Enable/disable crypto-mdebug just like other features

Also always abort() on leak failure.
Reviewed-by: NStephen Henson <steve@openssl.org>

Configurations/10-main.conf

@@ -26,7 +26,7 @@
     "vos-gcc" => {
         cc               => "gcc",
         cflags           => "-Wall -DOPENSSL_SYS_VOS -D_POSIX_C_SOURCE=200112L -D_BSD -D_VOS_EXTENDED_NAMES -DB_ENDIAN",
-        debug_cflags     => "-O0 -g -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG",
+        debug_cflags     => "-O0 -g -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG",
         release_cflags   => "-O3",
         thread_cflag     => "(unknown)",
         sys_id           => "VOS",
@@ -132,7 +132,7 @@
         # -mcpu=ultrasparc
         inherit_from     => [ "solaris-sparcv7-gcc", asm("sparcv9_asm") ],
         cflags           => sub { join(" ","-m32 -mcpu=ultrasparc",@_); },
-        debug_cflags     => "-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -O -g -pedantic -ansi -Wshadow -Wno-long-long -D__EXTENSIONS__",
+        debug_cflags     => "-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DPEDANTIC -O -g -pedantic -ansi -Wshadow -Wno-long-long -D__EXTENSIONS__",
     },
     "solaris64-sparcv9-gcc" => {
         inherit_from     => [ "solaris-sparcv9-gcc" ],
@@ -150,7 +150,7 @@
         inherit_from     => [ "solaris-common" ],
         cc               => "cc",
         cflags           => sub { join(" ","-xstrconst -Xa -DB_ENDIAN -DBN_DIV2W",@_) },
-        debug_cflags     => "-g -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG",
+        debug_cflags     => "-g -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG",
         release_cflags   => "-xO5 -xdepend",
         thread_cflag     => "-D_REENTRANT",
         lflags           => sub { join(" ",@_,"-mt -lpthread") },
@@ -501,7 +501,7 @@
     "linux-generic32" => {
         cc               => "gcc",
         cflags           => "-Wall",
-        debug_cflags     => "-O0 -g -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG",
+        debug_cflags     => "-O0 -g -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG",
         release_cflags   => "-O3",
         thread_cflag     => "-pthread",
         lflags           => "-ldl",
@@ -612,7 +612,7 @@
         inherit_from     => [ "linux-generic32", asm("x86_elf_asm") ],
         cc               => "gcc",
         cflags           => "-march=i486 -DL_ENDIAN -Wall",
-        debug_cflags     => "-O0 -g -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG",
+        debug_cflags     => "-O0 -g -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG",
         release_cflags   => "-O3 -fomit-frame-pointer",
         debug_lflags     => "-lefence",
         bn_ops           => "BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}",
@@ -1450,7 +1450,7 @@
     },
     "vxworks-ppc750-debug" => {
         cc               => "ccppc",
-        cflags           => "-ansi -nostdinc -DPPC750 -D_REENTRANT -fvolatile -fno-builtin -fno-for-scope -fsigned-char -Wall -msoft-float -mlongcall -DCPU=PPC604 -I\$(WIND_BASE)/target/h -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DDEBUG -g",
+        cflags           => "-ansi -nostdinc -DPPC750 -D_REENTRANT -fvolatile -fno-builtin -fno-for-scope -fsigned-char -Wall -msoft-float -mlongcall -DCPU=PPC604 -I\$(WIND_BASE)/target/h -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DDEBUG -g",
         sys_id           => "VXWORKS",
         lflags           => "-r",
     },

