 0) {
+ return dst;
+ }
+
+ return memcpy(dst, src, n);
+}
+
+static inline void *OPENSSL_memmove(void *dst, const void *src, size_t n) {
+ if (n == 0) {
+ return dst;
+ }
+
+ return memmove(dst, src, n);
+}
+
+static inline void *OPENSSL_memset(void *dst, int c, size_t n) {
+ if (n == 0) {
+ return dst;
+ }
+
+ return memset(dst, c, n);
+}
+
+
#if defined(__cplusplus)
} /* extern C */
#endif
diff --git a/crypto/lhash/lhash.c b/crypto/lhash/lhash.c
index 233f34f..6bb330c 100644
--- a/crypto/lhash/lhash.c
+++ b/crypto/lhash/lhash.c
@@ -62,6 +62,9 @@
#include <openssl/mem.h>
+#include "../internal.h"
+
+
/* kMinNumBuckets is the minimum size of the buckets array in an |_LHASH|. */
static const size_t kMinNumBuckets = 16;
@@ -77,7 +80,7 @@
if (ret == NULL) {
return NULL;
}
- memset(ret, 0, sizeof(_LHASH));
+ OPENSSL_memset(ret, 0, sizeof(_LHASH));
ret->num_buckets = kMinNumBuckets;
ret->buckets = OPENSSL_malloc(sizeof(LHASH_ITEM *) * ret->num_buckets);
@@ -85,7 +88,7 @@
OPENSSL_free(ret);
return NULL;
}
- memset(ret->buckets, 0, sizeof(LHASH_ITEM *) * ret->num_buckets);
+ OPENSSL_memset(ret->buckets, 0, sizeof(LHASH_ITEM *) * ret->num_buckets);
ret->comp = comp;
if (ret->comp == NULL) {
@@ -173,7 +176,7 @@
if (new_buckets == NULL) {
return;
}
- memset(new_buckets, 0, alloc_size);
+ OPENSSL_memset(new_buckets, 0, alloc_size);
for (i = 0; i < lh->num_buckets; i++) {
for (cur = lh->buckets[i]; cur != NULL; cur = next) {
diff --git a/crypto/md4/md4.c b/crypto/md4/md4.c
index 7da3ec8..0046c21 100644
--- a/crypto/md4/md4.c
+++ b/crypto/md4/md4.c
@@ -59,6 +59,8 @@
#include <stdlib.h>
#include <string.h>
+#include "../internal.h"
+
uint8_t *MD4(const uint8_t *data, size_t len, uint8_t *out) {
MD4_CTX ctx;
@@ -72,7 +74,7 @@
/* Implemented from RFC1186 The MD4 Message-Digest Algorithm. */
int MD4_Init(MD4_CTX *md4) {
- memset(md4, 0, sizeof(MD4_CTX));
+ OPENSSL_memset(md4, 0, sizeof(MD4_CTX));
md4->h[0] = 0x67452301UL;
md4->h[1] = 0xefcdab89UL;
md4->h[2] = 0x98badcfeUL;
diff --git a/crypto/md5/md5.c b/crypto/md5/md5.c
index a66fa7f..7712f47 100644
--- a/crypto/md5/md5.c
+++ b/crypto/md5/md5.c
@@ -60,6 +60,8 @@
#include <openssl/mem.h>
+#include "../internal.h"
+
uint8_t *MD5(const uint8_t *data, size_t len, uint8_t *out) {
MD5_CTX ctx;
@@ -78,7 +80,7 @@
}
int MD5_Init(MD5_CTX *md5) {
- memset(md5, 0, sizeof(MD5_CTX));
+ OPENSSL_memset(md5, 0, sizeof(MD5_CTX));
md5->h[0] = 0x67452301UL;
md5->h[1] = 0xefcdab89UL;
md5->h[2] = 0x98badcfeUL;
diff --git a/crypto/mem.c b/crypto/mem.c
index ee34767..390ca2e 100644
--- a/crypto/mem.c
+++ b/crypto/mem.c
@@ -73,6 +73,8 @@
#include <strings.h>
#endif
+#include "internal.h"
+
void *OPENSSL_realloc_clean(void *ptr, size_t old_size, size_t new_size) {
if (ptr == NULL) {
@@ -94,7 +96,7 @@
return NULL;
}
- memcpy(ret, ptr, old_size);
+ OPENSSL_memcpy(ret, ptr, old_size);
OPENSSL_cleanse(ptr, old_size);
OPENSSL_free(ptr);
return ret;
@@ -104,7 +106,7 @@
#if defined(OPENSSL_WINDOWS)
SecureZeroMemory(ptr, len);
#else
- memset(ptr, 0, len);
+ OPENSSL_memset(ptr, 0, len);
#if !defined(OPENSSL_NO_ASM)
/* As best as we can tell, this is sufficient to break any optimisations that
diff --git a/crypto/modes/cbc.c b/crypto/modes/cbc.c
index 6e9fe24..12d551c 100644
--- a/crypto/modes/cbc.c
+++ b/crypto/modes/cbc.c
@@ -103,7 +103,7 @@
out += 16;
}
- memcpy(ivec, iv, 16);
+ OPENSSL_memcpy(ivec, iv, 16);
}
void CRYPTO_cbc128_decrypt(const uint8_t *in, uint8_t *out, size_t len,
@@ -154,7 +154,7 @@
out += 16;
}
}
- memcpy(ivec, iv, 16);
+ OPENSSL_memcpy(ivec, iv, 16);
} else {
/* |out| is less than two blocks behind |in|. Decrypting an input block
* directly to |out| would overwrite a ciphertext block before it is used as
diff --git a/crypto/modes/cfb.c b/crypto/modes/cfb.c
index 51b883e..af15255 100644
--- a/crypto/modes/cfb.c
+++ b/crypto/modes/cfb.c
@@ -167,7 +167,7 @@
}
/* fill in the first half of the new IV with the current IV */
- memcpy(ovec, ivec, 16);
+ OPENSSL_memcpy(ovec, ivec, 16);
/* construct the new IV */
(*block)(ivec, ivec, key);
num = (nbits + 7) / 8;
@@ -186,7 +186,7 @@
rem = nbits % 8;
num = nbits / 8;
if (rem == 0) {
- memcpy(ivec, ovec + num, 16);
+ OPENSSL_memcpy(ivec, ovec + num, 16);
} else {
for (n = 0; n < 16; ++n) {
ivec[n] = ovec[n + num] << rem | ovec[n + num + 1] >> (8 - rem);
diff --git a/crypto/modes/ctr.c b/crypto/modes/ctr.c
index b84e72c..c026d15 100644
--- a/crypto/modes/ctr.c
+++ b/crypto/modes/ctr.c
@@ -202,7 +202,7 @@
in += blocks;
}
if (len) {
- memset(ecount_buf, 0, 16);
+ OPENSSL_memset(ecount_buf, 0, 16);
(*func)(ecount_buf, ecount_buf, 1, key, ivec);
++ctr32;
PUTU32(ivec + 12, ctr32);
diff --git a/crypto/modes/gcm.c b/crypto/modes/gcm.c
index 3b793e8..df68c40 100644
--- a/crypto/modes/gcm.c
+++ b/crypto/modes/gcm.c
@@ -363,7 +363,7 @@
uint8_t c[16];
} H;
- memcpy(H.c, gcm_key, 16);
+ OPENSSL_memcpy(H.c, gcm_key, 16);
/* H is stored in host byte order */
H.u[0] = CRYPTO_bswap8(H.u[0]);
@@ -426,11 +426,11 @@
void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, const void *aes_key,
block128_f block) {
- memset(ctx, 0, sizeof(*ctx));
+ OPENSSL_memset(ctx, 0, sizeof(*ctx));
ctx->block = block;
uint8_t gcm_key[16];
- memset(gcm_key, 0, sizeof(gcm_key));
+ OPENSSL_memset(gcm_key, 0, sizeof(gcm_key));
(*block)(gcm_key, gcm_key, aes_key);
CRYPTO_ghash_init(&ctx->gmult, &ctx->ghash, ctx->Htable, gcm_key);
@@ -453,7 +453,7 @@
ctx->mres = 0;
if (len == 12) {
- memcpy(ctx->Yi.c, iv, 12);
+ OPENSSL_memcpy(ctx->Yi.c, iv, 12);
ctx->Yi.c[15] = 1;
ctr = 1;
} else {
@@ -1060,7 +1060,8 @@
void CRYPTO_gcm128_tag(GCM128_CONTEXT *ctx, unsigned char *tag, size_t len) {
CRYPTO_gcm128_finish(ctx, NULL, 0);
- memcpy(tag, ctx->Xi.c, len <= sizeof(ctx->Xi.c) ? len : sizeof(ctx->Xi.c));
+ OPENSSL_memcpy(tag, ctx->Xi.c,
+ len <= sizeof(ctx->Xi.c) ? len : sizeof(ctx->Xi.c));
}
#if defined(OPENSSL_X86) || defined(OPENSSL_X86_64)
diff --git a/crypto/modes/gcm_test.cc b/crypto/modes/gcm_test.cc
index 8baf20e..1a5e034 100644
