This is something I noticed while reviewing this report: https://github.com/libressl-portable/portable/issues/200
In the event of a failure in _rs_allocate for rsx, we still return the freed memory for rs. Not a huge deal since we subsequently abort in _rs_init, but it looks strange on its own. Also, for Windows, we are simply using calloc, which has two annoyances: the memory has more permissions than needed by default, and it comes from the process heap, which looks like a memory leak since this memory is rightfully never freed. This switches to _rs_alloc on windows use VirtualAlloc, which restricts the memory to READ|WRITE, possibly provides better address randomization (or at least page-aligns the allocations), and the memory doesn't end up in the process heap. ok? Index: arc4random_aix.h =================================================================== RCS file: /cvs/src/lib/libcrypto/crypto/arc4random_aix.h,v retrieving revision 1.1 diff -u -p -u -p -r1.1 arc4random_aix.h --- arc4random_aix.h 30 Mar 2015 11:29:48 -0000 1.1 +++ arc4random_aix.h 30 Jun 2016 11:28:18 -0000 @@ -72,6 +72,7 @@ _rs_allocate(struct _rs **rsp, struct _r if ((*rsxp = mmap(NULL, sizeof(**rsxp), PROT_READ|PROT_WRITE, MAP_ANON|MAP_PRIVATE, -1, 0)) == MAP_FAILED) { munmap(*rsp, sizeof(**rsp)); + *rsp = NULL; return (-1); } Index: arc4random_freebsd.h =================================================================== RCS file: /cvs/src/lib/libcrypto/crypto/arc4random_freebsd.h,v retrieving revision 1.3 diff -u -p -u -p -r1.3 arc4random_freebsd.h --- arc4random_freebsd.h 11 Sep 2015 11:52:55 -0000 1.3 +++ arc4random_freebsd.h 30 Jun 2016 11:28:18 -0000 @@ -78,6 +78,7 @@ _rs_allocate(struct _rs **rsp, struct _r if ((*rsxp = mmap(NULL, sizeof(**rsxp), PROT_READ|PROT_WRITE, MAP_ANON|MAP_PRIVATE, -1, 0)) == MAP_FAILED) { munmap(*rsp, sizeof(**rsp)); + *rsp = NULL; return (-1); } Index: arc4random_hpux.h =================================================================== RCS file: /cvs/src/lib/libcrypto/crypto/arc4random_hpux.h,v retrieving revision 1.2 diff -u -p -u -p -r1.2 arc4random_hpux.h --- arc4random_hpux.h 15 Jan 2015 06:57:18 -0000 1.2 +++ arc4random_hpux.h 30 Jun 2016 11:28:18 -0000 @@ -72,6 +72,7 @@ _rs_allocate(struct _rs **rsp, struct _r if ((*rsxp = mmap(NULL, sizeof(**rsxp), PROT_READ|PROT_WRITE, MAP_ANON|MAP_PRIVATE, -1, 0)) == MAP_FAILED) { munmap(*rsp, sizeof(**rsp)); + *rsp = NULL; return (-1); } Index: arc4random_linux.h =================================================================== RCS file: /cvs/src/lib/libcrypto/crypto/arc4random_linux.h,v retrieving revision 1.10 diff -u -p -u -p -r1.10 arc4random_linux.h --- arc4random_linux.h 4 Jan 2016 02:04:56 -0000 1.10 +++ arc4random_linux.h 30 Jun 2016 11:28:18 -0000 @@ -79,6 +79,7 @@ _rs_allocate(struct _rs **rsp, struct _r if ((*rsxp = mmap(NULL, sizeof(**rsxp), PROT_READ|PROT_WRITE, MAP_ANON|MAP_PRIVATE, -1, 0)) == MAP_FAILED) { munmap(*rsp, sizeof(**rsp)); + *rsp = NULL; return (-1); } Index: arc4random_netbsd.h =================================================================== RCS file: /cvs/src/lib/libcrypto/crypto/arc4random_netbsd.h,v retrieving revision 1.2 diff -u -p -u -p -r1.2 arc4random_netbsd.h --- arc4random_netbsd.h 11 Sep 2015 11:52:55 -0000 1.2 +++ arc4random_netbsd.h 30 Jun 2016 11:28:18 -0000 @@ -78,6 +78,7 @@ _rs_allocate(struct _rs **rsp, struct _r if ((*rsxp = mmap(NULL, sizeof(**rsxp), PROT_READ|PROT_WRITE, MAP_ANON|MAP_PRIVATE, -1, 0)) == MAP_FAILED) { munmap(*rsp, sizeof(**rsp)); + *rsp = NULL; return (-1); } Index: arc4random_osx.h =================================================================== RCS file: /cvs/src/lib/libcrypto/crypto/arc4random_osx.h,v retrieving revision 1.10 diff -u -p -u -p -r1.10 arc4random_osx.h --- arc4random_osx.h 11 Sep 2015 11:52:55 -0000 1.10 +++ arc4random_osx.h 30 Jun 2016 11:28:18 -0000 @@ -72,6 +72,7 @@ _rs_allocate(struct _rs **rsp, struct _r if ((*rsxp = mmap(NULL, sizeof(**rsxp), PROT_READ|PROT_WRITE, MAP_ANON|MAP_PRIVATE, -1, 0)) == MAP_FAILED) { munmap(*rsp, sizeof(**rsp)); + *rsp = NULL; return (-1); } Index: arc4random_solaris.h =================================================================== RCS file: /cvs/src/lib/libcrypto/crypto/arc4random_solaris.h,v retrieving revision 1.9 diff -u -p -u -p -r1.9 arc4random_solaris.h --- arc4random_solaris.h 15 Jan 2015 06:57:18 -0000 1.9 +++ arc4random_solaris.h 30 Jun 2016 11:28:18 -0000 @@ -72,6 +72,7 @@ _rs_allocate(struct _rs **rsp, struct _r if ((*rsxp = mmap(NULL, sizeof(**rsxp), PROT_READ|PROT_WRITE, MAP_ANON|MAP_PRIVATE, -1, 0)) == MAP_FAILED) { munmap(*rsp, sizeof(**rsp)); + *rsp = NULL; return (-1); } Index: arc4random_win.h =================================================================== RCS file: /cvs/src/lib/libcrypto/crypto/arc4random_win.h,v retrieving revision 1.5 diff -u -p -u -p -r1.5 arc4random_win.h --- arc4random_win.h 15 Jan 2015 06:57:18 -0000 1.5 +++ arc4random_win.h 30 Jun 2016 11:28:18 -0000 @@ -52,13 +52,16 @@ _getentropy_fail(void) static inline int _rs_allocate(struct _rs **rsp, struct _rsx **rsxp) { - *rsp = calloc(1, sizeof(**rsp)); + *rsp = VirtualAlloc(NULL, sizeof(**rsp), + MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE); if (*rsp == NULL) return (-1); - *rsxp = calloc(1, sizeof(**rsxp)); + *rsxp = VirtualAlloc(NULL, sizeof(**rsxp), + MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE); if (*rsxp == NULL) { - free(*rsp); + VirtualFree(*rsp, 0, MEM_RELEASE); + *rsp = NULL; return (-1); } return (0);