Configurations/90-team.conf

@@ -14,14 +14,14 @@
     },
     "debug" => {
         cc               => "gcc",
-        cflags           => "-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror",
+        cflags           => "-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DOPENSSL_NO_ASM -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror",
         thread_cflag     => "(unknown)",
         lflags           => "-lefence",
     },
     "debug-erbridge" => {
         inherit_from     => [ "x86_64_asm" ],
         cc               => "gcc",
-        cflags           => "$gcc_devteam_warn -DBN_DEBUG -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -DTERMIO -g",
+        cflags           => "$gcc_devteam_warn -DBN_DEBUG -DCONF_DEBUG -m64 -DL_ENDIAN -DTERMIO -g",
         thread_cflag     => "-D_REENTRANT",
         lflags           => "-ldl",
         bn_ops           => "SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL",
@@ -36,7 +36,7 @@
     "debug-linux-pentium" => {
         inherit_from     => [ "x86_elf_asm" ],
         cc               => "gcc",
-        cflags           => "-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -g -mcpu=pentium -Wall",
+        cflags           => "-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DL_ENDIAN -g -mcpu=pentium -Wall",
         thread_cflag     => "-D_REENTRANT",
         lflags           => "-ldl",
         bn_ops           => "BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}",
@@ -45,7 +45,7 @@
     "debug-linux-ppro" => {
         inherit_from     => [ "x86_elf_asm" ],
         cc               => "gcc",
-        cflags           => "-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -g -mcpu=pentiumpro -Wall",
+        cflags           => "-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DL_ENDIAN -g -mcpu=pentiumpro -Wall",
         thread_cflag     => "-D_REENTRANT",
         lflags           => "-ldl",
         bn_ops           => "BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}",
@@ -54,7 +54,7 @@
     "debug-linux-elf-noefence" => {
         inherit_from     => [ "x86_elf_asm" ],
         cc               => "gcc",
-        cflags           => "-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -g -march=i486 -Wall",
+        cflags           => "-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DL_ENDIAN -g -march=i486 -Wall",
         thread_cflag     => "-D_REENTRANT",
         lflags           => "-ldl",
         bn_ops           => "BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}",

Configurations/99-personal-ben.conf

@@ -8,17 +8,17 @@
 %targets = (
     "debug-ben" => {
         cc               => "gcc",
-        cflags           => "$gcc_devteam_warn -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DDEBUG_SAFESTACK -O2 -pipe",
+        cflags           => "$gcc_devteam_warn -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -O2 -pipe",
         thread_cflag     => "(unknown)",
     },
     "debug-ben-openbsd" => {
         cc               => "gcc",
-        cflags           => "-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -O2 -pedantic -Wall -Wshadow -Werror -pipe",
+        cflags           => "-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -O2 -pedantic -Wall -Wshadow -Werror -pipe",
         thread_cflag     => "(unknown)",
     },
     "debug-ben-openbsd-debug" => {
         cc               => "gcc",
-        cflags           => "-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe",
+        cflags           => "-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe",
         thread_cflag     => "(unknown)",
     },
     "debug-ben-debug" => {
@@ -69,12 +69,12 @@
     },
     "debug-ben-no-opt" => {
         cc               => "gcc",
-        cflags           => " -Wall -Wmissing-prototypes -Wstrict-prototypes -Wmissing-declarations -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG -Werror -DL_ENDIAN -Wall -g3",
+        cflags           => " -Wall -Wmissing-prototypes -Wstrict-prototypes -Wmissing-declarations -DDEBUG_SAFESTACK -Werror -DL_ENDIAN -Wall -g3",
         thread_cflag     => "(unknown)",
     },
     "debug-ben-strict" => {
         cc               => "gcc",
-        cflags           => "-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe",
+        cflags           => "-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe",
         thread_cflag     => "(unknown)",
     },
     "debug-ben-darwin64" => {

Configurations/99-personal-levitte.conf

@@ -10,7 +10,7 @@
         inherit_from     => [ "x86_elf_asm" ],
         cc               => "gcc",
         cflags           => "-DL_ENDIAN -Wall",
-        debug_cflags     => "-DLEVITTE_DEBUG -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG-ggdb -g3",
+        debug_cflags     => "-DLEVITTE_DEBUG -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -ggdb -g3",
         thread_cflag     => "-D_REENTRANT",
         lflags           => "-ldl",
         bn_ops           => "BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT",
@@ -22,7 +22,7 @@
     "debug-levitte-linux-noasm" => {
         inherit_from     => [ "no_asm_filler" ],
         cc               => "gcc",
-        cflags           => "-DLEVITTE_DEBUG -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -ggdb -g3 -Wall",
+        cflags           => "-DLEVITTE_DEBUG -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -ggdb -g3 -Wall",
         thread_cflag     => "-D_REENTRANT",
         lflags           => "-ldl",
         bn_ops           => "BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT",
@@ -34,7 +34,7 @@
     "debug-levitte-linux-elf-extreme" => {
         inherit_from     => [ "x86_elf_asm" ],
         cc               => "gcc",
-        cflags           => "-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DPEDANTIC -ggdb -g3 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe",
+        cflags           => "-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DENGINE_CONF_DEBUG -DL_ENDIAN -DPEDANTIC -ggdb -g3 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe",
         thread_cflag     => "-D_REENTRANT",
         lflags           => "-ldl",
         bn_ops           => "BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT",
@@ -47,7 +47,7 @@
     "debug-levitte-linux-noasm-extreme" => {
         inherit_from     => [ "no_asm_filler" ],
         cc               => "gcc",
-        cflags           => "-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DPEDANTIC -ggdb -g3 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe",
+        cflags           => "-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DPEDANTIC -ggdb -g3 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe",
         thread_cflag     => "-D_REENTRANT",
         lflags           => "-ldl",
         bn_ops           => "BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT",