--- a/crypto/modes/gcm_test.cc
+++ b/crypto/modes/gcm_test.cc
@@ -350,7 +350,7 @@
CRYPTO_gcm128_init(&ctx, &aes_key, (block128_f) AES_encrypt);
CRYPTO_gcm128_setiv(&ctx, &aes_key, nonce, nonce_len);
- memset(out, 0, plaintext_len);
+ OPENSSL_memset(out, 0, plaintext_len);
if (additional_data) {
CRYPTO_gcm128_aad(&ctx, additional_data, additional_data_len);
}
@@ -358,7 +358,7 @@
CRYPTO_gcm128_encrypt(&ctx, &aes_key, plaintext, out, plaintext_len);
}
if (!CRYPTO_gcm128_finish(&ctx, tag, tag_len) ||
- (ciphertext && memcmp(out, ciphertext, plaintext_len) != 0)) {
+ (ciphertext && OPENSSL_memcmp(out, ciphertext, plaintext_len) != 0)) {
fprintf(stderr, "%u: encrypt failed.\n", test_num);
hexdump(stderr, "got :", out, plaintext_len);
hexdump(stderr, "want:", ciphertext, plaintext_len);
@@ -366,7 +366,7 @@
}
CRYPTO_gcm128_setiv(&ctx, &aes_key, nonce, nonce_len);
- memset(out, 0, plaintext_len);
+ OPENSSL_memset(out, 0, plaintext_len);
if (additional_data) {
CRYPTO_gcm128_aad(&ctx, additional_data, additional_data_len);
}
@@ -377,7 +377,7 @@
fprintf(stderr, "%u: decrypt failed.\n", test_num);
goto out;
}
- if (plaintext && memcmp(out, plaintext, plaintext_len)) {
+ if (plaintext && OPENSSL_memcmp(out, plaintext, plaintext_len)) {
fprintf(stderr, "%u: plaintext doesn't match.\n", test_num);
goto out;
}
diff --git a/crypto/modes/internal.h b/crypto/modes/internal.h
index a53da04..9b579fa 100644
--- a/crypto/modes/internal.h
+++ b/crypto/modes/internal.h
@@ -53,6 +53,8 @@
#include <string.h>
+#include "../internal.h"
+
#if defined(__cplusplus)
extern "C" {
#endif
@@ -100,13 +102,13 @@
static inline uint32_t GETU32(const void *in) {
uint32_t v;
- memcpy(&v, in, sizeof(v));
+ OPENSSL_memcpy(&v, in, sizeof(v));
return CRYPTO_bswap4(v);
}
static inline void PUTU32(void *out, uint32_t v) {
v = CRYPTO_bswap4(v);
- memcpy(out, &v, sizeof(v));
+ OPENSSL_memcpy(out, &v, sizeof(v));
}
static inline uint32_t GETU32_aligned(const void *in) {
diff --git a/crypto/modes/ofb.c b/crypto/modes/ofb.c
index 0ee95ca..95d15c3 100644
--- a/crypto/modes/ofb.c
+++ b/crypto/modes/ofb.c
@@ -73,11 +73,11 @@
(*block)(ivec, ivec, key);
for (; n < 16; n += sizeof(size_t)) {
size_t a, b;
- memcpy(&a, in + n, sizeof(size_t));
- memcpy(&b, ivec + n, sizeof(size_t));
+ OPENSSL_memcpy(&a, in + n, sizeof(size_t));
+ OPENSSL_memcpy(&b, ivec + n, sizeof(size_t));
const size_t c = a ^ b;
- memcpy(out + n, &c, sizeof(size_t));
+ OPENSSL_memcpy(out + n, &c, sizeof(size_t));
}
len -= 16;
out += 16;
diff --git a/crypto/modes/polyval.c b/crypto/modes/polyval.c
index c5121a1..eb7eadc 100644
--- a/crypto/modes/polyval.c
+++ b/crypto/modes/polyval.c
@@ -54,11 +54,11 @@
void CRYPTO_POLYVAL_init(struct polyval_ctx *ctx, const uint8_t key[16]) {
polyval_block H;
- memcpy(H.c, key, 16);
+ OPENSSL_memcpy(H.c, key, 16);
reverse_and_mulX_ghash(&H);
CRYPTO_ghash_init(&ctx->gmult, &ctx->ghash, ctx->Htable, H.c);
- memset(&ctx->S, 0, sizeof(ctx->S));
+ OPENSSL_memset(&ctx->S, 0, sizeof(ctx->S));
}
void CRYPTO_POLYVAL_update_blocks(struct polyval_ctx *ctx, const uint8_t *in,
@@ -71,7 +71,7 @@
if (todo > sizeof(reversed)) {
todo = sizeof(reversed);
}
- memcpy(reversed, in, todo);
+ OPENSSL_memcpy(reversed, in, todo);
in_len -= todo;
size_t blocks = todo / sizeof(polyval_block);
@@ -86,7 +86,7 @@
void CRYPTO_POLYVAL_finish(const struct polyval_ctx *ctx, uint8_t out[16]) {
polyval_block S = ctx->S;
byte_reverse(&S);
- memcpy(out, &S.c, sizeof(polyval_block));
+ OPENSSL_memcpy(out, &S.c, sizeof(polyval_block));
}
diff --git a/crypto/obj/obj.c b/crypto/obj/obj.c
index c44ffc8..d0a6c82 100644
--- a/crypto/obj/obj.c
+++ b/crypto/obj/obj.c
@@ -123,7 +123,7 @@
goto err;
}
if (o->data != NULL) {
- memcpy(data, o->data, o->length);
+ OPENSSL_memcpy(data, o->data, o->length);
}
/* once data is attached to an object, it remains const */
@@ -169,7 +169,7 @@
if (ret) {
return ret;
}
- return memcmp(a->data, b->data, a->length);
+ return OPENSSL_memcmp(a->data, b->data, a->length);
}
/* obj_cmp is called to search the kNIDsInOIDOrder array. The |key| argument is
@@ -185,7 +185,7 @@
} else if (a->length > b->length) {
return 1;
}
- return memcmp(a->data, b->data, a->length);
+ return OPENSSL_memcmp(a->data, b->data, a->length);
}
int OBJ_obj2nid(const ASN1_OBJECT *obj) {
@@ -225,7 +225,7 @@
}
ASN1_OBJECT obj;
- memset(&obj, 0, sizeof(obj));
+ OPENSSL_memset(&obj, 0, sizeof(obj));
obj.data = CBS_data(cbs);
obj.length = (int)CBS_len(cbs);
@@ -543,7 +543,7 @@
if (i) {
return i;
}
- return memcmp(a->data, b->data, a->length);
+ return OPENSSL_memcmp(a->data, b->data, a->length);
}
static uint32_t hash_short_name(const ASN1_OBJECT *obj) {
diff --git a/crypto/obj/obj_test.cc b/crypto/obj/obj_test.cc
index 4813b05..6c9dc3f 100644
--- a/crypto/obj/obj_test.cc
+++ b/crypto/obj/obj_test.cc
@@ -20,6 +20,8 @@
#include <openssl/crypto.h>
#include <openssl/obj.h>
+#include "../internal.h"
+
static bool TestBasic() {
static const int kNID = NID_sha256WithRSAEncryption;
@@ -97,7 +99,7 @@
static bool ExpectObj2Txt(const uint8_t *der, size_t der_len,
bool always_return_oid, const char *expected) {
ASN1_OBJECT obj;
- memset(&obj, 0, sizeof(obj));
+ OPENSSL_memset(&obj, 0, sizeof(obj));
obj.data = der;
obj.length = static_cast<int>(der_len);
@@ -112,7 +114,7 @@
}
char short_buf[1];
- memset(short_buf, 0xff, sizeof(short_buf));
+ OPENSSL_memset(short_buf, 0xff, sizeof(short_buf));
len = OBJ_obj2txt(short_buf, sizeof(short_buf), &obj, always_return_oid);
if (len != expected_len) {
fprintf(stderr,
@@ -121,7 +123,7 @@
return false;
}
- if (memchr(short_buf, '\0', sizeof(short_buf)) == nullptr) {
+ if (OPENSSL_memchr(short_buf, '\0', sizeof(short_buf)) == nullptr) {
fprintf(stderr,
"OBJ_obj2txt of %s with out_len = 1 did not NUL-terminate the "
"output.\n",
@@ -186,7 +188,7 @@
}
ASN1_OBJECT obj;
- memset(&obj, 0, sizeof(obj));
+ OPENSSL_memset(&obj, 0, sizeof(obj));
// kNonMinimalOID is kBasicConstraints with the final component non-minimally
// encoded.
diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
index e53abf8..8b7932e 100644
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@@ -71,6 +71,9 @@
#include <openssl/rand.h>
#include <openssl/x509.h>
+#include "../internal.h"
+
+
#define MIN_LENGTH 4
static int load_iv(char **fromp, unsigned char *to, int num);
@@ -638,7 +641,7 @@
OPENSSL_PUT_ERROR(PEM, ERR_R_MALLOC_FAILURE);
goto err;
}
- memcpy(nameB->data, &(buf[11]), i - 6);
+ OPENSSL_memcpy(nameB->data, &(buf[11]), i - 6);
nameB->data[i - 6] = '\0';
break;
}
@@ -669,7 +672,7 @@
nohead = 1;
break;
}
- memcpy(&(headerB->data[hl]), buf, i);
+ OPENSSL_memcpy(&(headerB->data[hl]), buf, i);
headerB->data[hl + i] = '\0';
hl += i;
}
@@ -701,7 +704,7 @@
OPENSSL_PUT_ERROR(PEM, ERR_R_MALLOC_FAILURE);
goto err;
}
- memcpy(&(dataB->data[bl]), buf, i);
+ OPENSSL_memcpy(&(dataB->data[bl]), buf, i);
dataB->data[bl + i] = '\0';
bl += i;
if (end) {
diff --git a/crypto/pkcs8/p5_pbe.c b/crypto/pkcs8/p5_pbe.c
index 8e56d41..eee2e00 100644
--- a/crypto/pkcs8/p5_pbe.c
+++ b/crypto/pkcs8/p5_pbe.c
@@ -62,6 +62,7 @@
#include <openssl/rand.h>
#include <openssl/x509.h>
+#include "../internal.h"
#include "internal.h"
@@ -106,7 +107,7 @@
}
sstr = ASN1_STRING_data(pbe->salt);
if (salt)
- memcpy(sstr, salt, saltlen);
+ OPENSSL_memcpy(sstr, salt, saltlen);
else if (!RAND_bytes(sstr, saltlen))
goto err;
diff --git a/crypto/pkcs8/p5_pbev2.c b/crypto/pkcs8/p5_pbev2.c
index 050a4d6..c16b83f 100644
--- a/crypto/pkcs8/p5_pbev2.c
+++ b/crypto/pkcs8/p5_pbev2.c
@@ -67,6 +67,7 @@
#include <openssl/x509.h>
#include "internal.h"
+#include "../internal.h"
/* PKCS#5 v2.0 password based encryption structures */
@@ -144,7 +145,7 @@
if (EVP_CIPHER_iv_length(cipher))
{
if (aiv)
- memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));
+ OPENSSL_memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));
else if (!RAND_bytes(iv, EVP_CIPHER_iv_length(cipher)))
goto err;
}
@@ -246,7 +247,7 @@
osalt->length = saltlen;
if (salt)
- memcpy (osalt->data, salt, saltlen);
+ OPENSSL_memcpy (osalt->data, salt, saltlen);
else if (!RAND_bytes(osalt->data, saltlen))
goto merr;
diff --git a/crypto/pkcs8/pkcs8.c b/crypto/pkcs8/pkcs8.c
index 7b34705..e965bc9 100644
--- a/crypto/pkcs8/pkcs8.c
+++ b/crypto/pkcs8/pkcs8.c
@@ -124,7 +124,7 @@
/* 1. Construct a string, D (the "diversifier"), by concatenating v/8 copies
* of ID. */
uint8_t D[EVP_MAX_MD_BLOCK_SIZE];
- memset(D, id, block_size);
+ OPENSSL_memset(D, id, block_size);
/* 2. Concatenate copies of the salt together to create a string S of length
* v(ceiling(s/v)) bits (the final copy of the salt may be truncated to
@@ -186,7 +186,7 @@
}
size_t todo = out_len < A_len ? out_len : A_len;
- memcpy(out, A, todo);
+ OPENSSL_memcpy(out, A, todo);
out += todo;
out_len -= todo;
if (out_len == 0) {
@@ -911,7 +911,7 @@
}
*out_key = NULL;
- memset(&ctx, 0, sizeof(ctx));
+ OPENSSL_memset(&ctx, 0, sizeof(ctx));
/* See ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-12/pkcs-12v1.pdf, section
* four. */
@@ -1068,7 +1068,7 @@
return NULL;
}
- memcpy(p12->ber_bytes, *ber_bytes, ber_len);
+ OPENSSL_memcpy(p12->ber_bytes, *ber_bytes, ber_len);
p12->ber_len = ber_len;
*ber_bytes += ber_len;
@@ -1193,7 +1193,7 @@
}
} else if (password_len != -1 &&
(password[password_len] != 0 ||
- memchr(password, 0, password_len) != NULL)) {
+ OPENSSL_memchr(password, 0, password_len) != NULL)) {
return 0;
}
diff --git a/crypto/poly1305/poly1305.c b/crypto/poly1305/poly1305.c
index 4c5d11f..77e8046 100644
--- a/crypto/poly1305/poly1305.c
+++ b/crypto/poly1305/poly1305.c
@@ -23,6 +23,7 @@
#include <openssl/cpu.h>
#include "internal.h"
+#include "../internal.h"
#if defined(OPENSSL_WINDOWS) || !defined(OPENSSL_X86_64)
@@ -30,11 +31,13 @@
/* We can assume little-endian. */
static uint32_t U8TO32_LE(const uint8_t *m) {
uint32_t r;
- memcpy(&r, m, sizeof(r));
+ OPENSSL_memcpy(&r, m, sizeof(r));
return r;
}
-static void U32TO8_LE(uint8_t *m, uint32_t v) { memcpy(m, &v, sizeof(v)); }
+static void U32TO8_LE(uint8_t *m, uint32_t v) {
+ OPENSSL_memcpy(m, &v, sizeof(v));
+}
static uint64_t mul32x32_64(uint32_t a, uint32_t b) { return (uint64_t)a * b; }
@@ -192,7 +195,7 @@
state->h4 = 0;
state->buf_used = 0;
- memcpy(state->key, key + 16, sizeof(state->key));
+ OPENSSL_memcpy(state->key, key + 16, sizeof(state->key));
}
void CRYPTO_poly1305_update(poly1305_state *statep, const uint8_t *in,
diff --git a/crypto/poly1305/poly1305_arm.c b/crypto/poly1305/poly1305_arm.c
index de31d6b..444413b 100644
--- a/crypto/poly1305/poly1305_arm.c
+++ b/crypto/poly1305/poly1305_arm.c
@@ -129,7 +129,7 @@
* fe1305x2_frombytearray. */
static uint32_t load32(uint8_t *t) {
uint32_t tmp;
- memcpy(&tmp, t, sizeof(tmp));
+ OPENSSL_memcpy(&tmp, t, sizeof(tmp));
return tmp;
}
@@ -203,7 +203,7 @@
addmulmod(precomp, r, r, &zero); /* precompute r^2 */
addmulmod(precomp + 1, precomp, precomp, &zero); /* precompute r^4 */
- memcpy(st->key, key + 16, 16);
+ OPENSSL_memcpy(st->key, key + 16, 16);
st->buf_used = 0;
}
diff --git a/crypto/pool/pool.c b/crypto/pool/pool.c
index ca058fc..44d10af 100644
--- a/crypto/pool/pool.c
+++ b/crypto/pool/pool.c
@@ -34,7 +34,7 @@
if (a->len != b->len) {
return 1;
}
- return memcmp(a->data, b->data, a->len);
+ return OPENSSL_memcmp(a->data, b->data, a->len);
}
CRYPTO_BUFFER_POOL* CRYPTO_BUFFER_POOL_new(void) {
@@ -43,7 +43,7 @@
return NULL;
}
- memset(pool, 0, sizeof(CRYPTO_BUFFER_POOL));
+ OPENSSL_memset(pool, 0, sizeof(CRYPTO_BUFFER_POOL));
pool->bufs = lh_CRYPTO_BUFFER_new(CRYPTO_BUFFER_hash, CRYPTO_BUFFER_cmp);
if (pool->bufs == NULL) {
OPENSSL_free(pool);
@@ -95,7 +95,7 @@
if (buf == NULL) {
return NULL;
}
- memset(buf, 0, sizeof(CRYPTO_BUFFER));
+ OPENSSL_memset(buf, 0, sizeof(CRYPTO_BUFFER));
buf->data = BUF_memdup(data, len);
if (len != 0 && buf->data == NULL) {
diff --git a/crypto/pool/pool_test.cc b/crypto/pool/pool_test.cc
index 0b5338f..72b8ce0 100644
--- a/crypto/pool/pool_test.cc
+++ b/crypto/pool/pool_test.cc
@@ -17,6 +17,8 @@
#include <openssl/pool.h>
+#include "../internal.h"
+
static bool TestUnpooled() {
static const uint8_t kData[4] = {1, 2, 3, 4};
@@ -27,7 +29,8 @@
}
if (CRYPTO_BUFFER_len(buf.get()) != sizeof(kData) ||
- memcmp(kData, CRYPTO_BUFFER_data(buf.get()), sizeof(kData)) != 0) {
+ OPENSSL_memcmp(kData, CRYPTO_BUFFER_data(buf.get()), sizeof(kData)) !=
+ 0) {
fprintf(stderr, "CRYPTO_BUFFER corrupted data.\n");
return false;
}
diff --git a/crypto/rand/deterministic.c b/crypto/rand/deterministic.c
index c0a347c..36e99aa 100644
--- a/crypto/rand/deterministic.c
+++ b/crypto/rand/deterministic.c
@@ -36,10 +36,10 @@
static const uint8_t kZeroKey[32];
uint8_t nonce[12];
- memset(nonce, 0, sizeof(nonce));
- memcpy(nonce, &g_num_calls, sizeof(g_num_calls));
+ OPENSSL_memset(nonce, 0, sizeof(nonce));
+ OPENSSL_memcpy(nonce, &g_num_calls, sizeof(g_num_calls));
- memset(out, 0, requested);
+ OPENSSL_memset(out, 0, requested);
CRYPTO_chacha_20(out, out, requested, kZeroKey, nonce, 0);
