Use safer sizeof variant in malloc

For a local variable: TYPE *p; Allocations like this are "risky": p = OPENSSL_malloc(sizeof(TYPE)); if the type of p changes, and the malloc call isn't updated, you could get memory corruption. Instead do this: p = OPENSSL_malloc(sizeof(*p)); Also fixed a few memset() calls that I noticed while doing this. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-01 23:10:31 -04:00 · 2015-05-01 23:10:31 -04:00 · b4faea50c3
commit b4faea50c3
parent 8920a7cd04
142 changed files with 278 additions and 283 deletions
--- a/apps/apps.c
+++ b/apps/apps.c
@ -180,7 +180,7 @@ int chopup_args(ARGS *arg, char *buf)
    arg->argc = 0;
    if (arg->size == 0) {
        arg->size = 20;
-        arg->argv = app_malloc(sizeof(char *) * arg->size, "argv space");
+        arg->argv = app_malloc(sizeof(*arg->argv) * arg->size, "argv space");
        if (arg->argv == NULL)
            return 0;
    }
@ -195,7 +195,8 @@ int chopup_args(ARGS *arg, char *buf)
        /* The start of something good :-) */
        if (arg->argc >= arg->size) {
            arg->size += 20;
-            arg->argv = OPENSSL_realloc(arg->argv, sizeof(char *) * arg->size);
+            arg->argv = OPENSSL_realloc(arg->argv,
                                        sizeof(*arg->argv) * arg->size);
            if (arg->argv == NULL)
                return 0;
        }
@ -1585,7 +1586,7 @@ CA_DB *load_index(char *dbfile, DB_ATTR *db_attr)
        }
    }
-    retdb = app_malloc(sizeof *retdb, "new DB");
+    retdb = app_malloc(sizeof(*retdb), "new DB");
    retdb->db = tmpdb;
    tmpdb = NULL;
    if (db_attr)
@ -2364,7 +2365,7 @@ static int WIN32_rename(const char *from, const char *to)
    } else {                    /* UNICODE path */
        size_t i, flen = strlen(from) + 1, tlen = strlen(to) + 1;
-        tfrom = (TCHAR *)malloc(sizeof(TCHAR) * (flen + tlen));
+        tfrom = malloc(*sizeof(*tfrom) * (flen + tlen));
        if (tfrom == NULL)
            goto err;
        tto = tfrom + flen;
--- a/apps/ca.c
+++ b/apps/ca.c
@ -1970,7 +1970,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
    row[DB_type][0] = 'V';
    row[DB_type][1] = '\0';
-    irow = app_malloc(sizeof(char *) * (DB_NUMBER + 1), "row space");
+    irow = app_malloc(sizeof(*irow) * (DB_NUMBER + 1), "row space");
    for (i = 0; i < DB_NUMBER; i++) {
        irow[i] = row[i];
        row[i] = NULL;
@ -2207,7 +2207,7 @@ static int do_revoke(X509 *x509, CA_DB *db, int type, char *value)
        row[DB_type][0] = 'V';
        row[DB_type][1] = '\0';
-        irow = app_malloc(sizeof(char *) * (DB_NUMBER + 1), "row ptr");
+        irow = app_malloc(sizeof(*irow) * (DB_NUMBER + 1), "row ptr");
        for (i = 0; i < DB_NUMBER; i++) {
            irow[i] = row[i];
            row[i] = NULL;
--- a/apps/cms.c
+++ b/apps/cms.c
@ -570,7 +570,7 @@ int cms_main(int argc, char **argv)
            }
            if (key_param == NULL || key_param->idx != keyidx) {
                cms_key_param *nparam;
-                nparam = app_malloc(sizeof *nparam, "key param buffer");
+                nparam = app_malloc(sizeof(*nparam), "key param buffer");
                nparam->idx = keyidx;
                if ((nparam->param = sk_OPENSSL_STRING_new_null()) == NULL)
                    goto end;
--- a/apps/ecparam.c
+++ b/apps/ecparam.c
@ -232,7 +232,7 @@ int ecparam_main(int argc, char **argv)