Configure

@@ -100,7 +100,7 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimenta
 # Minimum warning options... any contributions to OpenSSL should at least get
 # past these.
 
-my $gcc_devteam_warn = "-Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wtype-limits -Werror -DCRYPTO_MDEBUG -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DDEBUG_UNUSED";
+my $gcc_devteam_warn = "-Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wtype-limits -Werror -DREF_CHECK -DDEBUG_UNUSED";
 
 # These are used in addition to $gcc_devteam_warn when the compiler is clang.
 # TODO(openssl-team): fix problems and investigate if (at least) the
@@ -908,13 +908,14 @@ my %disabled = ( # "what"         => "comment" [or special keyword "experimental
 		 "jpake"          => "experimental",
 		 "md2"            => "default",
 		 "rc5"            => "default",
-		 "sctp"       => "default",
+		 "sctp"           => "default",
 		 "shared"         => "default",
 		 "ssl-trace"	  => "default",
 		 "store"	  => "experimental",
 		 "unit-test"	  => "default",
 		 "zlib"           => "default",
-		 "zlib-dynamic"   => "default"
+		 "zlib-dynamic"   => "default",
+		 "crypto-mdebug"  => "default",
 	       );
 my @experimental = ();
 

Makefile.org

@@ -46,7 +46,6 @@ OPENSSLDIR=/usr/local/ssl
 # LOCK_DEBUG - turns on lots of lock debug output :-)
 # REF_CHECK - turn on some xyz_free() assertions.
 # REF_PRINT - prints some stuff on structure free.
-# CRYPTO_MDEBUG - turns on my 'memory leak' detecting stuff
 # MFUNC - Make all Malloc/Free/Realloc calls call
 #       CRYPTO_malloc/CRYPTO_free/CRYPTO_realloc which can be setup to
 #       call application defined callbacks via CRYPTO_set_mem_functions()

apps/openssl.c

@@ -429,7 +429,7 @@ int main(int argc, char *argv[])
     BIO_free(bio_in);
     BIO_free_all(bio_out);
     apps_shutdown();
-#ifdef CRYPTO_MDEBUG
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
     CRYPTO_mem_leaks(bio_err);
 #endif
     BIO_free(bio_err);

crypto/asn1/tasn_new.c

@@ -102,7 +102,7 @@ int asn1_item_embed_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int embed)
     else
         asn1_cb = 0;
 
-#ifdef CRYPTO_MDEBUG
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
     OPENSSL_mem_debug_push(it->sname ? it->sname : "asn1_item_embed_new");
 #endif
 
@@ -135,7 +135,7 @@ int asn1_item_embed_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int embed)
             if (!i)
                 goto auxerr;
             if (i == 2) {
-#ifdef CRYPTO_MDEBUG
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
                 OPENSSL_mem_debug_pop();
 #endif
                 return 1;
@@ -160,7 +160,7 @@ int asn1_item_embed_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int embed)
             if (!i)
                 goto auxerr;
             if (i == 2) {
-#ifdef CRYPTO_MDEBUG
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
                 OPENSSL_mem_debug_pop();
 #endif
                 return 1;
@@ -184,14 +184,14 @@ int asn1_item_embed_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int embed)
             goto auxerr;
         break;
     }
-#ifdef CRYPTO_MDEBUG
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
     OPENSSL_mem_debug_pop();
 #endif
     return 1;
 
