Cleanup asserts in SecBlock

SecBlock regularly uses NULL pointers rather returning non-NULL 0-sized pointers. The asserts were moved to AlignedAllocate and UnalignedAllocate.

1 files changed, 34 insertions, 17 deletions

diff --git a/secblock.h b/secblock.h
index b36df76a..61600186 100644
--- a/secblock.h
+++ b/secblock.h
@@ -148,24 +148,29 @@ typedef typename AllocatorBase<T>::const_reference const_reference;
 template <class T, class A>

 typename A::pointer StandardReallocate(A& alloc, T *oldPtr, typename A::size_type oldSize, typename A::size_type newSize, bool preserve)

 {

-	CRYPTOPP_ASSERT((oldPtr && oldSize) || !(oldPtr || oldSize));

+	// Avoid assert on pointer in reallocate. SecBlock regularly uses NULL

+	// pointers rather returning non-NULL 0-sized pointers.

 	if (oldSize == newSize)

 		return oldPtr;

 

+	typename A::pointer newPointer = NULLPTR;

 	if (preserve)

 	{

-		typename A::pointer newPointer = alloc.allocate(newSize, NULLPTR);

+		newPointer = alloc.allocate(newSize, NULLPTR);

 		const size_t copySize = STDMIN(oldSize, newSize) * sizeof(T);

 

-		if (oldPtr && newPointer) {memcpy_s(newPointer, copySize, oldPtr, copySize);}

-		alloc.deallocate(oldPtr, oldSize);

-		return newPointer;

+		if (oldPtr && newPointer)

+			memcpy_s(newPointer, copySize, oldPtr, copySize);

 	}

 	else

 	{

-		alloc.deallocate(oldPtr, oldSize);

-		return alloc.allocate(newSize, NULLPTR);

+		newPointer = alloc.allocate(newSize, NULLPTR);

 	}

+

+	if (oldPtr)

+		alloc.deallocate(oldPtr, oldSize);

+

+	return newPointer;

 }

 

 /// \brief Allocates a block of memory with cleanup

@@ -204,7 +209,6 @@ public:
 			return NULLPTR;

 

 #if CRYPTOPP_BOOL_ALIGN16

-		// TODO: Does this need to test 'size*sizeof(T) >= 16'?

 		if (T_Align16)

 			return reinterpret_cast<pointer>(AlignedAllocate(size*sizeof(T)));

 #endif

@@ -222,17 +226,19 @@ public:
 	///  UnalignedDeallocate() used if T_Align16 is false.

 	void deallocate(void *ptr, size_type size)

 	{

-		// This will fire if SetMark(0) was called in the SecBlock

-		// Our self tests exercise it, disable it now.

-		// CRYPTOPP_ASSERT((ptr && size) || !(ptr || size));

-		SecureWipeArray(reinterpret_cast<pointer>(ptr), size);

+		// Avoid assert on pointer in deallocate. SecBlock regularly uses NULL

+		// pointers rather returning non-NULL 0-sized pointers.

+		if (ptr)

+		{

+			SecureWipeArray(reinterpret_cast<pointer>(ptr), size);

 

 #if CRYPTOPP_BOOL_ALIGN16

-		if (T_Align16)

-			return AlignedDeallocate(ptr);

+			if (T_Align16)

+				return AlignedDeallocate(ptr);

 #endif

 

-		UnalignedDeallocate(ptr);

+			UnalignedDeallocate(ptr);

+		}

 	}

 

 	/// \brief Reallocates a block of memory

@@ -412,6 +418,8 @@ public:
 	///  size are passed to the allocator for deallocation.

 	void deallocate(void *ptr, size_type size)

 	{

+		// Avoid assert on pointer in deallocate. SecBlock regularly uses NULL

+		// pointers rather returning non-NULL 0-sized pointers.

 		if (ptr == GetAlignedArray())

 		{

 			// If the m_allocated assert fires then the bit twiddling for

@@ -424,7 +432,10 @@ public:
 			SecureWipeArray(reinterpret_cast<pointer>(ptr), size);

 		}

 		else

-			m_fallbackAllocator.deallocate(ptr, size);

+		{

+			if (ptr)

+				m_fallbackAllocator.deallocate(ptr, size);

+		}

 	}

 

 	/// \brief Reallocates a block of memory

@@ -611,6 +622,8 @@ public:
 	///   size are passed to the allocator for deallocation.

 	void deallocate(void *ptr, size_type size)

 	{

+		// Avoid assert on pointer in deallocate. SecBlock regularly uses NULL

+		// pointers rather returning non-NULL 0-sized pointers.

 		if (ptr == GetAlignedArray())

 		{

 			// If the m_allocated assert fires then

@@ -621,7 +634,11 @@ public:
 			SecureWipeArray((pointer)ptr, size);

 		}

 		else

-			m_fallbackAllocator.deallocate(ptr, size);

+		{

+			if (ptr)

+				m_fallbackAllocator.deallocate(ptr, size);

+			m_allocated = false;

+		}

 	}

 

 	/// \brief Reallocates a block of memory