Merge pull request #54 from PQClean/no-dynamic-memory-allocations

Detect use of dynamic memory allocation functions
2019-02-27 14:24:11 +01:00 · 2019-02-27 14:24:11 +01:00 · 2b381e9a78
commit 2b381e9a78
parent 2a1d6a1049 72007d3847
2 changed files with 50 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -46,7 +46,7 @@ _The checking of items on this list is still being developed. Checked items shou
 * [ ] API functions return `0` on success, negative on failure
    * [x] 0 on success
    * [ ] Negative on failure (within restrictions of FO transform).
-* [ ] No dynamic memory allocations
+* [x] No dynamic memory allocations
 * [ ] No branching on secret data (dynamically checked using valgrind)
 * [ ] No access to secret memory locations (dynamically checked using valgrind)
 * [x] Separate subdirectories (without symlinks) for each parameter set of each scheme
--- a/test/test_dynamic_memory.py
+++ b/test/test_dynamic_memory.py
@ -0,0 +1,49 @@
+"""
+Checks that no dynamic memory functions are used
+"""
+
+import pqclean
+import helpers
+import sys
+import unittest
+
+
+def test_dynamic_memory():
+    if sys.platform not in ['linux', 'darwin']:
+        raise unittest.SkipTest()
+    for scheme in pqclean.Scheme.all_schemes():
+        for implementation in scheme.implementations:
+            # Keep this loop outside, to allow multiple assertions
+            for function in ['malloc', 'free', 'realloc', 'calloc']:
+                yield (check_dynamic_memory,
+                       scheme.name, implementation.name, function)
+
+
+def check_dynamic_memory(scheme_name, implementation_name, function):
+    implementation = pqclean.Implementation.by_name(
+        scheme_name, implementation_name)
+    # 'make' will take care of not rebuilding existing library files
+    helpers.run_subprocess(
+        ['make'],
+        implementation.path()
+    )
+    out = helpers.run_subprocess(
+        ['nm', '-g', 'lib{}_{}.a'.format(scheme_name,
+                                         implementation_name)],
+        implementation.path()
+    )
+
+    lines = out.strip().split("\n")
+
+    for line in lines:
+        if 'U {}'.format(function) in line:
+            raise AssertionError(
+                "Illegal use of dynamic memory function '{}'".format(function))
+
+if __name__ == '__main__':
+    try:
+        import nose2
+        nose2.main()
+    except ImportError:
+        import nose
+        nose.runmodule()