  memerr:
     ASN1err(ASN1_F_ASN1_ITEM_EMBED_NEW, ERR_R_MALLOC_FAILURE);
-#ifdef CRYPTO_MDEBUG
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
     OPENSSL_mem_debug_pop();
 #endif
     return 0;
@@ -199,7 +199,7 @@ int asn1_item_embed_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int embed)
  auxerr:
     ASN1err(ASN1_F_ASN1_ITEM_EMBED_NEW, ASN1_R_AUX_ERROR);
     ASN1_item_ex_free(pval, it);
-#ifdef CRYPTO_MDEBUG
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
     OPENSSL_mem_debug_pop();
 #endif
     return 0;
@@ -259,7 +259,7 @@ static int asn1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
         *pval = NULL;
         return 1;
     }
-#ifdef CRYPTO_MDEBUG
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
     OPENSSL_mem_debug_push(tt->field_name
             ? tt->field_name : "asn1_template_new");
 #endif
@@ -279,7 +279,7 @@ static int asn1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
     /* Otherwise pass it back to the item routine */
     ret = asn1_item_embed_new(pval, it, embed);
  done:
-#ifdef CRYPTO_MDEBUG
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
     OPENSSL_mem_debug_pop();
 #endif
     return ret;

crypto/mem.c

@@ -74,7 +74,7 @@ static void *(*realloc_wrapper)(void *, size_t, const char *, int)
 static void (*free_wrapper)(void *)
     = CRYPTO_free;
 
-#ifdef CRYPTO_MDEBUG
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
 static int call_malloc_debug = 1;
 #else
 static int call_malloc_debug = 0;
@@ -125,7 +125,7 @@ void *CRYPTO_malloc(size_t num, const char *file, int line)
         return NULL;
 
     allow_customize = 0;
-#ifdef CRYPTO_MDEBUG
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
     if (call_malloc_debug) {
         CRYPTO_mem_debug_malloc(NULL, num, 0, file, line);
         ret = malloc(num);
@@ -174,7 +174,7 @@ void *CRYPTO_realloc(void *str, size_t num, const char *file, int line)
     }
 
     allow_customize = 0;
-#ifdef CRYPTO_MDEBUG
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
     if (call_malloc_debug) {
         void *ret;
         CRYPTO_mem_debug_realloc(str, NULL, num, 0, file, line);
@@ -211,7 +211,7 @@ void *CRYPTO_clear_realloc(void *str, size_t old_len, size_t num,
 
     /* Allocate new memory.  Call malloc and do a copy, so that we can
      * cleanse the old buffer. */
-#ifdef CRYPTO_MDEBUG
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
     if (call_malloc_debug) {
         CRYPTO_mem_debug_realloc(str, NULL, num, 0, file, line);
         ret = malloc(num);
@@ -233,7 +233,7 @@ void *CRYPTO_clear_realloc(void *str, size_t old_len, size_t num,
 
 void CRYPTO_free(void *str)
 {
-#ifdef CRYPTO_MDEBUG
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
     if (call_malloc_debug) {
         CRYPTO_mem_debug_free(str, 0);
         free(str);

crypto/mem_dbg.c

@@ -132,7 +132,9 @@
  * checking temporarily. State CRYPTO_MEM_CHECK_ENABLE without ..._ON makes
  * no sense whatsoever.
  */
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
 static int mh_mode = CRYPTO_MEM_CHECK_OFF;
+#endif
 
 #ifndef OPENSSL_NO_CRYPTO_MDEBUG
 static unsigned long order = 0; /* number of memory requests */
@@ -203,7 +205,7 @@ static void app_info_free(APP_INFO *inf)
 
 int CRYPTO_mem_ctrl(int mode)
 {
-#ifndef CRYPTO_MDEBUG
+#ifdef OPENSSL_NO_CRYPTO_MDEBUG
     return mode - mode;
 #else
     int ret = mh_mode;
@@ -663,9 +665,7 @@ void CRYPTO_mem_leaks(BIO *b)
     }
     if (ml.chunks != 0) {
         BIO_printf(b, "%ld bytes leaked in %d chunks\n", ml.bytes, ml.chunks);
-# ifdef CRYPTO_MDEBUG_ABORT
         abort();
-# endif
     } else {
         /*
          * Make sure that, if we found no leaks, memory-leak debugging itself

doc/crypto/OPENSSL_malloc.pod

@@ -56,7 +56,7 @@ CRYPTO_mem_leaks, CRYPTO_mem_leaks_fp - Memory allocation functions
  #define CRYPTO_MEM_CHECK_DISABLE
  #define CRYPTO_MEM_CHECK_ENABLE
 
- int CRYPTO_mem_ctrl(int flags);
+ int CRYPTO_mem_ctrl(int mode);
 
  int OPENSSL_mem_debug_push(const char *info)
  int OPENSLS_mem_debug_pop)(void)
@@ -112,12 +112,14 @@ This is most useful for identifying memory leaks.
 CRYPTO_set_mem_debug() turns this tracking on and off.  It is normally
 called at startup, but can be called at any time.
 