        size_t crv_len = EC_get_builtin_curves(NULL, 0);
        size_t n;
-        curves = app_malloc((int)(sizeof *curves * crv_len), "list curves");
+        curves = app_malloc((int)sizeof(*curves) * crv_len, "list curves");
        if (!EC_get_builtin_curves(curves, crv_len)) {
            OPENSSL_free(curves);
            goto end;
--- a/apps/openssl.c
+++ b/apps/openssl.c
@ -804,7 +804,7 @@ static LHASH_OF(FUNCTION) *prog_init(void)
    /* Sort alphabetically within category. For nicer help displays. */
    for (i = 0, f = functions; f->name != NULL; ++f, ++i) ;
-    qsort(functions, i, sizeof *functions, SortFnByName);
+    qsort(functions, i, sizeof(*functions), SortFnByName);
    if ((ret = lh_FUNCTION_new()) == NULL)
        return (NULL);
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@ -1173,7 +1173,7 @@ void ssl_ctx_set_excert(SSL_CTX *ctx, SSL_EXCERT *exc)
 static int ssl_excert_prepend(SSL_EXCERT **pexc)
 {
-    SSL_EXCERT *exc = app_malloc(sizeof *exc, "prepend cert");
+    SSL_EXCERT *exc = app_malloc(sizeof(*exc), "prepend cert");
    exc->certfile = NULL;
    exc->keyfile = NULL;
--- a/apps/s_server.c
+++ b/apps/s_server.c
@ -461,7 +461,7 @@ static int ebcdic_new(BIO *bi)
 {
    EBCDIC_OUTBUFF *wbuf;
-    wbuf = app_malloc(sizeof(EBCDIC_OUTBUFF) + 1024, "ebcdef wbuf");
+    wbuf = app_malloc(sizeof(*wbuf) + 1024, "ebcdic wbuf");
    wbuf->alloced = 1024;
    wbuf->buff[0] = '\0';
@ -515,7 +515,7 @@ static int ebcdic_write(BIO *b, const char *in, int inl)
        num = num + num;        /* double the size */
        if (num < inl)
            num = inl;
-        wbuf = app_malloc(sizeof(EBCDIC_OUTBUFF) + num, "grow ebcdic wbuf");
+        wbuf = app_malloc(sizeof(*wbuf) + num, "grow ebcdic wbuf");
        OPENSSL_free(b->ptr);
        wbuf->alloced = num;
@ -3127,7 +3127,7 @@ static simple_ssl_session *first = NULL;
 static int add_session(SSL *ssl, SSL_SESSION *session)
 {
-    simple_ssl_session *sess = app_malloc(sizeof *sess, "get session");
+    simple_ssl_session *sess = app_malloc(sizeof(*sess), "get session");
    unsigned char *p;
    SSL_SESSION_get_id(session, &sess->idlen);
--- a/apps/speed.c
+++ b/apps/speed.c
@ -2283,7 +2283,7 @@ static int do_multi(int multi)
    int *fds;
    static char sep[] = ":";
-    fds = malloc(multi * sizeof *fds);
+    fds = malloc(sizeof(*fds) * multi);
    for (n = 0; n < multi; ++n) {
        if (pipe(fd) == -1) {
            fprintf(stderr, "pipe failure\n");
--- a/apps/srp.c
+++ b/apps/srp.c
@ -138,7 +138,7 @@ static int update_index(CA_DB *db, char **row)
    char **irow;
    int i;
-    irow = app_malloc(sizeof(char *) * (DB_NUMBER + 1), "row pointers");
+    irow = app_malloc(sizeof(*irow) * (DB_NUMBER + 1), "row pointers");
    for (i = 0; i < DB_NUMBER; i++) {
        irow[i] = row[i];
        row[i] = NULL;
--- a/apps/vms_decc_init.c
+++ b/apps/vms_decc_init.c
@ -130,7 +130,7 @@ char **copy_argv(int *argc, char *argv[])
     */
    int i, count = *argc;
-    char **newargv = app_malloc((count + 1) * sizeof *newargv, "argv copy");
+    char **newargv = app_malloc(sizeof(*newargv) * (count + 1), "argv copy");
    for (i = 0; i < count; i++)
        newargv[i] = argv[i];
--- a/crypto/LPdir_unix.c
+++ b/crypto/LPdir_unix.c
@ -78,12 +78,12 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
    errno = 0;
    if (*ctx == NULL) {
-        *ctx = (LP_DIR_CTX *)malloc(sizeof(LP_DIR_CTX));
+        *ctx = malloc(sizeof(**ctx));
