| #line 2 "helpers.function" |
| /*----------------------------------------------------------------------------*/ |
| /* Headers */ |
| |
| #include <stdlib.h> |
| |
| #if defined(MBEDTLS_PLATFORM_C) |
| #include "mbedtls/platform.h" |
| #else |
| #include <stdio.h> |
| #define mbedtls_fprintf fprintf |
| #define mbedtls_snprintf snprintf |
| #define mbedtls_calloc calloc |
| #define mbedtls_free free |
| #define mbedtls_exit exit |
| #define mbedtls_time time |
| #define mbedtls_time_t time_t |
| #define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS |
| #define MBEDTLS_EXIT_FAILURE EXIT_FAILURE |
| #endif |
| |
| #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) |
| #include "mbedtls/memory_buffer_alloc.h" |
| #endif |
| |
| #ifdef _MSC_VER |
| #include <basetsd.h> |
| typedef UINT32 uint32_t; |
| #define strncasecmp _strnicmp |
| #define strcasecmp _stricmp |
| #else |
| #include <stdint.h> |
| #endif |
| |
| #include <string.h> |
| |
| #if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__)) |
| #include <unistd.h> |
| #endif |
| |
| #if defined(MBEDTLS_THREADING_C) && defined(MBEDTLS_THREADING_PTHREAD) && \ |
| defined(MBEDTLS_TEST_HOOKS) |
| #include "mbedtls/threading.h" |
| #define MBEDTLS_TEST_MUTEX_USAGE |
| #endif |
| |
| /* |
| * Define the two macros |
| * |
| * #define TEST_CF_SECRET(ptr, size) |
| * #define TEST_CF_PUBLIC(ptr, size) |
| * |
| * that can be used in tests to mark a memory area as secret (no branch or |
| * memory access should depend on it) or public (default, only needs to be |
| * marked explicitly when it was derived from secret data). |
| * |
| * Arguments: |
| * - ptr: a pointer to the memory area to be marked |
| * - size: the size in bytes of the memory area |
| * |
| * Implementation: |
| * The basic idea is that of ctgrind <https://github.com/agl/ctgrind>: we can |
| * re-use tools that were designed for checking use of uninitialized memory. |
| * This file contains two implementations: one based on MemorySanitizer, the |
| * other on valgrind's memcheck. If none of them is enabled, dummy macros that |
| * do nothing are defined for convenience. |
| */ |
| #if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN) |
| #include <sanitizer/msan_interface.h> |
| |
| /* Use macros to avoid messing up with origin tracking */ |
| #define TEST_CF_SECRET __msan_allocated_memory |
| // void __msan_allocated_memory(const volatile void* data, size_t size); |
| #define TEST_CF_PUBLIC __msan_unpoison |
| // void __msan_unpoison(const volatile void *a, size_t size); |
| |
| #elif defined(MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND) |
| #include <valgrind/memcheck.h> |
| |
| #define TEST_CF_SECRET VALGRIND_MAKE_MEM_UNDEFINED |
| // VALGRIND_MAKE_MEM_UNDEFINED(_qzz_addr, _qzz_len) |
| #define TEST_CF_PUBLIC VALGRIND_MAKE_MEM_DEFINED |
| // VALGRIND_MAKE_MEM_DEFINED(_qzz_addr, _qzz_len) |
| |
| #else /* MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN || |
| MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND */ |
| |
| #define TEST_CF_SECRET(ptr, size) |
| #define TEST_CF_PUBLIC(ptr, size) |
| |
| #endif /* MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN */ |
| |
| /*----------------------------------------------------------------------------*/ |
| /* Constants */ |
| |
| #define DEPENDENCY_SUPPORTED 0 |
| #define DEPENDENCY_NOT_SUPPORTED 1 |
| |
| #define KEY_VALUE_MAPPING_FOUND 0 |
| #define KEY_VALUE_MAPPING_NOT_FOUND -1 |
| |
| #define DISPATCH_TEST_SUCCESS 0 |
| #define DISPATCH_TEST_FN_NOT_FOUND 1 |
| #define DISPATCH_INVALID_TEST_DATA 2 |
| #define DISPATCH_UNSUPPORTED_SUITE 3 |
| |
| |