-Finer-grain control of the tracking can be done with CRYPTO_mem_ctrl().
-The most common case is to enable tracking, which is done by using
-the B<CRYPTO_MEM_CHECK_ON> constant; it can be turned off by using
-the B<CRYPTO_MEM_CHECK_OFF> value.  The disable and enable values are
-most commonly used within OpenSSL to termporarily suspend and restore
-tracking of library internals.
+CRYPTO_mem_ctrl() provides fine-grained control of memory leak tracking.
+To enable tracking call CRYPTO_mem_ctrl() with a B<mode> argument of
+the B<CRYPTO_MEM_CHECK_ON>.
+To disable tracking call CRYPTO_mem_ctrl() with a B<mode> argument of
+the B<CRYPTO_MEM_CHECK_OFF>.
+The B<CRYPTO_MEM_CHECK_DISABLE> and B<CRYPTO_MEM_CHECK_ENABLE> modes
+are used internally within OpenSSL to temporarily suspend and resume
+tracking.
 
 While checking memory, it can be useful to store additional context
 about what is being done.
@@ -129,11 +131,9 @@ This must be a global or other static string; it is not copied.
 OPENSSL_mem_debug_pop() removes identifying state from the stack.
 
 At the end of the program, calling CRYPTO_mem_leaks() or
-CRYPTO_mem_leaks_fp() will
-report all "leaked" memory, writing it to the specified BIO B<b>
-or FILE B<fp>.
-Depending on how OpenSSL is built, it may then abort if there
-are any unfree'd allocations, for debugging.
+CRYPTO_mem_leaks_fp() will report all "leaked" memory, writing it
+to the specified BIO B<b> or FILE B<fp>.
+It will then L<abort(3)> if there were any unfree'd allocations.
 
 =head1 RETURN VALUES
 
@@ -154,7 +154,7 @@ CRYPTO_set_mem_functions() and CRYPTO_set_mem_debug()
 return 1 on success or 0 on failure (almost
 always because allocations have already happened).
 
-CRYPTO_mem_ctrl() return the previous value of the flag.
+CRYPTO_mem_ctrl() returns the previous value of the mode.
 
 OPENSSL_mem_debug_push() and OPENSSL_mem_debug_pop()
 return 1 on success or 0 on failure.

include/openssl/crypto.h

@@ -249,10 +249,10 @@ typedef struct {
  * The following can be used to detect memory leaks in the library. If
  * used, it turns on malloc checking
  */
-# define CRYPTO_MEM_CHECK_OFF     0x0
-# define CRYPTO_MEM_CHECK_ON      0x1
-# define CRYPTO_MEM_CHECK_ENABLE  0x2
-# define CRYPTO_MEM_CHECK_DISABLE 0x3
+# define CRYPTO_MEM_CHECK_OFF     0x0   /* Control only */
+# define CRYPTO_MEM_CHECK_ON      0x1   /* Control and mode bit */
+# define CRYPTO_MEM_CHECK_ENABLE  0x2   /* Control and mode bit */
+# define CRYPTO_MEM_CHECK_DISABLE 0x3   /* Control only */
 
 /* predec of the BIO type */
 typedef struct bio_st BIO_dummy;
@@ -291,20 +291,9 @@ DEFINE_STACK_OF(void)
 #define OPENSSL_malloc_init() \
     CRYPTO_set_mem_functions(CRYPTO_malloc, CRYPTO_realloc, CRYPTO_free)
 
-/*
- * Set standard debugging functions (not done by default unless CRYPTO_MDEBUG
- * is defined)
- */
-# if defined(CRYPTO_MDEBUG_ABORT) && !defined(CRYPTO_MDEBUG)
-#  define CRYPTO_MDEBUG
-# endif
-# ifndef CRYPTO_MDEBUG
-#  define OPENSSL_NO_CRYPTO_MDEBUG
-# endif
-
 int CRYPTO_mem_ctrl(int mode);
 