        if (*ctx == NULL) {
            errno = ENOMEM;
            return 0;
        }
-        memset(*ctx, '\0', sizeof(LP_DIR_CTX));
+        memset(*ctx, '\0', sizeof(**ctx));
        (*ctx)->dir = opendir(directory);
        if ((*ctx)->dir == NULL) {
--- a/crypto/LPdir_vms.c
+++ b/crypto/LPdir_vms.c
@ -104,12 +104,12 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
            return 0;
        }
-        *ctx = (LP_DIR_CTX *)malloc(sizeof(LP_DIR_CTX));
+        *ctx = malloc(sizeof(**ctx));
        if (*ctx == NULL) {
            errno = ENOMEM;
            return 0;
        }
-        memset(*ctx, '\0', sizeof(LP_DIR_CTX));
+        memset(*ctx, '\0', sizeof(**ctx));
        strcpy((*ctx)->filespec, directory);
        strcat((*ctx)->filespec, "*.*;");
--- a/crypto/LPdir_win.c
+++ b/crypto/LPdir_win.c
@ -69,12 +69,12 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
            return 0;
        }
-        *ctx = (LP_DIR_CTX *)malloc(sizeof(LP_DIR_CTX));
+        *ctx = malloc(sizeof(**ctx));
        if (*ctx == NULL) {
            errno = ENOMEM;
            return 0;
        }
-        memset(*ctx, '\0', sizeof(LP_DIR_CTX));
+        memset(*ctx, '\0', sizeof(**ctx));
        if (directory[dirlen - 1] != '*') {
            extdirbuf = (char *)malloc(dirlen + 3);
--- a/crypto/asn1/a_object.c
+++ b/crypto/asn1/a_object.c
@ -345,7 +345,7 @@ ASN1_OBJECT *ASN1_OBJECT_new(void)
 {
    ASN1_OBJECT *ret;
-    ret = OPENSSL_malloc(sizeof(ASN1_OBJECT));
+    ret = OPENSSL_malloc(sizeof(*ret));
    if (ret == NULL) {
        ASN1err(ASN1_F_ASN1_OBJECT_NEW, ERR_R_MALLOC_FAILURE);
        return (NULL);
--- a/crypto/asn1/a_strnid.c
+++ b/crypto/asn1/a_strnid.c
@ -240,7 +240,7 @@ static ASN1_STRING_TABLE *stable_get(int nid)
    tmp = ASN1_STRING_TABLE_get(nid);
    if (tmp && tmp->flags & STABLE_FLAGS_MALLOC)
        return tmp;
-    rv = OPENSSL_malloc(sizeof(ASN1_STRING_TABLE));
+    rv = OPENSSL_malloc(sizeof(*rv));
    if (!rv)
        return NULL;
    if (!sk_ASN1_STRING_TABLE_push(stable, rv)) {
--- a/crypto/asn1/ameth_lib.c
+++ b/crypto/asn1/ameth_lib.c
@ -284,7 +284,7 @@ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
                                        const char *pem_str, const char *info)
 {
    EVP_PKEY_ASN1_METHOD *ameth;
-    ameth = OPENSSL_malloc(sizeof(EVP_PKEY_ASN1_METHOD));
+    ameth = OPENSSL_malloc(sizeof(*ameth));
    if (!ameth)
        return NULL;
--- a/crypto/asn1/asn1_lib.c
+++ b/crypto/asn1/asn1_lib.c
@ -349,7 +349,7 @@ ASN1_STRING *ASN1_STRING_type_new(int type)
 {
    ASN1_STRING *ret;
-    ret = OPENSSL_malloc(sizeof(ASN1_STRING));
+    ret = OPENSSL_malloc(sizeof(*ret));
    if (ret == NULL) {
        ASN1err(ASN1_F_ASN1_STRING_TYPE_NEW, ERR_R_MALLOC_FAILURE);
        return (NULL);
--- a/crypto/asn1/asn_mime.c
+++ b/crypto/asn1/asn_mime.c
@ -844,7 +844,7 @@ static MIME_HEADER *mime_hdr_new(char *name, char *value)
            }
        }
    }
-    mhdr = OPENSSL_malloc(sizeof(MIME_HEADER));
+    mhdr = OPENSSL_malloc(sizeof(*mhdr));
    if (!mhdr)
        goto err;
    mhdr->name = tmpname;
@ -883,7 +883,7 @@ static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value)
            goto err;
    }
    /* Parameter values are case sensitive so leave as is */
-    mparam = OPENSSL_malloc(sizeof(MIME_PARAM));
+    mparam = OPENSSL_malloc(sizeof(*mparam));
    if (!mparam)
        goto err;
