Add buffer wrap checks and disable throwing of std::bad_alloc.

Android is built with exceptions disabled, but "operator new" and
"operator new[]" still throw std::bad_alloc on failure rather than
returning new.  In general this is a good thing, because it will cause
an immediate crash of the process rather than assigning a null pointer
which is probably not checked.  But most memory allocations in Keymaster
are checked, because it's written to run in an environment where new
does *not* throw.  This CL updates the code to explicitly use the
non-throwing new.

A handful of throwing news remain, but only in places where a crash on
failure is appropriate.

In addition, this CL also inserts buffer wrap checks in key locations
and changes the development-machine Makefile to build in 32-bit mode, to
make memory problems more apparent.

Bug: 21888473
Change-Id: I8ebc5ec12053e4f5274f6f57ce312abc10611cef

1 files changed, 3 insertions, 1 deletions

diff --git a/hmac_key.cpp b/hmac_key.cpp
index ac6c482..2e814a6 100644
--- a/hmac_key.cpp
+++ b/hmac_key.cpp
@@ -16,6 +16,8 @@
 
 #include "hmac_key.h"
 
+#include <new>
+
 #include <openssl/err.h>
 #include <openssl/rand.h>
 
@@ -45,7 +47,7 @@ keymaster_error_t HmacKeyFactory::LoadKey(const KeymasterKeyBlob& key_material,
         return KM_ERROR_OUTPUT_PARAMETER_NULL;
 
     keymaster_error_t error;
-    key->reset(new HmacKey(key_material, hw_enforced, sw_enforced, &error));
+    key->reset(new (std::nothrow) HmacKey(key_material, hw_enforced, sw_enforced, &error));
     if (!key->get())
         error = KM_ERROR_MEMORY_ALLOCATION_FAILED;
     return error;