| /*----------------------------------------------------------------------------*/ |
| /* Macros */ |
| |
| #define TEST_ASSERT( TEST ) \ |
| do { \ |
| if( ! (TEST) ) \ |
| { \ |
| test_fail( #TEST, __LINE__, __FILE__ ); \ |
| goto exit; \ |
| } \ |
| } while( 0 ) |
| |
| #define assert(a) if( !( a ) ) \ |
| { \ |
| mbedtls_fprintf( stderr, "Assertion Failed at %s:%d - %s\n", \ |
| __FILE__, __LINE__, #a ); \ |
| mbedtls_exit( 1 ); \ |
| } |
| |
| #if defined(__GNUC__) |
| /* Test if arg and &(arg)[0] have the same type. This is true if arg is |
| * an array but not if it's a pointer. */ |
| #define IS_ARRAY_NOT_POINTER( arg ) \ |
| ( ! __builtin_types_compatible_p( __typeof__( arg ), \ |
| __typeof__( &( arg )[0] ) ) ) |
| #else |
| /* On platforms where we don't know how to implement this check, |
| * omit it. Oh well, a non-portable check is better than nothing. */ |
| #define IS_ARRAY_NOT_POINTER( arg ) 1 |
| #endif |
| |
| /* A compile-time constant with the value 0. If `const_expr` is not a |
| * compile-time constant with a nonzero value, cause a compile-time error. */ |
| #define STATIC_ASSERT_EXPR( const_expr ) \ |
| ( 0 && sizeof( struct { unsigned int STATIC_ASSERT : 1 - 2 * ! ( const_expr ); } ) ) |
| /* Return the scalar value `value` (possibly promoted). This is a compile-time |
| * constant if `value` is. `condition` must be a compile-time constant. |
| * If `condition` is false, arrange to cause a compile-time error. */ |
| #define STATIC_ASSERT_THEN_RETURN( condition, value ) \ |
| ( STATIC_ASSERT_EXPR( condition ) ? 0 : ( value ) ) |
| |
| #define ARRAY_LENGTH_UNSAFE( array ) \ |
| ( sizeof( array ) / sizeof( *( array ) ) ) |
| /** Return the number of elements of a static or stack array. |
| * |
| * \param array A value of array (not pointer) type. |
| * |
| * \return The number of elements of the array. |
| */ |
| #define ARRAY_LENGTH( array ) \ |
| ( STATIC_ASSERT_THEN_RETURN( IS_ARRAY_NOT_POINTER( array ), \ |
| ARRAY_LENGTH_UNSAFE( array ) ) ) |
| |
| |
| /* |
| * 32-bit integer manipulation macros (big endian) |
| */ |
| #ifndef GET_UINT32_BE |
| #define GET_UINT32_BE(n,b,i) \ |
| { \ |
| (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ |
| | ( (uint32_t) (b)[(i) + 1] << 16 ) \ |
| | ( (uint32_t) (b)[(i) + 2] << 8 ) \ |
| | ( (uint32_t) (b)[(i) + 3] ); \ |
| } |
| #endif |
| |
| #ifndef PUT_UINT32_BE |
| #define PUT_UINT32_BE(n,b,i) \ |
| { \ |
| (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ |
| (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ |
| (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ |
| (b)[(i) + 3] = (unsigned char) ( (n) ); \ |
| } |
| #endif |
| |
| |
| /*----------------------------------------------------------------------------*/ |
| /* Global variables */ |
| |
| |
| static struct |
| { |
| int failed; |
| const char *test; |
| const char *filename; |
| int line_no; |
| #if defined(MBEDTLS_TEST_MUTEX_USAGE) |
| const char *mutex_usage_error; |
| #endif |
| } |
| test_info; |
| |
| |
| /*----------------------------------------------------------------------------*/ |
| /* Helper flags for complex dependencies */ |
| |
| /* Indicates whether we expect mbedtls_entropy_init |
| * to initialize some strong entropy source. */ |
| #if defined(MBEDTLS_TEST_NULL_ENTROPY) || \ |
| ( !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) && \ |
| ( !defined(MBEDTLS_NO_PLATFORM_ENTROPY) || \ |
| defined(MBEDTLS_HAVEGE_C) || \ |
| defined(MBEDTLS_ENTROPY_HARDWARE_ALT) || \ |
| defined(ENTROPY_NV_SEED) ) ) |
| #define ENTROPY_HAVE_STRONG |
| #endif |
| |
| |
| /*----------------------------------------------------------------------------*/ |