    mparam->param_name = tmpname;
--- a/crypto/asn1/bio_asn1.c
+++ b/crypto/asn1/bio_asn1.c
@ -146,7 +146,7 @@ BIO_METHOD *BIO_f_asn1(void)
 static int asn1_bio_new(BIO *b)
 {
    BIO_ASN1_BUF_CTX *ctx;
-    ctx = OPENSSL_malloc(sizeof(BIO_ASN1_BUF_CTX));
+    ctx = OPENSSL_malloc(sizeof(*ctx));
    if (!ctx)
        return 0;
    if (!asn1_bio_init(ctx, DEFAULT_ASN1_BUF_SIZE)) {
--- a/crypto/asn1/bio_ndef.c
+++ b/crypto/asn1/bio_ndef.c
@ -106,7 +106,7 @@ BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it)
        ASN1err(ASN1_F_BIO_NEW_NDEF, ASN1_R_STREAMING_NOT_SUPPORTED);
        return NULL;
    }
-    ndef_aux = OPENSSL_malloc(sizeof(NDEF_SUPPORT));
+    ndef_aux = OPENSSL_malloc(sizeof(*ndef_aux));
    asn_bio = BIO_new(BIO_f_asn1());
    /* ASN1 bio needs to be next to output BIO */
--- a/crypto/asn1/tasn_new.c
+++ b/crypto/asn1/tasn_new.c
@ -319,7 +319,7 @@ static int asn1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
        return 1;
    case V_ASN1_ANY:
-        typ = OPENSSL_malloc(sizeof(ASN1_TYPE));
+        typ = OPENSSL_malloc(sizeof(*typ));
        if (!typ)
            return 0;
        typ->value.ptr = NULL;
--- a/crypto/asn1/tasn_prn.c
+++ b/crypto/asn1/tasn_prn.c
@ -85,7 +85,7 @@ ASN1_PCTX default_pctx = {
 ASN1_PCTX *ASN1_PCTX_new(void)
 {
    ASN1_PCTX *ret;
-    ret = OPENSSL_malloc(sizeof(ASN1_PCTX));
+    ret = OPENSSL_malloc(sizeof(*ret));
    if (ret == NULL) {
        ASN1err(ASN1_F_ASN1_PCTX_NEW, ERR_R_MALLOC_FAILURE);
        return NULL;
--- a/crypto/asn1/tasn_scn.c
+++ b/crypto/asn1/tasn_scn.c
@ -75,7 +75,7 @@
 ASN1_SCTX *ASN1_SCTX_new(int (*scan_cb) (ASN1_SCTX *ctx))
 {
    ASN1_SCTX *ret;
-    ret = OPENSSL_malloc(sizeof(ASN1_SCTX));
+    ret = OPENSSL_malloc(sizeof(*ret));
    if (ret == NULL) {
        ASN1err(ASN1_F_ASN1_SCTX_NEW, ERR_R_MALLOC_FAILURE);
        return NULL;
--- a/crypto/asn1/x_crl.c
+++ b/crypto/asn1/x_crl.c
@ -476,7 +476,7 @@ X509_CRL_METHOD *X509_CRL_METHOD_new(int (*crl_init) (X509_CRL *crl),
                                                        EVP_PKEY *pk))
 {
    X509_CRL_METHOD *m;
-    m = OPENSSL_malloc(sizeof(X509_CRL_METHOD));
+    m = OPENSSL_malloc(sizeof(*m));
    if (!m)
        return NULL;
    m->crl_init = crl_init;
--- a/crypto/asn1/x_info.c
+++ b/crypto/asn1/x_info.c
@ -66,7 +66,7 @@ X509_INFO *X509_INFO_new(void)
 {
    X509_INFO *ret = NULL;
-    ret = OPENSSL_malloc(sizeof(X509_INFO));
+    ret = OPENSSL_malloc(sizeof(*ret));
    if (ret == NULL) {
        ASN1err(ASN1_F_X509_INFO_NEW, ERR_R_MALLOC_FAILURE);
        return (NULL);
--- a/crypto/asn1/x_pkey.c
+++ b/crypto/asn1/x_pkey.c
@ -66,10 +66,10 @@ X509_PKEY *X509_PKEY_new(void)
 {
    X509_PKEY *ret = NULL;
-    ret = OPENSSL_malloc(sizeof(X509_PKEY));
+    ret = OPENSSL_malloc(sizeof(*ret));
    if (!ret)
        goto err;
-    memset(ret, 0, sizeof(X509_PKEY));
+    memset(ret, 0, sizeof(*ret));
    ret->version = 0;
    ret->enc_algor = X509_ALGOR_new();
--- a/crypto/bio/bf_buff.c
+++ b/crypto/bio/bf_buff.c
@ -91,9 +91,8 @@ BIO_METHOD *BIO_f_buffer(void)
 static int buffer_new(BIO *bi)
 {
-    BIO_F_BUFFER_CTX *ctx;
+    BIO_F_BUFFER_CTX *ctx = OPENSSL_malloc(sizeof(*ctx));
    ctx = OPENSSL_malloc(sizeof(BIO_F_BUFFER_CTX));
    if (ctx == NULL)
        return (0);
    ctx->ibuf = OPENSSL_malloc(DEFAULT_BUFFER_SIZE);
--- a/crypto/bio/bf_lbuf.c
+++ b/crypto/bio/bf_lbuf.c
@ -104,7 +104,7 @@ static int linebuffer_new(BIO *bi)
