Prevent allocations of size 0 in sh_init.

which are not possible with the default OPENSSL_zalloc, but are possible if
the user has installed their own allocator using CRYPTO_set_mem_functions. If
the 0-allocations succeeds, the secure heap code will later access
(at least) the first byte of that space, which is technically an OOB
access. This could lead to problems with some custom allocators that only
return a valid pointer for subsequent free()-ing, and do not expect that
the pointer is actually dereferenced.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2605)
(cherry picked from commit 7f07149d25f8d7e00e9350ff2f064a4d25c1a13d)

diff --git a/crypto/mem_sec.c b/crypto/mem_sec.c
index 4ccff34e5e8fa71a4929cfbc6008eaebe3bb3ddd..0c79b43658c326e13f4917de5f3ce914b2168859 100644 (file)
--- a/crypto/mem_sec.c
+++ b/crypto/mem_sec.c
@@ -356,6 +356,10 @@ static int sh_init(size_t size, int minsize)
     sh.minsize = minsize;
     sh.bittable_size = (sh.arena_size / sh.minsize) * 2;
 
+    /* Prevent allocations of size 0 later on */
+    if (sh.bittable_size >> 3 == 0)
+        goto err;
+
     sh.freelist_size = -1;
     for (i = sh.bittable_size; i; i >>= 1)
         sh.freelist_size++;