| /* Helper Functions */ |
| |
| void test_fail( const char *test, int line_no, const char* filename ) |
| { |
| if( test_info.failed ) |
| { |
| /* We've already recorded the test as having failed. Don't |
| * overwrite any previous information about the failure. */ |
| return; |
| } |
| test_info.failed = 1; |
| test_info.test = test; |
| test_info.line_no = line_no; |
| test_info.filename = filename; |
| } |
| |
| #if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__)) |
| static int redirect_output( FILE* out_stream, const char* path ) |
| { |
| int out_fd, dup_fd; |
| FILE* path_stream; |
| |
| out_fd = fileno( out_stream ); |
| dup_fd = dup( out_fd ); |
| |
| if( dup_fd == -1 ) |
| { |
| return( -1 ); |
| } |
| |
| path_stream = fopen( path, "w" ); |
| if( path_stream == NULL ) |
| { |
| close( dup_fd ); |
| return( -1 ); |
| } |
| |
| fflush( out_stream ); |
| if( dup2( fileno( path_stream ), out_fd ) == -1 ) |
| { |
| close( dup_fd ); |
| fclose( path_stream ); |
| return( -1 ); |
| } |
| |
| fclose( path_stream ); |
| return( dup_fd ); |
| } |
| |
| static int restore_output( FILE* out_stream, int dup_fd ) |
| { |
| int out_fd = fileno( out_stream ); |
| |
| fflush( out_stream ); |
| if( dup2( dup_fd, out_fd ) == -1 ) |
| { |
| close( out_fd ); |
| close( dup_fd ); |
| return( -1 ); |
| } |
| |
| close( dup_fd ); |
| return( 0 ); |
| } |
| #endif /* __unix__ || __APPLE__ __MACH__ */ |
| |
| int unhexify( unsigned char *obuf, const char *ibuf ) |
| { |
| unsigned char c, c2; |
| int len = strlen( ibuf ) / 2; |
| assert( strlen( ibuf ) % 2 == 0 ); /* must be even number of bytes */ |
| |
| while( *ibuf != 0 ) |
| { |
| c = *ibuf++; |
| if( c >= '0' && c <= '9' ) |
| c -= '0'; |
| else if( c >= 'a' && c <= 'f' ) |
| c -= 'a' - 10; |
| else if( c >= 'A' && c <= 'F' ) |
| c -= 'A' - 10; |
| else |
| assert( 0 ); |
| |
| c2 = *ibuf++; |
| if( c2 >= '0' && c2 <= '9' ) |
| c2 -= '0'; |
| else if( c2 >= 'a' && c2 <= 'f' ) |
| c2 -= 'a' - 10; |
| else if( c2 >= 'A' && c2 <= 'F' ) |
| c2 -= 'A' - 10; |
| else |
| assert( 0 ); |
| |
| *obuf++ = ( c << 4 ) | c2; |
| } |
| |
| return len; |
| } |
| |
| void hexify( unsigned char *obuf, const unsigned char *ibuf, int len ) |
| { |
| unsigned char l, h; |
| |
| while( len != 0 ) |
| { |
| h = *ibuf / 16; |
| l = *ibuf % 16; |
| |
| if( h < 10 ) |
| *obuf++ = '0' + h; |
| else |
| *obuf++ = 'a' + h - 10; |
| |
| if( l < 10 ) |
| *obuf++ = '0' + l; |
| else |
| *obuf++ = 'a' + l - 10; |
| |
| ++ibuf; |
| len--; |
| } |
| } |
| |
| /** |
| * Allocate and zeroize a buffer. |
| * |
| * If the size if zero, a pointer to a zeroized 1-byte buffer is returned. |
| * |
| * For convenience, dies if allocation fails. |
| */ |
| static unsigned char *zero_alloc( size_t len ) |
| { |
| void *p; |
| size_t actual_len = ( len != 0 ) ? len : 1; |
| |
| p = mbedtls_calloc( 1, actual_len ); |
| assert( p != NULL ); |
| |
| memset( p, 0x00, actual_len ); |
| |
| return( p ); |
| } |
| |
| /** |
| * Allocate and fill a buffer from hex data. |
| * |
| * The buffer is sized exactly as needed. This allows to detect buffer |
| * overruns (including overreads) when running the test suite under valgrind. |
| * |
| * If the size if zero, a pointer to a zeroized 1-byte buffer is returned. |
| * |
| * For convenience, dies if allocation fails. |
| */ |
| unsigned char *unhexify_alloc( const char *ibuf, size_t *olen ) |
| { |
| unsigned char *obuf; |
| |
| *olen = strlen( ibuf ) / 2; |
| |
| if( *olen == 0 ) |
| return( zero_alloc( *olen ) ); |
| |
| obuf = mbedtls_calloc( 1, *olen ); |
| assert( obuf != NULL ); |
| |
| (void) unhexify( obuf, ibuf ); |