 {
    BIO_LINEBUFFER_CTX *ctx;
-    ctx = OPENSSL_malloc(sizeof(BIO_LINEBUFFER_CTX));
+    ctx = OPENSSL_malloc(sizeof(*ctx));
    if (ctx == NULL)
        return (0);
    ctx->obuf = OPENSSL_malloc(DEFAULT_LINEBUFFER_SIZE);
--- a/crypto/bio/bf_nbio.c
+++ b/crypto/bio/bf_nbio.c
@ -102,7 +102,7 @@ static int nbiof_new(BIO *bi)
 {
    NBIO_TEST *nt;
-    if (!(nt = OPENSSL_malloc(sizeof(NBIO_TEST))))
+    if (!(nt = OPENSSL_malloc(sizeof(*nt))))
        return (0);
    nt->lrn = -1;
    nt->lwn = -1;
--- a/crypto/bio/bio_lib.c
+++ b/crypto/bio/bio_lib.c
@ -65,9 +65,8 @@
 BIO *BIO_new(BIO_METHOD *method)
 {
-    BIO *ret = NULL;
+    BIO *ret = OPENSSL_malloc(sizeof(*ret));
    ret = OPENSSL_malloc(sizeof(BIO));
    if (ret == NULL) {
        BIOerr(BIO_F_BIO_NEW, ERR_R_MALLOC_FAILURE);
        return (NULL);
--- a/crypto/bio/bss_acpt.c
+++ b/crypto/bio/bss_acpt.c
@ -137,7 +137,7 @@ static BIO_ACCEPT *BIO_ACCEPT_new(void)
 {
    BIO_ACCEPT *ret;
-    if ((ret = OPENSSL_malloc(sizeof(BIO_ACCEPT))) == NULL)
+    if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL)
        return (NULL);
    memset(ret, 0, sizeof(BIO_ACCEPT));
--- a/crypto/bio/bss_bio.c
+++ b/crypto/bio/bss_bio.c
@ -144,7 +144,7 @@ static int bio_new(BIO *bio)
 {
    struct bio_bio_st *b;
-    b = OPENSSL_malloc(sizeof *b);
+    b = OPENSSL_malloc(sizeof(*b));
    if (b == NULL)
        return 0;
--- a/crypto/bio/bss_conn.c
+++ b/crypto/bio/bss_conn.c
@ -286,7 +286,7 @@ BIO_CONNECT *BIO_CONNECT_new(void)
 {
    BIO_CONNECT *ret;
-    if ((ret = OPENSSL_malloc(sizeof(BIO_CONNECT))) == NULL)
+    if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL)
        return (NULL);
    ret->state = BIO_CONN_S_BEFORE;
    ret->param_hostname = NULL;
--- a/crypto/bio/bss_dgram.c
+++ b/crypto/bio/bss_dgram.c
@ -225,7 +225,7 @@ static int dgram_new(BIO *bi)
    bi->init = 0;
    bi->num = 0;
-    data = OPENSSL_malloc(sizeof(bio_dgram_data));
+    data = OPENSSL_malloc(sizeof(*data));
    if (data == NULL)
        return 0;
    memset(data, 0x00, sizeof(bio_dgram_data));
@ -1085,7 +1085,7 @@ static int dgram_sctp_new(BIO *bi)
    bi->init = 0;
    bi->num = 0;
-    data = OPENSSL_malloc(sizeof(bio_dgram_sctp_data));
+    data = OPENSSL_malloc(sizeof(*data));
    if (data == NULL)
        return 0;
    memset(data, 0x00, sizeof(bio_dgram_sctp_data));
--- a/crypto/bn/Makefile
+++ b/crypto/bn/Makefile
@ -215,7 +215,7 @@ bn_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 bn_depr.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
 bn_depr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 bn_depr.o: ../cryptlib.h ../include/internal/bn_int.h bn_depr.c bn_lcl.h
-bn_dh.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+bn_dh.o: ../../e_os.h ../../include/openssl/bn.h ../../include/openssl/crypto.h
 bn_dh.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
 bn_dh.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 bn_dh.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
@ -391,12 +391,12 @@ bn_sqrt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 bn_sqrt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 bn_sqrt.o: ../../include/openssl/symhacks.h ../cryptlib.h
 bn_sqrt.o: ../include/internal/bn_int.h bn_lcl.h bn_sqrt.c
-bn_srp.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+bn_srp.o: ../../e_os.h ../../include/openssl/bn.h
