Fix "failure rate" bugs

Reviewed-by: NEmilia Käsper <emilia@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2228)

crypto/mem.c

@@ -32,7 +32,7 @@ static void (*free_impl)(void *, const char *, int)
 #ifndef OPENSSL_NO_CRYPTO_MDEBUG
 static char *md_failstring;
 static long md_count;
-static int md_percent = 100;
+static int md_fail_percent = 0;
 static int md_tracefd = -1;
 static int call_malloc_debug = 1;
 
@@ -89,7 +89,8 @@ void CRYPTO_get_mem_functions(
  * Parse a "malloc failure spec" string.  This likes like a set of fields
  * separated by semicolons.  Each field has a count and an optional failure
  * percentage.  For example:
- *          100;100@25;@100
+ *          100@0;100@25;0@0
+ *    or    100;100@25;0
  * This means 100 mallocs succeed, then next 100 fail 25% of the time, and
  * all remaining (count is zero) succeed.
  */
@@ -104,7 +105,7 @@ static void parseit(void)
     /* Get the count (atol will stop at the @ if there), and percentage */
     md_count = atol(md_failstring);
     atsign = strchr(md_failstring, '@');
-    md_percent = atsign == NULL ? 100 : atoi(atsign + 1);
+    md_fail_percent = atsign == NULL ? 0 : atoi(atsign + 1);
 
     if (semi != NULL)
         md_failstring = semi;
@@ -116,13 +117,13 @@ static void parseit(void)
 static int shouldfail(void)
 {
     int roll = (int)(random() % 100);
-    int shouldfail = roll > md_percent;
+    int shouldfail = roll < md_fail_percent;
     char buff[80];
 
     if (md_tracefd > 0) {
         BIO_snprintf(buff, sizeof(buff),
                      "%c C%ld %%%d R%d\n",
-                     shouldfail ? '-' : '+', md_count, md_percent, roll);
+                     shouldfail ? '-' : '+', md_count, md_fail_percent, roll);
         write(md_tracefd, buff, strlen(buff));
 #ifndef OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
         if (shouldfail) {

doc/man3/OPENSSL_malloc.pod

@@ -152,8 +152,8 @@ B<OPENSSL_MALLOC_FAILURES> controls how often allocations should fail.
 It is a set of fields separated by semicolons, which each field is a count
 (defaulting to zero) and an optional atsign and percentage (defaulting
 to 100).  If the count is zero, then it lasts forever.  For example,
-C<100;@25> means the first 100 allocations pass, then all other allocations
-(until the program exits or crashes) have the rest have a 25% chance of
+C<100;@25> or C<100@0;0@25> means the first 100 allocations pass, then all
+other allocations (until the program exits or crashes) have a 25% chance of
 failing.
 
 If the variable B<OPENSSL_MALLOC_FD> is parsed as a positive integer, then