Check whether buffers have actually been allocated/freed

In the sslbuffertest we test the operation of SSL_alloc_buffers() and SSL_free_buffers(). However this was done entirely using the public API, and did not confirm that the buffers were actually allocated/freed. We now extend the test to confirm this. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19472)
2022-10-25 16:29:43 +01:00 · 2022-10-25 16:29:43 +01:00 · ee05588dab
parent fba0206da7
commit ee05588dab
1 changed files with 33 additions and 8 deletions
--- a/test/sslbuffertest.c
+++ b/test/sslbuffertest.c
@ -13,6 +13,12 @@
 #include <openssl/bio.h>
 #include <openssl/err.h>

+/* We include internal headers so we can check if the buffers are allocated */
+#include "../ssl/ssl_local.h"
+#include "../ssl/record/record_local.h"
+#include "../ssl/record/recordmethod.h"
+#include "../ssl/record/methods/recmethod_local.h"
+
 #include "internal/packet.h"

 #include "helpers/ssltestlib.h"
@ -28,6 +34,17 @@ static SSL_CTX *clientctx = NULL;

 #define MAX_ATTEMPTS    100

+static int checkbuffers(SSL *s, int isalloced)
+{
+    SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s);
+    OSSL_RECORD_LAYER *rrl = sc->rlayer.rrl;
+    OSSL_RECORD_LAYER *wrl = sc->rlayer.wrl;
+
+    if (isalloced)
+        return rrl->rbuf.buf != NULL && wrl->wbuf[0].buf != NULL;
+
+    return rrl->rbuf.buf == NULL && wrl->wbuf[0].buf == NULL;
+}

 /*
 * There are 9 passes in the tests
@ -78,14 +95,18 @@ static int test_func(int test)
        for (ret = -1, i = 0, len = 0; len != sizeof(testdata) && i < 2;
             i++) {
            /* test == 0 mean to free/allocate = control */
-            if (test >= 1 && !TEST_true(SSL_free_buffers(clientssl)))
+            if (test >= 1 && (!TEST_true(SSL_free_buffers(clientssl))
+                              || !TEST_true(checkbuffers(clientssl, 0))))
                goto end;
-            if (test >= 2 && !TEST_true(SSL_alloc_buffers(clientssl)))
+            if (test >= 2 && (!TEST_true(SSL_alloc_buffers(clientssl))
+                              || !TEST_true(checkbuffers(clientssl, 1))))
                goto end;
            /* allocate a second time */
-            if (test >= 3 && !TEST_true(SSL_alloc_buffers(clientssl)))
+            if (test >= 3 && (!TEST_true(SSL_alloc_buffers(clientssl))
+                              || !TEST_true(checkbuffers(clientssl, 1))))
                goto end;
-            if (test >= 4 && !TEST_true(SSL_free_buffers(clientssl)))
+            if (test >= 4 && (!TEST_true(SSL_free_buffers(clientssl))
+                              || !TEST_true(checkbuffers(clientssl, 0))))
                goto end;

            ret = SSL_write(clientssl, testdata + len,
@ -112,14 +133,18 @@ static int test_func(int test)
        for (ret = -1, i = 0, len = 0; len != sizeof(testdata) &&
                 i < MAX_ATTEMPTS; i++)
        {
-            if (test >= 5 && !TEST_true(SSL_free_buffers(serverssl)))
+            if (test >= 5 && (!TEST_true(SSL_free_buffers(serverssl))
+                              || !TEST_true(checkbuffers(serverssl, 0))))
                goto end;
            /* free a second time */
-            if (test >= 6 && !TEST_true(SSL_free_buffers(serverssl)))
+            if (test >= 6 && (!TEST_true(SSL_free_buffers(serverssl))
+                              || !TEST_true(checkbuffers(serverssl, 0))))
                goto end;
-            if (test >= 7 && !TEST_true(SSL_alloc_buffers(serverssl)))
+            if (test >= 7 && (!TEST_true(SSL_alloc_buffers(serverssl))
+                              || !TEST_true(checkbuffers(serverssl, 1))))
                goto end;
-            if (test >= 8 && !TEST_true(SSL_free_buffers(serverssl)))
+            if (test >= 8 && (!TEST_true(SSL_free_buffers(serverssl))
+                              || !TEST_true(checkbuffers(serverssl, 0))))
                goto end;

            ret = SSL_read(serverssl, buf + len, sizeof(buf) - len);