-bn_srp.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+bn_srp.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-bn_srp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_srp.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-bn_srp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_srp.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-bn_srp.o: ../../include/openssl/symhacks.h ../include/internal/bn_int.h
+bn_srp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_srp.o: bn_lcl.h bn_srp.c
+bn_srp.o: ../include/internal/bn_int.h bn_lcl.h bn_srp.c
 bn_word.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
 bn_word.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 bn_word.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
--- a/crypto/bn/bn_blind.c
+++ b/crypto/bn/bn_blind.c
@ -137,7 +137,7 @@ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod)
    bn_check_top(mod);
-    if ((ret = OPENSSL_malloc(sizeof(BN_BLINDING))) == NULL) {
+    if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL) {
        BNerr(BN_F_BN_BLINDING_NEW, ERR_R_MALLOC_FAILURE);
        return (NULL);
    }
--- a/crypto/bn/bn_ctx.c
+++ b/crypto/bn/bn_ctx.c
@ -186,7 +186,7 @@ static void ctxdbg(BN_CTX *ctx)
 BN_CTX *BN_CTX_new(void)
 {
-    BN_CTX *ret = OPENSSL_malloc(sizeof(BN_CTX));
+    BN_CTX *ret = OPENSSL_malloc(sizeof(*ret));
    if (!ret) {
        BNerr(BN_F_BN_CTX_NEW, ERR_R_MALLOC_FAILURE);
        return NULL;
@ -353,7 +353,7 @@ static BIGNUM *BN_POOL_get(BN_POOL *p)
    if (p->used == p->size) {
        BIGNUM *bn;
        unsigned int loop = 0;
-        BN_POOL_ITEM *item = OPENSSL_malloc(sizeof(BN_POOL_ITEM));
+        BN_POOL_ITEM *item = OPENSSL_malloc(sizeof(*item));
        if (!item)
            return NULL;
        /* Initialise the structure */
--- a/crypto/bn/bn_gf2m.c
+++ b/crypto/bn/bn_gf2m.c
@ -551,7 +551,7 @@ int BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
    bn_check_top(a);
    bn_check_top(b);
    bn_check_top(p);
-    if ((arr = OPENSSL_malloc(sizeof(int) * max)) == NULL)
+    if ((arr = OPENSSL_malloc(sizeof(*arr) * max)) == NULL)
        goto err;
    ret = BN_GF2m_poly2arr(p, arr, max);
    if (!ret || ret > max) {
@ -609,7 +609,7 @@ int BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
    bn_check_top(a);
    bn_check_top(p);
-    if ((arr = OPENSSL_malloc(sizeof(int) * max)) == NULL)
+    if ((arr = OPENSSL_malloc(sizeof(*arr) * max)) == NULL)
        goto err;
    ret = BN_GF2m_poly2arr(p, arr, max);
    if (!ret || ret > max) {
@ -1025,7 +1025,7 @@ int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
    bn_check_top(a);
    bn_check_top(b);
    bn_check_top(p);
-    if ((arr = OPENSSL_malloc(sizeof(int) * max)) == NULL)
+    if ((arr = OPENSSL_malloc(sizeof(*arr) * max)) == NULL)
        goto err;
    ret = BN_GF2m_poly2arr(p, arr, max);
    if (!ret || ret > max) {
@ -1084,7 +1084,7 @@ int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
    int *arr = NULL;
    bn_check_top(a);
    bn_check_top(p);
-    if ((arr = OPENSSL_malloc(sizeof(int) * max)) == NULL)
+    if ((arr = OPENSSL_malloc(sizeof(*arr) * max)) == NULL)
        goto err;
    ret = BN_GF2m_poly2arr(p, arr, max);
    if (!ret || ret > max) {
@ -1214,7 +1214,7 @@ int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
    int *arr = NULL;
    bn_check_top(a);
    bn_check_top(p);
-    if ((arr = OPENSSL_malloc(sizeof(int) * max)) == NULL)