| |
| return( obuf ); |
| } |
| |
| /** |
| * This function just returns data from rand(). |
| * Although predictable and often similar on multiple |
| * runs, this does not result in identical random on |
| * each run. So do not use this if the results of a |
| * test depend on the random data that is generated. |
| * |
| * rng_state shall be NULL. |
| */ |
| static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len ) |
| { |
| #if !defined(__OpenBSD__) && !defined(__NetBSD__) |
| size_t i; |
| |
| if( rng_state != NULL ) |
| rng_state = NULL; |
| |
| for( i = 0; i < len; ++i ) |
| output[i] = rand(); |
| #else |
| if( rng_state != NULL ) |
| rng_state = NULL; |
| |
| arc4random_buf( output, len ); |
| #endif /* !OpenBSD && !NetBSD */ |
| |
| return( 0 ); |
| } |
| |
| /** |
| * This function only returns zeros |
| * |
| * rng_state shall be NULL. |
| */ |
| int rnd_zero_rand( void *rng_state, unsigned char *output, size_t len ) |
| { |
| if( rng_state != NULL ) |
| rng_state = NULL; |
| |
| memset( output, 0, len ); |
| |
| return( 0 ); |
| } |
| |
| typedef struct |
| { |
| unsigned char *buf; |
| size_t length; |
| } rnd_buf_info; |
| |
| /** |
| * This function returns random based on a buffer it receives. |
| * |
| * rng_state shall be a pointer to a rnd_buf_info structure. |
| * |
| * The number of bytes released from the buffer on each call to |
| * the random function is specified by per_call. (Can be between |
| * 1 and 4) |
| * |
| * After the buffer is empty it will return rand(); |
| */ |
| int rnd_buffer_rand( void *rng_state, unsigned char *output, size_t len ) |
| { |
| rnd_buf_info *info = (rnd_buf_info *) rng_state; |
| size_t use_len; |
| |
| if( rng_state == NULL ) |
| return( rnd_std_rand( NULL, output, len ) ); |
| |
| use_len = len; |
| if( len > info->length ) |
| use_len = info->length; |
| |
| if( use_len ) |
| { |
| memcpy( output, info->buf, use_len ); |
| info->buf += use_len; |
| info->length -= use_len; |
| } |
| |
| if( len - use_len > 0 ) |
| return( rnd_std_rand( NULL, output + use_len, len - use_len ) ); |
| |
| return( 0 ); |
| } |
| |
| /** |
| * Info structure for the pseudo random function |
| * |
| * Key should be set at the start to a test-unique value. |
| * Do not forget endianness! |
| * State( v0, v1 ) should be set to zero. |
| */ |
| typedef struct |
| { |
| uint32_t key[16]; |
| uint32_t v0, v1; |
| } rnd_pseudo_info; |
| |
| /** |
| * This function returns random based on a pseudo random function. |
| * This means the results should be identical on all systems. |
| * Pseudo random is based on the XTEA encryption algorithm to |
| * generate pseudorandom. |
| * |
| * rng_state shall be a pointer to a rnd_pseudo_info structure. |
| */ |
| int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len ) |
| { |
| rnd_pseudo_info *info = (rnd_pseudo_info *) rng_state; |
| uint32_t i, *k, sum, delta=0x9E3779B9; |
| unsigned char result[4], *out = output; |
| |
| if( rng_state == NULL ) |
| return( rnd_std_rand( NULL, output, len ) ); |
| |
| k = info->key; |
| |
| while( len > 0 ) |
| { |
| size_t use_len = ( len > 4 ) ? 4 : len; |
| sum = 0; |
| |
| for( i = 0; i < 32; i++ ) |
| { |
| info->v0 += ( ( ( info->v1 << 4 ) ^ ( info->v1 >> 5 ) ) |
| + info->v1 ) ^ ( sum + k[sum & 3] ); |
| sum += delta; |
| info->v1 += ( ( ( info->v0 << 4 ) ^ ( info->v0 >> 5 ) ) |
| + info->v0 ) ^ ( sum + k[( sum>>11 ) & 3] ); |
| } |
| |
| PUT_UINT32_BE( info->v0, result, 0 ); |
| memcpy( out, result, use_len ); |
| len -= use_len; |
| out += 4; |
| } |
| |
| return( 0 ); |
| } |
| |
| #if defined(MBEDTLS_TEST_MUTEX_USAGE) |
