From fafc8dbf4d3bb9d3105c9575a1536623d00a3eca Mon Sep 17 00:00:00 2001
From: bcook <>
Date: Thu, 30 Jun 2016 12:17:29 +0000
Subject: Tighten behavior of _rs_allocate on Windows.

For Windows, we are simply using calloc, which has two annoyances:
the memory has more permissions than needed by default, and it comes
from the process heap, which looks like a memory leak since this memory
is rightfully never freed.

This switches _rs_alloc on Windows to use VirtualAlloc, which restricts the
memory to READ|WRITE and keeps the memory out of the process heap.

ok deraadt@
---
 src/lib/libcrypto/arc4random/arc4random_win.h | 11 +++++++----
 src/lib/libcrypto/crypto/arc4random_win.h     | 11 +++++++----
 2 files changed, 14 insertions(+), 8 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/libcrypto/arc4random/arc4random_win.h b/src/lib/libcrypto/arc4random/arc4random_win.h
index 48a1bda128..deec8a1efe 100644
--- a/src/lib/libcrypto/arc4random/arc4random_win.h
+++ b/src/lib/libcrypto/arc4random/arc4random_win.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: arc4random_win.h,v 1.5 2015/01/15 06:57:18 deraadt Exp $	*/
+/*	$OpenBSD: arc4random_win.h,v 1.6 2016/06/30 12:17:29 bcook Exp $	*/
 
 /*
  * Copyright (c) 1996, David Mazieres <dm@uun.org>
@@ -52,13 +52,16 @@ _getentropy_fail(void)
 static inline int
 _rs_allocate(struct _rs **rsp, struct _rsx **rsxp)
 {
-	*rsp = calloc(1, sizeof(**rsp));
+	*rsp = VirtualAlloc(NULL, sizeof(**rsp),
+	    MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE);
 	if (*rsp == NULL)
 		return (-1);
 
-	*rsxp = calloc(1, sizeof(**rsxp));
+	*rsxp = VirtualAlloc(NULL, sizeof(**rsxp),
+	    MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE);
 	if (*rsxp == NULL) {
-		free(*rsp);
+		VirtualFree(*rsp, 0, MEM_RELEASE);
+		*rsp = NULL;
 		return (-1);
 	}
 	return (0);
diff --git a/src/lib/libcrypto/crypto/arc4random_win.h b/src/lib/libcrypto/crypto/arc4random_win.h
index 48a1bda128..deec8a1efe 100644
--- a/src/lib/libcrypto/crypto/arc4random_win.h
+++ b/src/lib/libcrypto/crypto/arc4random_win.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: arc4random_win.h,v 1.5 2015/01/15 06:57:18 deraadt Exp $	*/
+/*	$OpenBSD: arc4random_win.h,v 1.6 2016/06/30 12:17:29 bcook Exp $	*/
 
 /*
  * Copyright (c) 1996, David Mazieres <dm@uun.org>
@@ -52,13 +52,16 @@ _getentropy_fail(void)
 static inline int
 _rs_allocate(struct _rs **rsp, struct _rsx **rsxp)
 {
-	*rsp = calloc(1, sizeof(**rsp));
+	*rsp = VirtualAlloc(NULL, sizeof(**rsp),
+	    MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE);
 	if (*rsp == NULL)
 		return (-1);
 
-	*rsxp = calloc(1, sizeof(**rsxp));
+	*rsxp = VirtualAlloc(NULL, sizeof(**rsxp),
+	    MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE);
 	if (*rsxp == NULL) {
-		free(*rsp);
+		VirtualFree(*rsp, 0, MEM_RELEASE);
+		*rsp = NULL;
 		return (-1);
 	}
 	return (0);
-- 
cgit v1.2.3-55-g6feb