g_num_calls++;
}
diff --git a/crypto/rand/rand.c b/crypto/rand/rand.c
index ec78a2e..51da6ba 100644
--- a/crypto/rand/rand.c
+++ b/crypto/rand/rand.c
@@ -101,7 +101,7 @@
if (!CRYPTO_rdrand(rand_buf)) {
return 0;
}
- memcpy(buf + len_multiple8, rand_buf, len);
+ OPENSSL_memcpy(buf + len_multiple8, rand_buf, len);
}
return 1;
@@ -138,7 +138,7 @@
return 1;
}
- memset(state->partial_block, 0, sizeof(state->partial_block));
+ OPENSSL_memset(state->partial_block, 0, sizeof(state->partial_block));
state->calls_used = kMaxCallsPerRefresh;
}
@@ -161,8 +161,8 @@
todo = kMaxBytesPerCall;
}
uint8_t nonce[12];
- memset(nonce, 0, 4);
- memcpy(nonce + 4, &state->calls_used, sizeof(state->calls_used));
+ OPENSSL_memset(nonce, 0, 4);
+ OPENSSL_memcpy(nonce + 4, &state->calls_used, sizeof(state->calls_used));
CRYPTO_chacha_20(buf, buf, todo, state->key, nonce, 0);
buf += todo;
remaining -= todo;
@@ -171,8 +171,8 @@
} else {
if (sizeof(state->partial_block) - state->partial_block_used < len) {
uint8_t nonce[12];
- memset(nonce, 0, 4);
- memcpy(nonce + 4, &state->calls_used, sizeof(state->calls_used));
+ OPENSSL_memset(nonce, 0, 4);
+ OPENSSL_memcpy(nonce + 4, &state->calls_used, sizeof(state->calls_used));
CRYPTO_chacha_20(state->partial_block, state->partial_block,
sizeof(state->partial_block), state->key, nonce, 0);
state->partial_block_used = 0;
diff --git a/crypto/rand/urandom.c b/crypto/rand/urandom.c
index 26feec7..2233203 100644
--- a/crypto/rand/urandom.c
+++ b/crypto/rand/urandom.c
@@ -291,7 +291,7 @@
size_t remaining = BUF_SIZE - buf->used;
while (requested > remaining) {
- memcpy(out, &buf->rand[buf->used], remaining);
+ OPENSSL_memcpy(out, &buf->rand[buf->used], remaining);
buf->used += remaining;
out += remaining;
requested -= remaining;
@@ -304,7 +304,7 @@
remaining = BUF_SIZE;
}
- memcpy(out, &buf->rand[buf->used], requested);
+ OPENSSL_memcpy(out, &buf->rand[buf->used], requested);
buf->used += requested;
}
diff --git a/crypto/rsa/blinding.c b/crypto/rsa/blinding.c
index 0a485ee..693dced 100644
--- a/crypto/rsa/blinding.c
+++ b/crypto/rsa/blinding.c
@@ -115,6 +115,7 @@
#include <openssl/err.h>
#include "internal.h"
+#include "../internal.h"
#define BN_BLINDING_COUNTER 32
@@ -134,7 +135,7 @@
OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE);
return NULL;
}
- memset(ret, 0, sizeof(BN_BLINDING));
+ OPENSSL_memset(ret, 0, sizeof(BN_BLINDING));
ret->A = BN_new();
if (ret->A == NULL) {
diff --git a/crypto/rsa/padding.c b/crypto/rsa/padding.c
index 987349b..3ed19ad 100644
--- a/crypto/rsa/padding.c
+++ b/crypto/rsa/padding.c
@@ -92,10 +92,10 @@
/* pad out with 0xff data */
j = to_len - 3 - from_len;
- memset(p, 0xff, j);
+ OPENSSL_memset(p, 0xff, j);
p += j;
*(p++) = 0;
- memcpy(p, from, from_len);
+ OPENSSL_memcpy(p, from, from_len);
return 1;
}
@@ -146,7 +146,7 @@
OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE);
return -1;
}
- memcpy(to, p, j);
+ OPENSSL_memcpy(to, p, j);
return j;
}
@@ -188,7 +188,7 @@
*(p++) = 0;
- memcpy(p, from, from_len);
+ OPENSSL_memcpy(p, from, from_len);
return 1;
}
@@ -254,7 +254,7 @@
return -1;
}
- memcpy(to, &from[zero_index], msg_len);
+ OPENSSL_memcpy(to, &from[zero_index], msg_len);
return (int)msg_len;
}
@@ -270,7 +270,7 @@
return 0;
}
- memcpy(to, from, from_len);
+ OPENSSL_memcpy(to, from, from_len);
return 1;
}
@@ -305,7 +305,7 @@
if (!EVP_DigestFinal_ex(&ctx, digest, NULL)) {
goto err;
}
- memcpy(out, digest, len);
+ OPENSSL_memcpy(out, digest, len);
len = 0;
}
}
@@ -358,9 +358,9 @@
if (!EVP_Digest(param, param_len, db, NULL, md, NULL)) {
return 0;
}
- memset(db + mdlen, 0, emlen - from_len - 2 * mdlen - 1);
+ OPENSSL_memset(db + mdlen, 0, emlen - from_len - 2 * mdlen - 1);
db[emlen - from_len - mdlen - 1] = 0x01;
- memcpy(db + emlen - from_len - mdlen, from, from_len);
+ OPENSSL_memcpy(db + emlen - from_len - mdlen, from, from_len);
if (!RAND_bytes(seed, mdlen)) {
return 0;
}
@@ -471,7 +471,7 @@
OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_TOO_LARGE);
mlen = -1;
} else {
- memcpy(to, db + one_index, mlen);
+ OPENSSL_memcpy(to, db + one_index, mlen);
}
OPENSSL_free(db);
@@ -579,7 +579,7 @@
if (!EVP_DigestFinal_ex(&ctx, H_, NULL)) {
goto err;
}
- if (memcmp(H_, H, hLen)) {
+ if (OPENSSL_memcmp(H_, H, hLen)) {
OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_SIGNATURE);
ret = 0;
} else {
diff --git a/crypto/rsa/rsa.c b/crypto/rsa/rsa.c
index 17f0a8a..731293f 100644
--- a/crypto/rsa/rsa.c
+++ b/crypto/rsa/rsa.c
@@ -82,7 +82,7 @@
return NULL;
}
- memset(rsa, 0, sizeof(RSA));
+ OPENSSL_memset(rsa, 0, sizeof(RSA));
if (engine) {
rsa->meth = ENGINE_get_RSA_method(engine);
@@ -446,8 +446,8 @@
return 0;
}
- memcpy(signed_msg, prefix, prefix_len);
- memcpy(signed_msg + prefix_len, msg, msg_len);
+ OPENSSL_memcpy(signed_msg, prefix, prefix_len);
+ OPENSSL_memcpy(signed_msg + prefix_len, msg, msg_len);
*out_msg = signed_msg;
*out_msg_len = signed_msg_len;
@@ -532,7 +532,7 @@
goto out;
}
- if (len != signed_msg_len || memcmp(buf, signed_msg, len) != 0) {
+ if (len != signed_msg_len || OPENSSL_memcmp(buf, signed_msg, len) != 0) {
OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_SIGNATURE);
goto out;
}
diff --git a/crypto/rsa/rsa_asn1.c b/crypto/rsa/rsa_asn1.c
index 4adb499..88b1dfb 100644
--- a/crypto/rsa/rsa_asn1.c
+++ b/crypto/rsa/rsa_asn1.c
@@ -66,6 +66,7 @@
#include "internal.h"
#include "../bytestring/internal.h"
+#include "../internal.h"
static int parse_integer_buggy(CBS *cbs, BIGNUM **out, int buggy) {
@@ -183,7 +184,7 @@
OPENSSL_PUT_ERROR(RSA, ERR_R_MALLOC_FAILURE);
return 0;
}
- memset(ret, 0, sizeof(RSA_additional_prime));
+ OPENSSL_memset(ret, 0, sizeof(RSA_additional_prime));
CBS child;
if (!CBS_get_asn1(cbs, &child, CBS_ASN1_SEQUENCE) ||
diff --git a/crypto/rsa/rsa_impl.c b/crypto/rsa/rsa_impl.c
index 70c3f7a..2cae4ca 100644
--- a/crypto/rsa/rsa_impl.c
+++ b/crypto/rsa/rsa_impl.c
@@ -263,7 +263,7 @@
if (new_blindings == NULL) {
goto err1;
}
- memcpy(new_blindings, rsa->blindings,
+ OPENSSL_memcpy(new_blindings, rsa->blindings,
sizeof(BN_BLINDING *) * rsa->num_blindings);
new_blindings[rsa->num_blindings] = ret;
@@ -271,7 +271,7 @@
if (new_blindings_inuse == NULL) {
goto err2;
}
- memcpy(new_blindings_inuse, rsa->blindings_inuse, rsa->num_blindings);
+ OPENSSL_memcpy(new_blindings_inuse, rsa->blindings_inuse, rsa->num_blindings);
new_blindings_inuse[rsa->num_blindings] = 1;
*index_used = rsa->num_blindings;
@@ -805,7 +805,7 @@
if (ap == NULL) {
goto err;
}
- memset(ap, 0, sizeof(RSA_additional_prime));
+ OPENSSL_memset(ap, 0, sizeof(RSA_additional_prime));
ap->prime = BN_new();
ap->exp = BN_new();
ap->coeff = BN_new();
diff --git a/crypto/rsa/rsa_test.cc b/crypto/rsa/rsa_test.cc
index 00fd129..306df7e 100644
--- a/crypto/rsa/rsa_test.cc
+++ b/crypto/rsa/rsa_test.cc
@@ -65,6 +65,8 @@
#include <openssl/err.h>
#include <openssl/nid.h>
+#include "../internal.h"
+
// kPlaintext is a sample plaintext.