| /** Mutex usage verification framework. |
| * |
| * The mutex usage verification code below aims to detect bad usage of |
| * Mbed TLS's mutex abstraction layer at runtime. Note that this is solely |
| * about the use of the mutex itself, not about checking whether the mutex |
| * correctly protects whatever it is supposed to protect. |
| * |
| * The normal usage of a mutex is: |
| * ``` |
| * digraph mutex_states { |
| * "UNINITIALIZED"; // the initial state |
| * "IDLE"; |
| * "FREED"; |
| * "LOCKED"; |
| * "UNINITIALIZED" -> "IDLE" [label="init"]; |
| * "FREED" -> "IDLE" [label="init"]; |
| * "IDLE" -> "LOCKED" [label="lock"]; |
| * "LOCKED" -> "IDLE" [label="unlock"]; |
| * "IDLE" -> "FREED" [label="free"]; |
| * } |
| * ``` |
| * |
| * All bad transitions that can be unambiguously detected are reported. |
| * An attempt to use an uninitialized mutex cannot be detected in general |
| * since the memory content may happen to denote a valid state. For the same |
| * reason, a double init cannot be detected. |
| * All-bits-zero is the state of a freed mutex, which is distinct from an |
| * initialized mutex, so attempting to use zero-initialized memory as a mutex |
| * without calling the init function is detected. |
| * |
| * The framework attempts to detect missing calls to init and free by counting |
| * calls to init and free. If there are more calls to init than free, this |
| * means that a mutex is not being freed somewhere, which is a memory leak |
| * on platforms where a mutex consumes resources other than the |
| * mbedtls_threading_mutex_t object itself. If there are more calls to free |
| * than init, this indicates a missing init, which is likely to be detected |
| * by an attempt to lock the mutex as well. A limitation of this framework is |
| * that it cannot detect scenarios where there is exactly the same number of |
| * calls to init and free but the calls don't match. A bug like this is |
| * unlikely to happen uniformly throughout the whole test suite though. |
| * |
| * If an error is detected, this framework will report what happened and the |
| * test case will be marked as failed. Unfortunately, the error report cannot |
| * indicate the exact location of the problematic call. To locate the error, |
| * use a debugger and set a breakpoint on mbedtls_test_mutex_usage_error(). |
| */ |
| enum value_of_mutex_is_valid_field |
| { |
| /* Potential values for the is_valid field of mbedtls_threading_mutex_t. |
| * Note that MUTEX_FREED must be 0 and MUTEX_IDLE must be 1 for |
| * compatibility with threading_mutex_init_pthread() and |
| * threading_mutex_free_pthread(). MUTEX_LOCKED could be any nonzero |
| * value. */ |
| MUTEX_FREED = 0, //!< Set by threading_mutex_free_pthread |
| MUTEX_IDLE = 1, //!< Set by threading_mutex_init_pthread and by our unlock |
| MUTEX_LOCKED = 2, //!< Set by our lock |
| }; |
| |
| typedef struct |
| { |
| void (*init)( mbedtls_threading_mutex_t * ); |
| void (*free)( mbedtls_threading_mutex_t * ); |
| int (*lock)( mbedtls_threading_mutex_t * ); |
| int (*unlock)( mbedtls_threading_mutex_t * ); |
| } mutex_functions_t; |
| static mutex_functions_t mutex_functions; |
| |
| /** The total number of calls to mbedtls_mutex_init(), minus the total number |
| * of calls to mbedtls_mutex_free(). |
| * |
| * Reset to 0 after each test case. |
| */ |
| static int live_mutexes; |
| |
| static void mbedtls_test_mutex_usage_error( mbedtls_threading_mutex_t *mutex, |
| const char *msg ) |
| { |
| (void) mutex; |
| if( test_info.mutex_usage_error == NULL ) |
| test_info.mutex_usage_error = msg; |
| mbedtls_fprintf( stdout, "[mutex: %s] ", msg ); |