-# ifdef CRYPTO_MDEBUG
+# ifndef OPENSSL_NO_CRYPTO_MDEBUG
 #  define OPENSSL_malloc(num) \
         CRYPTO_malloc(num, __FILE__, __LINE__)
 #  define OPENSSL_zalloc(num) \

test/clienthellotest.c

@@ -211,7 +211,7 @@ int main(int argc, char *argv[])
     ERR_remove_thread_state(NULL);
     EVP_cleanup();
     CRYPTO_cleanup_all_ex_data();
-#ifdef CRYPTO_MDEBUG
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
     CRYPTO_mem_leaks(err);
 #endif
     BIO_free(err);

test/danetest.c

@@ -526,7 +526,7 @@ end:
     ERR_free_strings();
     ERR_remove_thread_state(NULL);
     EVP_cleanup();
-#ifdef CRYPTO_MDEBUG
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
     CRYPTO_mem_leaks(bio_err);
 #endif
     BIO_free(bio_err);

test/dsatest.c

@@ -215,7 +215,7 @@ int main(int argc, char **argv)
     CRYPTO_cleanup_all_ex_data();
     ERR_remove_thread_state(NULL);
     ERR_free_strings();
-#ifdef CRYPTO_MDEBUG
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
     CRYPTO_mem_leaks(bio_err);
 #endif
     BIO_free(bio_err);

test/ecdhtest.c

@@ -516,7 +516,7 @@ int main(int argc, char *argv[])
     BIO_free(out);
     CRYPTO_cleanup_all_ex_data();
     ERR_remove_thread_state(NULL);
-#ifdef CRYPTO_MDEBUG
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
     CRYPTO_mem_leaks_fp(stderr);
 #endif
     EXIT(ret);

test/ecdsatest.c

@@ -545,7 +545,7 @@ int main(void)
     CRYPTO_cleanup_all_ex_data();
     ERR_remove_thread_state(NULL);
     ERR_free_strings();
-#ifdef CRYPTO_MDEBUG
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
     CRYPTO_mem_leaks(out);
 #endif
     BIO_free(out);

test/ectest.c

@@ -1664,7 +1664,7 @@ int main(int argc, char *argv[])
     CRYPTO_cleanup_all_ex_data();
     ERR_free_strings();
     ERR_remove_thread_state(NULL);
-#ifdef CRYPTO_MDEBUG
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
     CRYPTO_mem_leaks_fp(stderr);
 #endif
 

test/enginetest.c

@@ -249,7 +249,7 @@ int main(int argc, char *argv[])
     CRYPTO_cleanup_all_ex_data();
     ERR_free_strings();
     ERR_remove_thread_state(NULL);
-#ifdef CRYPTO_MDEBUG
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
     CRYPTO_mem_leaks_fp(stderr);
 #endif
     return to_return;

test/evp_extra_test.c

@@ -466,7 +466,7 @@ int main(void)
     CRYPTO_cleanup_all_ex_data();
     ERR_remove_thread_state(NULL);
     ERR_free_strings();
-#ifdef CRYPTO_MDEBUG
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
     CRYPTO_mem_leaks_fp(stderr);
 #endif
 

test/evp_test.c

@@ -610,7 +610,7 @@ int main(int argc, char **argv)
     CRYPTO_cleanup_all_ex_data();
     ERR_remove_thread_state(NULL);
     ERR_free_strings();
-#ifdef CRYPTO_MDEBUG
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
     CRYPTO_mem_leaks_fp(stderr);
 #endif
     if (t.errors)

test/exptest.c

@@ -300,7 +300,7 @@ int main(int argc, char *argv[])
     BN_free(m);
     BN_CTX_free(ctx);
     ERR_remove_thread_state(NULL);
-#ifdef CRYPTO_MDEBUG
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
     CRYPTO_mem_leaks(out);
 #endif
     BIO_free(out);

test/memleaktest.c

@@ -56,12 +56,23 @@
 #include <string.h>
 #include <openssl/bio.h>
 #include <openssl/crypto.h>
+#include <setjmp.h>
+
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
+static sigjmp_buf env;
+
+static void handler(int sig)
+{
+    siglongjmp(env, 1);
+}
+#endif
 
 int main(int argc, char **argv)
 {
-#ifdef CRYPTO_MDEBUG
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
     char *p;
     char *lost;
+    int aborted = 0;
 
     p = getenv("OPENSSL_DEBUG_MEMORY");
     if (p != NULL && strcmp(p, "on") == 0)
@@ -74,15 +85,19 @@ int main(int argc, char **argv)
         return 1;
     }
 