static const uint8_t kPlaintext[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a";
@@ -549,7 +551,7 @@
if (!RSA_decrypt(key.get(), &plaintext_len, plaintext, sizeof(plaintext),
ciphertext, ciphertext_len, RSA_PKCS1_PADDING) ||
plaintext_len != kPlaintextLen ||
- memcmp(plaintext, kPlaintext, plaintext_len) != 0) {
+ OPENSSL_memcmp(plaintext, kPlaintext, plaintext_len) != 0) {
fprintf(stderr, "PKCS#1 v1.5 decryption failed!\n");
return false;
}
@@ -566,7 +568,7 @@
if (!RSA_decrypt(key.get(), &plaintext_len, plaintext, sizeof(plaintext),
ciphertext, ciphertext_len, RSA_PKCS1_OAEP_PADDING) ||
plaintext_len != kPlaintextLen ||
- memcmp(plaintext, kPlaintext, plaintext_len) != 0) {
+ OPENSSL_memcmp(plaintext, kPlaintext, plaintext_len) != 0) {
fprintf(stderr, "OAEP decryption (encrypted data) failed!\n");
return false;
}
@@ -577,13 +579,13 @@
oaep_ciphertext, oaep_ciphertext_len,
RSA_PKCS1_OAEP_PADDING) ||
plaintext_len != kPlaintextLen ||
- memcmp(plaintext, kPlaintext, plaintext_len) != 0) {
+ OPENSSL_memcmp(plaintext, kPlaintext, plaintext_len) != 0) {
fprintf(stderr, "OAEP decryption (test vector data) failed!\n");
return false;
}
// Try decrypting corrupted ciphertexts.
- memcpy(ciphertext, oaep_ciphertext, oaep_ciphertext_len);
+ OPENSSL_memcpy(ciphertext, oaep_ciphertext, oaep_ciphertext_len);
for (size_t i = 0; i < oaep_ciphertext_len; i++) {
ciphertext[i] ^= 1;
if (RSA_decrypt(key.get(), &plaintext_len, plaintext, sizeof(plaintext),
@@ -628,7 +630,7 @@
if (!RSA_decrypt(rsa.get(), &out_len, out, sizeof(out), enc, enc_size,
RSA_PKCS1_PADDING) ||
out_len != 11 ||
- memcmp(out, "hello world", 11) != 0) {
+ OPENSSL_memcmp(out, "hello world", 11) != 0) {
fprintf(stderr, "%d-prime key failed to decrypt.\n", nprimes);
ERR_print_errors_fp(stderr);
return false;
@@ -655,7 +657,7 @@
!RSA_decrypt(rsa.get(), &decrypted_len, decrypted, sizeof(decrypted),
encrypted, encrypted_len, RSA_PKCS1_PADDING) ||
decrypted_len != sizeof(kMessage) ||
- memcmp(decrypted, kMessage, sizeof(kMessage)) != 0) {
+ OPENSSL_memcmp(decrypted, kMessage, sizeof(kMessage)) != 0) {
ERR_print_errors_fp(stderr);
return false;
}
@@ -867,7 +869,8 @@
return false;
}
bssl::UniquePtr<uint8_t> delete_der(der);
- if (der_len != sizeof(kKey1) - 1 || memcmp(der, kKey1, der_len) != 0) {
+ if (der_len != sizeof(kKey1) - 1 ||
+ OPENSSL_memcmp(der, kKey1, der_len) != 0) {
return false;
}
@@ -890,7 +893,7 @@
return false;
}
bssl::UniquePtr<uint8_t> delete_der2(der2);
- if (der_len != der2_len || memcmp(der, der2, der_len) != 0) {
+ if (der_len != der2_len || OPENSSL_memcmp(der, der2, der_len) != 0) {
return false;
}
diff --git a/crypto/sha/sha1.c b/crypto/sha/sha1.c
index 12fb457..7c72713 100644
--- a/crypto/sha/sha1.c
+++ b/crypto/sha/sha1.c
@@ -60,6 +60,8 @@
#include <openssl/mem.h>
+#include "../internal.h"
+
#if !defined(OPENSSL_NO_ASM) && \
(defined(OPENSSL_X86) || defined(OPENSSL_X86_64) || \
@@ -69,7 +71,7 @@
#endif
int SHA1_Init(SHA_CTX *sha) {
- memset(sha, 0, sizeof(SHA_CTX));
+ OPENSSL_memset(sha, 0, sizeof(SHA_CTX));
sha->h[0] = 0x67452301UL;
sha->h[1] = 0xefcdab89UL;
sha->h[2] = 0x98badcfeUL;
diff --git a/crypto/sha/sha256.c b/crypto/sha/sha256.c
index 58f7c42..fb950d7 100644
--- a/crypto/sha/sha256.c
+++ b/crypto/sha/sha256.c
@@ -60,6 +60,8 @@
#include <openssl/mem.h>
+#include "../internal.h"
+
#if !defined(OPENSSL_NO_ASM) && \
(defined(OPENSSL_X86) || defined(OPENSSL_X86_64) || \
@@ -68,7 +70,7 @@
#endif
int SHA224_Init(SHA256_CTX *sha) {
- memset(sha, 0, sizeof(SHA256_CTX));
+ OPENSSL_memset(sha, 0, sizeof(SHA256_CTX));
sha->h[0] = 0xc1059ed8UL;
sha->h[1] = 0x367cd507UL;
sha->h[2] = 0x3070dd17UL;
@@ -82,7 +84,7 @@
}
int SHA256_Init(SHA256_CTX *sha) {
- memset(sha, 0, sizeof(SHA256_CTX));
+ OPENSSL_memset(sha, 0, sizeof(SHA256_CTX));
sha->h[0] = 0x6a09e667UL;
sha->h[1] = 0xbb67ae85UL;
sha->h[2] = 0x3c6ef372UL;
diff --git a/crypto/sha/sha512.c b/crypto/sha/sha512.c
index 355011f..8761150 100644
--- a/crypto/sha/sha512.c
+++ b/crypto/sha/sha512.c
@@ -60,6 +60,8 @@
#include <openssl/mem.h>
+#include "../internal.h"
+
/* IMPLEMENTATION NOTES.
*
@@ -167,7 +169,7 @@
void SHA512_Transform(SHA512_CTX *c, const uint8_t *block) {
#ifndef SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
if ((size_t)block % sizeof(c->u.d[0]) != 0) {
- memcpy(c->u.p, block, sizeof(c->u.p));
+ OPENSSL_memcpy(c->u.p, block, sizeof(c->u.p));
block = c->u.p;
}
#endif
@@ -196,11 +198,11 @@
size_t n = sizeof(c->u) - c->num;
if (len < n) {
- memcpy(p + c->num, data, len);
+ OPENSSL_memcpy(p + c->num, data, len);
c->num += (unsigned int)len;
return 1;
} else {
- memcpy(p + c->num, data, n), c->num = 0;
+ OPENSSL_memcpy(p + c->num, data, n), c->num = 0;
len -= n;
data += n;
sha512_block_data_order(c->h, (uint64_t *)p, 1);
@@ -211,7 +213,7 @@
#ifndef SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
if ((size_t)data % sizeof(c->u.d[0]) != 0) {
while (len >= sizeof(c->u)) {
- memcpy(p, data, sizeof(c->u));
+ OPENSSL_memcpy(p, data, sizeof(c->u));
sha512_block_data_order(c->h, (uint64_t *)p, 1);
len -= sizeof(c->u);
data += sizeof(c->u);
@@ -227,7 +229,7 @@
}
if (len != 0) {
- memcpy(p, data, len);
+ OPENSSL_memcpy(p, data, len);
c->num = (int)len;
}
@@ -241,12 +243,12 @@
p[n] = 0x80; /* There always is a room for one */
n++;
if (n > (sizeof(sha->u) - 16)) {
- memset(p + n, 0, sizeof(sha->u) - n);
+ OPENSSL_memset(p + n, 0, sizeof(sha->u) - n);
n = 0;
sha512_block_data_order(sha->h, (uint64_t *)p, 1);
}
- memset(p + n, 0, sizeof(sha->u) - 16 - n);
+ OPENSSL_memset(p + n, 0, sizeof(sha->u) - 16 - n);
p[sizeof(sha->u) - 1] = (uint8_t)(sha->Nl);
p[sizeof(sha->u) - 2] = (uint8_t)(sha->Nl >> 8);
p[sizeof(sha->u) - 3] = (uint8_t)(sha->Nl >> 16);
diff --git a/crypto/stack/stack.c b/crypto/stack/stack.c
index 2d5744a..f78209d 100644
--- a/crypto/stack/stack.c
+++ b/crypto/stack/stack.c
@@ -60,6 +60,9 @@
#include <openssl/mem.h>
+#include "../internal.h"
+
+
/* kMinSize is the number of pointers that will be initially allocated in a new
* stack. */
static const size_t kMinSize = 4;
@@ -71,14 +74,14 @@
if (ret == NULL) {
goto err;
}
- memset(ret, 0, sizeof(_STACK));
+ OPENSSL_memset(ret, 0, sizeof(_STACK));
ret->data = OPENSSL_malloc(sizeof(void *) * kMinSize);
if (ret->data == NULL) {
goto err;
}
- memset(ret->data, 0, sizeof(void *) * kMinSize);
+ OPENSSL_memset(ret->data, 0, sizeof(void *) * kMinSize);
ret->comp = comp;
ret->num_alloc = kMinSize;
@@ -103,7 +106,7 @@
if (sk == NULL || sk->num == 0) {
return;
}
- memset(sk->data, 0, sizeof(void*) * sk->num);
+ OPENSSL_memset(sk->data, 0, sizeof(void*) * sk->num);
sk->num = 0;
sk->sorted = 0;
}
@@ -177,8 +180,8 @@
if (where >= sk->num) {
sk->data[sk->num] = p;
} else {
- memmove(&sk->data[where + 1], &sk->data[where],
- sizeof(void *) * (sk->num - where));
+ OPENSSL_memmove(&sk->data[where + 1], &sk->data[where],
+ sizeof(void *) * (sk->num - where));
sk->data[where] = p;
}
@@ -198,7 +201,7 @@
ret = sk->data[where];
if (where != sk->num - 1) {
- memmove(&sk->data[where], &sk->data[where + 1],
+ OPENSSL_memmove(&sk->data[where], &sk->data[where + 1],
sizeof(void *) * (sk->num - where - 1));
}
@@ -308,7 +311,7 @@
ret->data = s;
ret->num = sk->num;
