Re: Malloc failures check
Unfortunately, it is not a compile-time check... I mean smth like https://github.com/openssl/openssl/blob/ab5c77b4766e0992751d86560193ca42b49cf316/include/openssl/e_os2.h#L198-L202 but not sure it is applicable to external functions... On Thu, Nov 21, 2019 at 1:42 PM Salz, Rich wrote: > >- It would be possible to implement a malloc failure feature in the >test suite that systematically runs a test many times, failing successive >malloc calls. > > > > It’s there; look crypto/mem.c, shouldfail() and FAILTEST. > > > > More detail, from off-list discusson: > > > > i=0 > > while : ; do > >((i++)) > >export MALLOC_FAILURE_CHECKS=${i}@100 openssl foo etc… > >test -f core && echo crashed && exit 1 > > done > > > > > -- SY, Dmitry Belyavsky
Re: Malloc failures check
* It would be possible to implement a malloc failure feature in the test suite that systematically runs a test many times, failing successive malloc calls. It’s there; look crypto/mem.c, shouldfail() and FAILTEST. More detail, from off-list discusson: i=0 while : ; do ((i++)) export MALLOC_FAILURE_CHECKS=${i}@100 openssl foo etc… test -f core && echo crashed && exit 1 done
Re: Malloc failures check
* It would be possible to implement a malloc failure feature in the test suite that systematically runs a test many times, failing successive malloc calls. It’s there; look crypto/mem.c, shouldfail() and FAILTEST.
Re: Malloc failures check
Adding a compile time check would be good. I’m not sure how. It would be possible to implement a malloc failure feature in the test suite that systematically runs a test many times, failing successive malloc calls. I’m kind of surprised that the various static analysers hadn't found some of these. Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 21 Nov 2019, at 1:26 pm, Dmitry Belyavsky wrote: > > Hello, > > Observing a series of similar bugs related to a lack of checks of the malloc > return values, I wonder if we could automate the search of these errors on > the compile level (e.g. similar to the __owur macro)? > > -- > SY, Dmitry Belyavsky
Malloc failures check
Hello, Observing a series of similar bugs related to a lack of checks of the malloc return values, I wonder if we could automate the search of these errors on the compile level (e.g. similar to the __owur macro)? -- SY, Dmitry Belyavsky