| /* Don't mark the test as failed yet. This way, if the test fails later |
| * for a functional reason, the test framework will report the message |
| * and location for this functional reason. If the test passes, |
| * mbedtls_test_mutex_usage_check() will mark it as failed. */ |
| } |
| |
| static void mbedtls_test_wrap_mutex_init( mbedtls_threading_mutex_t *mutex ) |
| { |
| mutex_functions.init( mutex ); |
| if( mutex->is_valid ) |
| ++live_mutexes; |
| } |
| |
| static void mbedtls_test_wrap_mutex_free( mbedtls_threading_mutex_t *mutex ) |
| { |
| switch( mutex->is_valid ) |
| { |
| case MUTEX_FREED: |
| mbedtls_test_mutex_usage_error( mutex, "free without init or double free" ); |
| break; |
| case MUTEX_IDLE: |
| /* Do nothing. The underlying free function will reset is_valid |
| * to 0. */ |
| break; |
| case MUTEX_LOCKED: |
| mbedtls_test_mutex_usage_error( mutex, "free without unlock" ); |
| break; |
| default: |
| mbedtls_test_mutex_usage_error( mutex, "corrupted state" ); |
| break; |
| } |
| if( mutex->is_valid ) |
| --live_mutexes; |
| mutex_functions.free( mutex ); |
| } |
| |
| static int mbedtls_test_wrap_mutex_lock( mbedtls_threading_mutex_t *mutex ) |
| { |
| int ret = mutex_functions.lock( mutex ); |
| switch( mutex->is_valid ) |
| { |
| case MUTEX_FREED: |
| mbedtls_test_mutex_usage_error( mutex, "lock without init" ); |
| break; |
| case MUTEX_IDLE: |
| if( ret == 0 ) |
| mutex->is_valid = 2; |
| break; |
| case MUTEX_LOCKED: |
| mbedtls_test_mutex_usage_error( mutex, "double lock" ); |
| break; |
| default: |
| mbedtls_test_mutex_usage_error( mutex, "corrupted state" ); |
| break; |
| } |
| return( ret ); |
| } |
| |
| static int mbedtls_test_wrap_mutex_unlock( mbedtls_threading_mutex_t *mutex ) |
| { |
| int ret = mutex_functions.unlock( mutex ); |
| switch( mutex->is_valid ) |
| { |
| case MUTEX_FREED: |
| mbedtls_test_mutex_usage_error( mutex, "unlock without init" ); |
| break; |
| case MUTEX_IDLE: |
| mbedtls_test_mutex_usage_error( mutex, "unlock without lock" ); |
| break; |
| case MUTEX_LOCKED: |
| if( ret == 0 ) |
| mutex->is_valid = MUTEX_IDLE; |
| break; |
| default: |
| mbedtls_test_mutex_usage_error( mutex, "corrupted state" ); |
| break; |
| } |
| return( ret ); |
| } |
| |
| static void mbedtls_test_mutex_usage_init( void ) |
| { |
| mutex_functions.init = mbedtls_mutex_init; |
| mutex_functions.free = mbedtls_mutex_free; |
| mutex_functions.lock = mbedtls_mutex_lock; |
| mutex_functions.unlock = mbedtls_mutex_unlock; |
| mbedtls_mutex_init = &mbedtls_test_wrap_mutex_init; |
| mbedtls_mutex_free = &mbedtls_test_wrap_mutex_free; |
| mbedtls_mutex_lock = &mbedtls_test_wrap_mutex_lock; |
| mbedtls_mutex_unlock = &mbedtls_test_wrap_mutex_unlock; |
| } |
| |
| static void mbedtls_test_mutex_usage_check( void ) |
| { |
| if( live_mutexes != 0 ) |
| { |
| /* A positive number (more init than free) means that a mutex resource |
| * is leaking (on platforms where a mutex consumes more than the |
| * mbedtls_threading_mutex_t object itself). The rare case of a |
| * negative number means a missing init somewhere. */ |
| mbedtls_fprintf( stdout, "[mutex: %d leaked] ", live_mutexes ); |
| live_mutexes = 0; |
| if( test_info.mutex_usage_error == NULL ) |
| test_info.mutex_usage_error = "missing free"; |
| } |
| if( test_info.mutex_usage_error != NULL && ! test_info.failed ) |
| { |
| /* Functionally, the test passed. But there was a mutex usage error, |
| * so mark the test as failed after all. */ |
| test_fail( "Mutex usage error", __LINE__, __FILE__ ); |
| } |
| test_info.mutex_usage_error = NULL; |
| } |
| |
| #endif /* MBEDTLS_TEST_MUTEX_USAGE */ |