- memcpy(ret->data, sk->data, sizeof(void *) * sk->num);
+ OPENSSL_memcpy(ret->data, sk->data, sizeof(void *) * sk->num);
ret->sorted = sk->sorted;
ret->num_alloc = sk->num_alloc;
ret->comp = sk->comp;
diff --git a/crypto/test/file_test.cc b/crypto/test/file_test.cc
index d684aa0..715907e 100644
--- a/crypto/test/file_test.cc
+++ b/crypto/test/file_test.cc
@@ -24,6 +24,8 @@
#include <openssl/err.h>
+#include "../internal.h"
+
FileTest::FileTest(const char *path) {
file_ = fopen(path, "r");
@@ -227,7 +229,7 @@
bool FileTest::ExpectBytesEqual(const uint8_t *expected, size_t expected_len,
const uint8_t *actual, size_t actual_len) {
if (expected_len == actual_len &&
- memcmp(expected, actual, expected_len) == 0) {
+ OPENSSL_memcmp(expected, actual, expected_len) == 0) {
return true;
}
diff --git a/crypto/thread_pthread.c b/crypto/thread_pthread.c
index 90ff861..d9e87f2 100644
--- a/crypto/thread_pthread.c
+++ b/crypto/thread_pthread.c
@@ -103,7 +103,7 @@
if (pthread_mutex_lock(&g_destructors_lock) != 0) {
return;
}
- memcpy(destructors, g_destructors, sizeof(destructors));
+ OPENSSL_memcpy(destructors, g_destructors, sizeof(destructors));
pthread_mutex_unlock(&g_destructors_lock);
unsigned i;
@@ -154,7 +154,7 @@
destructor(value);
return 0;
}
- memset(pointers, 0, sizeof(void *) * NUM_OPENSSL_THREAD_LOCALS);
+ OPENSSL_memset(pointers, 0, sizeof(void *) * NUM_OPENSSL_THREAD_LOCALS);
if (pthread_setspecific(g_thread_local_key, pointers) != 0) {
OPENSSL_free(pointers);
destructor(value);
diff --git a/crypto/thread_test.c b/crypto/thread_test.c
index 12ca2ec..c702ace 100644
--- a/crypto/thread_test.c
+++ b/crypto/thread_test.c
@@ -30,7 +30,7 @@
static DWORD WINAPI thread_run(LPVOID arg) {
void (*thread_func)(void);
/* VC really doesn't like casting between data and function pointers. */
- memcpy(&thread_func, &arg, sizeof(thread_func));
+ OPENSSL_memcpy(&thread_func, &arg, sizeof(thread_func));
thread_func();
return 0;
}
@@ -38,7 +38,7 @@
static int run_thread(thread_t *out_thread, void (*thread_func)(void)) {
void *arg;
/* VC really doesn't like casting between data and function pointers. */
- memcpy(&arg, &thread_func, sizeof(arg));
+ OPENSSL_memcpy(&arg, &thread_func, sizeof(arg));
*out_thread = CreateThread(NULL /* security attributes */,
0 /* default stack size */, thread_run, arg,
@@ -86,7 +86,7 @@
Sleep(1 /* milliseconds */);
#else
struct timespec req;
- memset(&req, 0, sizeof(req));
+ OPENSSL_memset(&req, 0, sizeof(req));
req.tv_nsec = 1000000;
nanosleep(&req, NULL);
#endif
diff --git a/crypto/thread_win.c b/crypto/thread_win.c
index 836cf0f..62119b4 100644
--- a/crypto/thread_win.c
+++ b/crypto/thread_win.c
@@ -122,7 +122,7 @@
thread_local_destructor_t destructors[NUM_OPENSSL_THREAD_LOCALS];
EnterCriticalSection(&g_destructors_lock);
- memcpy(destructors, g_destructors, sizeof(destructors));
+ OPENSSL_memcpy(destructors, g_destructors, sizeof(destructors));
LeaveCriticalSection(&g_destructors_lock);
unsigned i;
@@ -218,7 +218,7 @@
destructor(value);
return 0;
}
- memset(pointers, 0, sizeof(void *) * NUM_OPENSSL_THREAD_LOCALS);
+ OPENSSL_memset(pointers, 0, sizeof(void *) * NUM_OPENSSL_THREAD_LOCALS);
if (TlsSetValue(g_thread_local_key, pointers) == 0) {
OPENSSL_free(pointers);
destructor(value);
diff --git a/crypto/x509/a_verify.c b/crypto/x509/a_verify.c
index 5a9adb6..0af4197 100644
--- a/crypto/x509/a_verify.c
+++ b/crypto/x509/a_verify.c
@@ -119,7 +119,7 @@
* we don't need to zero the 'ctx' because we just checked public
* information
*/
- /* memset(&ctx,0,sizeof(ctx)); */
+ /* OPENSSL_memset(&ctx,0,sizeof(ctx)); */
ret = 1;
err:
EVP_MD_CTX_cleanup(&ctx);
diff --git a/crypto/x509/asn1_gen.c b/crypto/x509/asn1_gen.c
index 03a0ab9..c52a1ac 100644
--- a/crypto/x509/asn1_gen.c
+++ b/crypto/x509/asn1_gen.c
@@ -261,7 +261,7 @@
}
/* Copy across original encoding */
- memcpy(p, cpy_start, cpy_len);
+ OPENSSL_memcpy(p, cpy_start, cpy_len);
cp = new_der;
diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c
index 434e5ab..e68ca5a 100644
--- a/crypto/x509/by_dir.c
+++ b/crypto/x509/by_dir.c
@@ -433,7 +433,7 @@
if (tmp != NULL) {
ok = 1;
ret->type = tmp->type;
- memcpy(&ret->data, &tmp->data, sizeof(ret->data));
+ OPENSSL_memcpy(&ret->data, &tmp->data, sizeof(ret->data));
/*
* If we were going to up the reference count, we would need
* to do it on a perl 'type' basis
diff --git a/crypto/x509/pkcs7_test.c b/crypto/x509/pkcs7_test.c
index bebcbd9..7bf4b81 100644
--- a/crypto/x509/pkcs7_test.c
+++ b/crypto/x509/pkcs7_test.c
@@ -22,6 +22,7 @@
#include <openssl/stack.h>
#include <openssl/x509.h>
+#include "../internal.h"
#include "../test/test_util.h"
@@ -520,7 +521,7 @@
}
if (result_len != result2_len ||
- memcmp(result_data, result2_data, result_len) != 0) {
+ OPENSSL_memcmp(result_data, result2_data, result_len) != 0) {
fprintf(stderr, "Serialisation is not stable.\n");
return 0;
}
@@ -584,7 +585,7 @@
}
if (result_len != result2_len ||
- memcmp(result_data, result2_data, result_len) != 0) {
+ OPENSSL_memcmp(result_data, result2_data, result_len) != 0) {
fprintf(stderr, "Serialisation is not stable.\n");
return 0;
}
diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
index 32862eb..98236d9 100644
--- a/crypto/x509/x509_cmp.c
+++ b/crypto/x509/x509_cmp.c
@@ -67,6 +67,9 @@
#include <openssl/x509.h>
#include <openssl/x509v3.h>
+#include "../internal.h"
+
+
int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b)
{
int i;
@@ -125,7 +128,7 @@
int X509_CRL_match(const X509_CRL *a, const X509_CRL *b)
{
- return memcmp(a->sha1_hash, b->sha1_hash, 20);
+ return OPENSSL_memcmp(a->sha1_hash, b->sha1_hash, 20);
}
X509_NAME *X509_get_issuer_name(X509 *a)
@@ -178,7 +181,7 @@
X509_check_purpose((X509 *)a, -1, 0);
X509_check_purpose((X509 *)b, -1, 0);
- rv = memcmp(a->sha1_hash, b->sha1_hash, SHA_DIGEST_LENGTH);
+ rv = OPENSSL_memcmp(a->sha1_hash, b->sha1_hash, SHA_DIGEST_LENGTH);
if (rv)
return rv;
/* Check for match against stored encoding too */
@@ -186,8 +189,8 @@
rv = (int)(a->cert_info->enc.len - b->cert_info->enc.len);
if (rv)
return rv;
- return memcmp(a->cert_info->enc.enc, b->cert_info->enc.enc,
- a->cert_info->enc.len);
+ return OPENSSL_memcmp(a->cert_info->enc.enc, b->cert_info->enc.enc,
+ a->cert_info->enc.len);
}
return rv;
}
@@ -215,7 +218,7 @@
if (ret)
return ret;
- return memcmp(a->canon_enc, b->canon_enc, a->canon_enclen);
+ return OPENSSL_memcmp(a->canon_enc, b->canon_enc, a->canon_enclen);
}
diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c
index 6c6eee1..9e45964 100644
--- a/crypto/x509/x509_lu.c
+++ b/crypto/x509/x509_lu.c
@@ -188,7 +188,7 @@
if ((ret = (X509_STORE *)OPENSSL_malloc(sizeof(X509_STORE))) == NULL)
return NULL;
- memset(ret, 0, sizeof(*ret));
+ OPENSSL_memset(ret, 0, sizeof(*ret));
CRYPTO_MUTEX_init(&ret->objs_lock);
ret->objs = sk_X509_OBJECT_new(x509_object_cmp);
if (ret->objs == NULL)
diff --git a/crypto/x509/x509_obj.c b/crypto/x509/x509_obj.c
index a7f31e0..33eafc4 100644
--- a/crypto/x509/x509_obj.c
+++ b/crypto/x509/x509_obj.c
@@ -64,6 +64,9 @@
#include <openssl/obj.h>
#include <openssl/x509.h>
+#include "../internal.h"
+
+
/*
* Limit to ensure we don't overflow: much greater than
* anything enountered in practice.
