crypto/mem.c: use open-coded aligned alloc when posix_memalign fails

While posix_memalign() is generally not expected to fail, we can always use the internal aligned alloc implementation to ensure that any OPENSSL_aligned_malloc failure is indeed fatal and does not require a fallback. Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> (Merged from https://github.com/openssl/openssl/pull/28295)
2025-08-28 15:55:29 +02:00 · 2025-08-28 15:55:29 +02:00 · f75a6d951a
parent 8e28f5c0b9
commit f75a6d951a
2 changed files with 6 additions and 25 deletions
--- a/crypto/mem.c
+++ b/crypto/mem.c
@ -242,26 +242,16 @@ void *CRYPTO_aligned_alloc(size_t num, size_t alignment, void **freeptr,
    /* Allow non-malloc() allocations as long as no malloc_impl is provided. */
    if (malloc_impl == CRYPTO_malloc) {
 #if defined(_BSD_SOURCE) || (defined(_POSIX_C_SOURCE) && _POSIX_C_SOURCE >= 200112L)
-        int memalign_ret;
        void *ret;

        /* posix_memalign() requires alignment to be at least sizeof(void *) */
        if (alignment < sizeof(void *))
            alignment = sizeof(void *);

-        if ((memalign_ret = posix_memalign(&ret, alignment, num))) {
-            ret = NULL;
-            switch (memalign_ret) {
-            case EINVAL:
-                ossl_report_alloc_err_inv(file, line);
-                break;
-            case ENOMEM:
-                ossl_report_alloc_err(file, line);
-                break;
-            }
+        if (posix_memalign(&ret, alignment, num) == 0) {
+            *freeptr = ret;
+            return ret;
        }
-        *freeptr = ret;
-        return ret;
 #endif
    }

--- a/test/mem_alloc_test.c
+++ b/test/mem_alloc_test.c
@ -176,19 +176,10 @@ static const struct array_aligned_alloc_vector {
    { SIZE_MAX / 8 + 9, 8, 64, EXP_NONNULL, EXP_INT_OF },

    /*
-     * posix_memalign expected to fail with ENOMEM, while the open-coded
-     * implementation tries to alloc size + alignment, which should fail
-     * on integer overflow.
+     * the open-coded implementation tries to alloc size + alignment,
+     * which should fail on integer overflow.
     */
-    { 1, SIZE_MAX / 2 + 2, SIZE_MAX / 2 + 1,
-#if (defined(_BSD_SOURCE) \
-      || (defined(_POSIX_C_SOURCE) && _POSIX_C_SOURCE >= 200112L)) \
-    && !USE_CUSTOM_ALLOC_FNS
-      EXP_OOM, EXP_OOM
-#else
-      EXP_INT_OF, EXP_INT_OF
-#endif
-    },
+    { 1, SIZE_MAX - 32767, 65536, EXP_INT_OF, EXP_INT_OF },
 };

 static int secure_memory_is_secure;