+    if ((arr = OPENSSL_malloc(sizeof(*arr) * max)) == NULL)
        goto err;
    ret = BN_GF2m_poly2arr(p, arr, max);
    if (!ret || ret > max) {
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@ -268,7 +268,7 @@ BIGNUM *BN_new(void)
 {
    BIGNUM *ret;
-    if ((ret = OPENSSL_malloc(sizeof(BIGNUM))) == NULL) {
+    if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL) {
        BNerr(BN_F_BN_NEW, ERR_R_MALLOC_FAILURE);
        return (NULL);
    }
@ -299,7 +299,7 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words)
        BNerr(BN_F_BN_EXPAND_INTERNAL, BN_R_EXPAND_ON_STATIC_BIGNUM_DATA);
        return (NULL);
    }
-    a = A = OPENSSL_malloc(sizeof(BN_ULONG) * words);
+    a = A = OPENSSL_malloc(sizeof(*a) * words);
    if (A == NULL) {
        BNerr(BN_F_BN_EXPAND_INTERNAL, ERR_R_MALLOC_FAILURE);
        return (NULL);
@ -919,7 +919,7 @@ BN_GENCB *BN_GENCB_new(void)
 {
    BN_GENCB *ret;
-    if ((ret = OPENSSL_malloc(sizeof(BN_GENCB))) == NULL) {
+    if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL) {
        BNerr(BN_F_BN_GENCB_NEW, ERR_R_MALLOC_FAILURE);
        return (NULL);
    }
--- a/crypto/bn/bn_mont.c
+++ b/crypto/bn/bn_mont.c
@ -314,7 +314,7 @@ BN_MONT_CTX *BN_MONT_CTX_new(void)
 {
    BN_MONT_CTX *ret;
-    if ((ret = OPENSSL_malloc(sizeof(BN_MONT_CTX))) == NULL)
+    if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL)
        return (NULL);
    BN_MONT_CTX_init(ret);
--- a/crypto/bn/bn_recp.c
+++ b/crypto/bn/bn_recp.c
@ -71,7 +71,7 @@ BN_RECP_CTX *BN_RECP_CTX_new(void)
 {
    BN_RECP_CTX *ret;
-    if ((ret = OPENSSL_malloc(sizeof(BN_RECP_CTX))) == NULL)
+    if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL)
        return (NULL);
    BN_RECP_CTX_init(ret);
--- a/crypto/buffer/buffer.c
+++ b/crypto/buffer/buffer.c
@ -71,7 +71,7 @@ BUF_MEM *BUF_MEM_new(void)
 {
    BUF_MEM *ret;
-    ret = OPENSSL_malloc(sizeof(BUF_MEM));
+    ret = OPENSSL_malloc(sizeof(*ret));
    if (ret == NULL) {
        BUFerr(BUF_F_BUF_MEM_NEW, ERR_R_MALLOC_FAILURE);
        return (NULL);
--- a/crypto/cmac/cmac.c
+++ b/crypto/cmac/cmac.c
@ -90,7 +90,8 @@ static void make_kn(unsigned char *k1, const unsigned char *l, int bl)
 CMAC_CTX *CMAC_CTX_new(void)
 {
    CMAC_CTX *ctx;
-    ctx = OPENSSL_malloc(sizeof(CMAC_CTX));
+
    ctx = OPENSSL_malloc(sizeof(*ctx));
    if (!ctx)
        return NULL;
    EVP_CIPHER_CTX_init(&ctx->cctx);
--- a/crypto/comp/c_zlib.c
+++ b/crypto/comp/c_zlib.c
@ -119,7 +119,7 @@ static int zlib_stateful_ex_idx = -1;
 static int zlib_stateful_init(COMP_CTX *ctx)
 {
    int err;
-    struct zlib_state *state = OPENSSL_malloc(sizeof(struct zlib_state));
+    struct zlib_state *state = OPENSSL_malloc(sizeof(*state));
    if (state == NULL)
        goto err;
@ -347,7 +347,7 @@ static int bio_zlib_new(BIO *bi)
        return 0;
    }
 # endif
-    ctx = OPENSSL_malloc(sizeof(BIO_ZLIB_CTX));
+    ctx = OPENSSL_malloc(sizeof(*ctx));
    if (!ctx) {
        COMPerr(COMP_F_BIO_ZLIB_NEW, ERR_R_MALLOC_FAILURE);
        return 0;
--- a/crypto/comp/comp_lib.c
+++ b/crypto/comp/comp_lib.c
@ -8,7 +8,7 @@ COMP_CTX *COMP_CTX_new(COMP_METHOD *meth)
 {
    COMP_CTX *ret;
-    if ((ret = OPENSSL_malloc(sizeof(COMP_CTX))) == NULL) {
+    if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL) {
        /* ZZZZZZZZZZZZZZZZ */
        return (NULL);
    }
--- a/crypto/conf/conf_api.c
+++ b/crypto/conf/conf_api.c