@@ -161,7 +164,7 @@
} else
p = &(buf[lold]);
*(p++) = '/';
- memcpy(p, s, (unsigned int)l1);
+ OPENSSL_memcpy(p, s, (unsigned int)l1);
p += l1;
*(p++) = '=';
diff --git a/crypto/x509/x509_test.cc b/crypto/x509/x509_test.cc
index f6a8b64..3629c13 100644
--- a/crypto/x509/x509_test.cc
+++ b/crypto/x509/x509_test.cc
@@ -25,6 +25,8 @@
#include <openssl/pool.h>
#include <openssl/x509.h>
+#include "../internal.h"
+
static const char kCrossSigningRootPEM[] =
"-----BEGIN CERTIFICATE-----\n"
@@ -839,7 +841,7 @@
}
std::unique_ptr<uint8_t[]> trailing_data(new uint8_t[data_len + 1]);
- memcpy(trailing_data.get(), data.get(), data_len);
+ OPENSSL_memcpy(trailing_data.get(), data.get(), data_len);
bssl::UniquePtr<CRYPTO_BUFFER> buf_trailing_data(
CRYPTO_BUFFER_new(trailing_data.get(), data_len + 1, nullptr));
@@ -952,7 +954,7 @@
return false;
}
if (i2d_len != static_cast<long>(data2_len) ||
- memcmp(data2.get(), i2d, i2d_len) != 0) {
+ OPENSSL_memcmp(data2.get(), i2d, i2d_len) != 0) {
fprintf(stderr, "TestFromBufferReused: i2d gave wrong result.\n");
return false;
}
@@ -989,7 +991,7 @@
}
std::unique_ptr<uint8_t[]> data_with_trailing_byte(new uint8_t[data_len + 1]);
- memcpy(data_with_trailing_byte.get(), data.get(), data_len);
+ OPENSSL_memcpy(data_with_trailing_byte.get(), data.get(), data_len);
data_with_trailing_byte[data_len] = 0;
bssl::UniquePtr<CRYPTO_BUFFER> buf_with_trailing_byte(
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index 9ce22bc..27b58f4 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -1863,7 +1863,7 @@
int max_length = sizeof("YYMMDDHHMMSS+hhmm") - 1;
if (remaining < min_length || remaining > max_length)
return 0;
- memcpy(p, str, 10);
+ OPENSSL_memcpy(p, str, 10);
p += 10;
str += 10;
remaining -= 10;
@@ -1875,7 +1875,7 @@
int max_length = sizeof("YYYYMMDDHHMMSS.fff+hhmm") - 1;
if (remaining < min_length || remaining > max_length)
return 0;
- memcpy(p, str, 12);
+ OPENSSL_memcpy(p, str, 12);
p += 12;
str += 12;
remaining -= 12;
@@ -2260,7 +2260,7 @@
OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
return NULL;
}
- memset(ctx, 0, sizeof(X509_STORE_CTX));
+ OPENSSL_memset(ctx, 0, sizeof(X509_STORE_CTX));
return ctx;
}
@@ -2278,7 +2278,7 @@
{
int ret = 1;
- memset(ctx, 0, sizeof(X509_STORE_CTX));
+ OPENSSL_memset(ctx, 0, sizeof(X509_STORE_CTX));
ctx->ctx = store;
ctx->cert = x509;
ctx->untrusted = chain;
@@ -2371,7 +2371,7 @@
X509_VERIFY_PARAM_free(ctx->param);
}
- memset(ctx, 0, sizeof(X509_STORE_CTX));
+ OPENSSL_memset(ctx, 0, sizeof(X509_STORE_CTX));
OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
return 0;
}
@@ -2409,7 +2409,7 @@
ctx->chain = NULL;
}
CRYPTO_free_ex_data(&g_ex_data_class, ctx, &(ctx->ex_data));
- memset(&ctx->ex_data, 0, sizeof(CRYPTO_EX_DATA));
+ OPENSSL_memset(&ctx->ex_data, 0, sizeof(CRYPTO_EX_DATA));
}
void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth)
diff --git a/crypto/x509/x509_vpm.c b/crypto/x509/x509_vpm.c
index 924cfa7..2317214 100644
--- a/crypto/x509/x509_vpm.c
+++ b/crypto/x509/x509_vpm.c
@@ -65,6 +65,8 @@
#include <openssl/x509v3.h>
#include "vpm_int.h"
+#include "../internal.h"
+
/* X509_VERIFY_PARAM functions */
@@ -92,7 +94,7 @@
* Refuse names with embedded NUL bytes.
* XXX: Do we need to push an error onto the error stack?
*/
- if (name && memchr(name, '\0', namelen))
+ if (name && OPENSSL_memchr(name, '\0', namelen))
return 0;
if (mode == SET_HOST && id->hosts) {
@@ -176,8 +178,8 @@
OPENSSL_free(param);
return NULL;
}
- memset(param, 0, sizeof(X509_VERIFY_PARAM));
- memset(paramid, 0, sizeof(X509_VERIFY_PARAM_ID));
+ OPENSSL_memset(param, 0, sizeof(X509_VERIFY_PARAM));
+ OPENSSL_memset(paramid, 0, sizeof(X509_VERIFY_PARAM_ID));
param->id = paramid;
x509_verify_param_zero(param);
return param;
diff --git a/crypto/x509/x509name.c b/crypto/x509/x509name.c
index 050e16a..610de5f 100644
--- a/crypto/x509/x509name.c
+++ b/crypto/x509/x509name.c
@@ -63,6 +63,9 @@
#include <openssl/stack.h>
#include <openssl/x509.h>
+#include "../internal.h"
+
+
int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len)
{
const ASN1_OBJECT *obj;
@@ -86,7 +89,7 @@
i = (data->length > (len - 1)) ? (len - 1) : data->length;
if (buf == NULL)
return (data->length);
- memcpy(buf, data->data, i);
+ OPENSSL_memcpy(buf, data->data, i);
buf[i] = '\0';
return (i);
}
diff --git a/crypto/x509/x_name.c b/crypto/x509/x_name.c
index 19f536c..f97081d 100644
--- a/crypto/x509/x_name.c
+++ b/crypto/x509/x_name.c
@@ -67,6 +67,8 @@
#include <openssl/x509.h>
#include "../asn1/asn1_locl.h"
+#include "../internal.h"
+
typedef STACK_OF(X509_NAME_ENTRY) STACK_OF_X509_NAME_ENTRY;
DECLARE_STACK_OF(STACK_OF_X509_NAME_ENTRY)
@@ -233,7 +235,7 @@
local_sk_X509_NAME_ENTRY_pop_free);
goto err;
}
- memcpy(nm.x->bytes->data, q, p - q);
+ OPENSSL_memcpy(nm.x->bytes->data, q, p - q);
/* Convert internal representation to X509_NAME structure */
for (i = 0; i < sk_STACK_OF_X509_NAME_ENTRY_num(intname.s); i++) {
@@ -276,7 +278,7 @@
}
ret = a->bytes->length;
if (out != NULL) {
- memcpy(*out, a->bytes->data, ret);
+ OPENSSL_memcpy(*out, a->bytes->data, ret);
*out += ret;
}
return ret;
@@ -336,8 +338,8 @@
* spaces collapsed, converted to lower case and the leading SEQUENCE header
* removed. In future we could also normalize the UTF8 too. By doing this
* comparison of Name structures can be rapidly perfomed by just using
- * memcmp() of the canonical encoding. By omitting the leading SEQUENCE name
- * constraints of type dirName can also be checked with a simple memcmp().