-    if (argv[1] && strcmp(argv[1], "freeit") == 0)
+    signal(SIGABRT, handler);
+
+    if (argv[1] && strcmp(argv[1], "freeit") == 0) {
         OPENSSL_free(lost);
+        lost = NULL;
+    }
 
-    CRYPTO_mem_leaks_fp(stderr);
-    return 0;
+    if (sigsetjmp(env, 0) == 0)
+        CRYPTO_mem_leaks_fp(stderr);
+    else
+        aborted = 1;
+    return ((lost != NULL) ^ (aborted == 1));
 #else
-    if (argv[1] && strcmp(argv[1], "freeit") == 0)
-        return 0;
-    fprintf(stderr, "Leak simulated\n");
-    return 1;
+    return 0;
 #endif
 }

test/p5_crpt2_test.c

@@ -205,7 +205,7 @@ int main(int argc, char **argv)
     CRYPTO_cleanup_all_ex_data();
     ERR_remove_thread_state(NULL);
     ERR_free_strings();
-# ifdef CRYPTO_MDEBUG
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
     CRYPTO_mem_leaks_fp(stderr);
 # endif
     return 0;

test/recipes/90-test_memleak.t

@@ -3,5 +3,6 @@
 use OpenSSL::Test;
 
 setup("test_memleak");
-plan tests => 1;
-ok(!run(test(["memleaktest"])), "running memleaktest");
+plan tests => 2;
+ok(run(test(["memleaktest"])), "running leak test");
+ok(run(test(["memleaktest", "freeit"])), "running no leak test");

test/rsa_test.c

@@ -327,7 +327,7 @@ int main(int argc, char *argv[])
     CRYPTO_cleanup_all_ex_data();
     ERR_remove_thread_state(NULL);
 
-#ifdef CRYPTO_MDEBUG
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
     CRYPTO_mem_leaks_fp(stderr);
 #endif
 

test/srptest.c

@@ -146,7 +146,7 @@ int main(int argc, char **argv)
     CRYPTO_cleanup_all_ex_data();
     ERR_remove_thread_state(NULL);
     ERR_free_strings();
-#ifdef CRYPTO_MDEBUG
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
     CRYPTO_mem_leaks(bio_err);
 #endif
     BIO_free(bio_err);

test/ssltest.c

@@ -1821,7 +1821,7 @@ int main(int argc, char *argv[])
     ERR_free_strings();
     ERR_remove_thread_state(NULL);
     EVP_cleanup();
-#ifdef CRYPTO_MDEBUG
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
     CRYPTO_mem_leaks(bio_err);
 #endif
     BIO_free(bio_err);

test/verify_extra_test.c

@@ -207,7 +207,7 @@ int main(int argc, char **argv)
     CRYPTO_cleanup_all_ex_data();
     ERR_remove_thread_state(NULL);
     ERR_free_strings();
-#ifdef CRYPTO_MDEBUG
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
     CRYPTO_mem_leaks_fp(stderr);
 #endif
 

util/mkdef.pl

@@ -124,7 +124,6 @@ foreach (@known_algorithms) {
     $disabled_algorithms{$_} = 0;
 }
 # disabled by default
-$disabled_algorithms{"CRYPTO_MDEBUG"} = 1;
 $disabled_algorithms{"STATIC_ENGINE"} = 1;
 
 my $options="";

util/pl/linux.pl

@@ -11,7 +11,7 @@ $rm='/bin/rm -f';
 
 $cc='gcc';
 if ($debug)
-	{ $cflags="-g2 -ggdb -DREF_CHECK -DCRYPTO_MDEBUG"; }
+	{ $cflags="-g2 -ggdb -DREF_CHECK"; }
 elsif ($profile)
 	{ $cflags="-pg -O3"; }
 else

util/pl/ultrix.pl

@@ -11,7 +11,7 @@ $rm='/bin/rm -f';
 
 $cc='cc';
 if ($debug)
-	{ $cflags="-g -DREF_CHECK -DCRYPTO_MDEBUG"; }
+	{ $cflags="-g -DREF_CHECK"; }
 else
 	{ $cflags="-O2"; }