+ * OPENSSL_memcmp() of the canonical encoding. By omitting the leading SEQUENCE name
+ * constraints of type dirName can also be checked with a simple OPENSSL_memcmp().
*/
static int x509_name_canon(X509_NAME *a)
diff --git a/crypto/x509/x_pkey.c b/crypto/x509/x_pkey.c
index fc44595..8231a24 100644
--- a/crypto/x509/x_pkey.c
+++ b/crypto/x509/x_pkey.c
@@ -63,6 +63,9 @@
#include <openssl/mem.h>
#include <openssl/thread.h>
+#include "../internal.h"
+
+
X509_PKEY *X509_PKEY_new(void)
{
X509_PKEY *ret = OPENSSL_malloc(sizeof(X509_PKEY));
@@ -70,7 +73,7 @@
OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);
goto err;
}
- memset(ret, 0, sizeof(X509_PKEY));
+ OPENSSL_memset(ret, 0, sizeof(X509_PKEY));
ret->enc_algor = X509_ALGOR_new();
if (ret->enc_algor == NULL)
diff --git a/crypto/x509v3/pcy_tree.c b/crypto/x509v3/pcy_tree.c
index a13a4fa..a588107 100644
--- a/crypto/x509v3/pcy_tree.c
+++ b/crypto/x509v3/pcy_tree.c
@@ -66,6 +66,7 @@
#include <openssl/x509v3.h>
#include "pcy_int.h"
+#include "../internal.h"
/*
* Enable this to print out the complete policy tree at various point during
@@ -238,7 +239,7 @@
return 0;
}
- memset(tree->levels, 0, n * sizeof(X509_POLICY_LEVEL));
+ OPENSSL_memset(tree->levels, 0, n * sizeof(X509_POLICY_LEVEL));
tree->nlevel = n;
diff --git a/crypto/x509v3/v3_ia5.c b/crypto/x509v3/v3_ia5.c
index 6fc6b59..6b2056d 100644
--- a/crypto/x509v3/v3_ia5.c
+++ b/crypto/x509v3/v3_ia5.c
@@ -67,6 +67,9 @@
#include <openssl/obj.h>
#include <openssl/x509v3.h>
+#include "../internal.h"
+
+
static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
ASN1_IA5STRING *ia5);
static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
@@ -92,7 +95,7 @@
OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);
return NULL;
}
- memcpy(tmp, ia5->data, ia5->length);
+ OPENSSL_memcpy(tmp, ia5->data, ia5->length);
tmp[ia5->length] = 0;
return tmp;
}
diff --git a/crypto/x509v3/v3_ncons.c b/crypto/x509v3/v3_ncons.c
index 368ad27..fc2843e 100644
--- a/crypto/x509v3/v3_ncons.c
+++ b/crypto/x509v3/v3_ncons.c
@@ -65,6 +65,9 @@
#include <openssl/obj.h>
#include <openssl/x509v3.h>
+#include "../internal.h"
+
+
static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method,
X509V3_CTX *ctx,
STACK_OF(CONF_VALUE) *nval);
@@ -365,7 +368,7 @@
return X509_V_ERR_OUT_OF_MEM;
if (base->canon_enclen > nm->canon_enclen)
return X509_V_ERR_PERMITTED_VIOLATION;
- if (memcmp(base->canon_enc, nm->canon_enc, base->canon_enclen))
+ if (OPENSSL_memcmp(base->canon_enc, nm->canon_enc, base->canon_enclen))
return X509_V_ERR_PERMITTED_VIOLATION;
return X509_V_OK;
}
diff --git a/crypto/x509v3/v3_pci.c b/crypto/x509v3/v3_pci.c
index 220f65e..68dca5e 100644
--- a/crypto/x509v3/v3_pci.c
+++ b/crypto/x509v3/v3_pci.c
@@ -44,6 +44,9 @@
#include <openssl/obj.h>
#include <openssl/x509v3.h>
+#include "../internal.h"
+
+
static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *ext,
BIO *out, int indent);
static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method,
@@ -133,7 +136,7 @@
(*policy)->length + val_len + 1);
if (tmp_data) {
(*policy)->data = tmp_data;
- memcpy(&(*policy)->data[(*policy)->length],
+ OPENSSL_memcpy(&(*policy)->data[(*policy)->length],
tmp_data2, val_len);
(*policy)->length += val_len;
(*policy)->data[(*policy)->length] = '\0';
@@ -171,7 +174,7 @@
break;
(*policy)->data = tmp_data;
- memcpy(&(*policy)->data[(*policy)->length], buf, n);
+ OPENSSL_memcpy(&(*policy)->data[(*policy)->length], buf, n);
(*policy)->length += n;
(*policy)->data[(*policy)->length] = '\0';
}
@@ -188,7 +191,7 @@
(*policy)->length + val_len + 1);
if (tmp_data) {
(*policy)->data = tmp_data;
- memcpy(&(*policy)->data[(*policy)->length],
+ OPENSSL_memcpy(&(*policy)->data[(*policy)->length],
val->value + 5, val_len);
(*policy)->length += val_len;
(*policy)->data[(*policy)->length] = '\0';
diff --git a/crypto/x509v3/v3_utl.c b/crypto/x509v3/v3_utl.c
index a238a20..b603274 100644
--- a/crypto/x509v3/v3_utl.c
+++ b/crypto/x509v3/v3_utl.c
@@ -71,6 +71,8 @@
#include <openssl/x509v3.h>
#include "../conf/internal.h"
+#include "../internal.h"
+
static char *strip_spaces(char *name);
static int sk_strcmp(const OPENSSL_STRING *a, const OPENSSL_STRING *b);
@@ -690,7 +692,7 @@
return 1;
}
-/* Compare using memcmp. */
+/* Compare using OPENSSL_memcmp. */
static int equal_case(const unsigned char *pattern, size_t pattern_len,
const unsigned char *subject, size_t subject_len,
unsigned int flags)
@@ -698,7 +700,7 @@
skip_prefix(&pattern, &pattern_len, subject, subject_len, flags);
if (pattern_len != subject_len)
return 0;
- return !memcmp(pattern, subject, pattern_len);
+ return !OPENSSL_memcmp(pattern, subject, pattern_len);
}
/*
@@ -909,7 +911,7 @@
return 0;
if (cmp_type == V_ASN1_IA5STRING)
rv = equal(a->data, a->length, (unsigned char *)b, blen, flags);
- else if (a->length == (int)blen && !memcmp(a->data, b, blen))
+ else if (a->length == (int)blen && !OPENSSL_memcmp(a->data, b, blen))
rv = 1;
if (rv > 0 && peername)
*peername = BUF_strndup((char *)a->data, a->length);
@@ -1014,7 +1016,7 @@
{
if (chk == NULL)
return -2;
- if (memchr(chk, '\0', chklen))
+ if (OPENSSL_memchr(chk, '\0', chklen))
return -2;
return do_x509_check(x, chk, chklen, flags, GEN_DNS, peername);
}
@@ -1024,7 +1026,7 @@
{
if (chk == NULL)
return -2;
- if (memchr(chk, '\0', chklen))
+ if (OPENSSL_memchr(chk, '\0', chklen))
return -2;
return do_x509_check(x, chk, chklen, flags, GEN_EMAIL, NULL);
}
@@ -1213,16 +1215,16 @@
if (v6stat.zero_pos >= 0) {
/* Copy initial part */
- memcpy(v6, v6stat.tmp, v6stat.zero_pos);
+ OPENSSL_memcpy(v6, v6stat.tmp, v6stat.zero_pos);
/* Zero middle */
- memset(v6 + v6stat.zero_pos, 0, 16 - v6stat.total);
+ OPENSSL_memset(v6 + v6stat.zero_pos, 0, 16 - v6stat.total);
/* Copy final part */
if (v6stat.total != v6stat.zero_pos)
- memcpy(v6 + v6stat.zero_pos + 16 - v6stat.total,
- v6stat.tmp + v6stat.zero_pos,
- v6stat.total - v6stat.zero_pos);
+ OPENSSL_memcpy(v6 + v6stat.zero_pos + 16 - v6stat.total,
+ v6stat.tmp + v6stat.zero_pos,
+ v6stat.total - v6stat.zero_pos);
} else
- memcpy(v6, v6stat.tmp, 16);
+ OPENSSL_memcpy(v6, v6stat.tmp, 16);
return 1;
}
diff --git a/crypto/x509v3/v3name_test.c b/crypto/x509v3/v3name_test.c
index dadf488..959b924 100644
--- a/crypto/x509v3/v3name_test.c
+++ b/crypto/x509v3/v3name_test.c
@@ -62,6 +62,9 @@
#include <openssl/x509.h>
#include <openssl/x509v3.h>
+#include "../internal.h"
+
+
static const char *const names[] = {
"a", "b", ".", "*", "@",
".a", "a.", ".b", "b.", ".*", "*.", "*@", "@*", "a@", "@a", "b@", "..",
@@ -334,7 +337,7 @@
size_t namelen = strlen(*pname);
char *name = malloc(namelen);
int match, ret;
- memcpy(name, *pname, namelen);
+ OPENSSL_memcpy(name, *pname, namelen);
ret = X509_check_host(crt, name, namelen, 0, NULL);
match = -1;