@ -255,7 +255,7 @@ CONF_VALUE *_CONF_new_section(CONF *conf, const char *section)
    if ((sk = sk_CONF_VALUE_new_null()) == NULL)
        goto err;
-    if ((v = OPENSSL_malloc(sizeof(CONF_VALUE))) == NULL)
+    if ((v = OPENSSL_malloc(sizeof(*v))) == NULL)
        goto err;
    i = strlen(section) + 1;
    if ((v->section = OPENSSL_malloc(i)) == NULL)
--- a/crypto/conf/conf_def.c
+++ b/crypto/conf/conf_def.c
@ -130,7 +130,7 @@ static CONF *def_create(CONF_METHOD *meth)
 {
    CONF *ret;
-    ret = OPENSSL_malloc(sizeof(CONF) + sizeof(unsigned short *));
+    ret = OPENSSL_malloc(sizeof(*ret));
    if (ret)
        if (meth->init(ret) == 0) {
            OPENSSL_free(ret);
@ -357,7 +357,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
            p++;
            *p = '\0';
-            if (!(v = OPENSSL_malloc(sizeof(CONF_VALUE)))) {
+            if (!(v = OPENSSL_malloc(sizeof(*v)))) {
                CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE);
                goto err;
            }
--- a/crypto/conf/conf_mod.c
+++ b/crypto/conf/conf_mod.c
@ -281,7 +281,7 @@ static CONF_MODULE *module_add(DSO *dso, const char *name,
        supported_modules = sk_CONF_MODULE_new_null();
    if (supported_modules == NULL)
        return NULL;
-    tmod = OPENSSL_malloc(sizeof(CONF_MODULE));
+    tmod = OPENSSL_malloc(sizeof(*tmod));
    if (tmod == NULL)
        return NULL;
@ -336,7 +336,7 @@ static int module_init(CONF_MODULE *pmod, char *name, char *value,
    CONF_IMODULE *imod = NULL;
    /* Otherwise add initialized module to list */
-    imod = OPENSSL_malloc(sizeof(CONF_IMODULE));
+    imod = OPENSSL_malloc(sizeof(*imod));
    if (!imod)
        goto err;
--- a/crypto/dh/dh_lib.c
+++ b/crypto/dh/dh_lib.c
@ -109,7 +109,7 @@ DH *DH_new(void)
 DH *DH_new_method(ENGINE *engine)
 {
-    DH *ret = OPENSSL_malloc(sizeof(DH));
+    DH *ret = OPENSSL_malloc(sizeof(*ret));
    if (ret == NULL) {
        DHerr(DH_F_DH_NEW_METHOD, ERR_R_MALLOC_FAILURE);
--- a/crypto/dh/dh_pmeth.c
+++ b/crypto/dh/dh_pmeth.c
@ -98,7 +98,7 @@ typedef struct {
 static int pkey_dh_init(EVP_PKEY_CTX *ctx)
 {
    DH_PKEY_CTX *dctx;
-    dctx = OPENSSL_malloc(sizeof(DH_PKEY_CTX));
+    dctx = OPENSSL_malloc(sizeof(*dctx));
    if (!dctx)
        return 0;
    dctx->prime_len = 1024;
--- a/crypto/dsa/dsa_asn1.c
+++ b/crypto/dsa/dsa_asn1.c
@ -70,7 +70,7 @@ static int sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
 {
    if (operation == ASN1_OP_NEW_PRE) {
        DSA_SIG *sig;
-        sig = OPENSSL_malloc(sizeof(DSA_SIG));
+        sig = OPENSSL_malloc(sizeof(*sig));
        if (!sig) {
            DSAerr(DSA_F_SIG_CB, ERR_R_MALLOC_FAILURE);
            return 0;
--- a/crypto/dsa/dsa_lib.c
+++ b/crypto/dsa/dsa_lib.c
@ -117,7 +117,7 @@ DSA *DSA_new_method(ENGINE *engine)
 {
    DSA *ret;
-    ret = OPENSSL_malloc(sizeof(DSA));
+    ret = OPENSSL_malloc(sizeof(*ret));
    if (ret == NULL) {
        DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
        return (NULL);
--- a/crypto/dsa/dsa_pmeth.c
+++ b/crypto/dsa/dsa_pmeth.c
@ -81,7 +81,7 @@ typedef struct {
 static int pkey_dsa_init(EVP_PKEY_CTX *ctx)
 {
    DSA_PKEY_CTX *dctx;
-    dctx = OPENSSL_malloc(sizeof(DSA_PKEY_CTX));
+    dctx = OPENSSL_malloc(sizeof(*dctx));
    if (!dctx)
        return 0;
    dctx->nbits = 1024;
--- a/crypto/dso/dso_lib.c
+++ b/crypto/dso/dso_lib.c
@ -104,7 +104,7 @@ DSO *DSO_new_method(DSO_METHOD *meth)
         */
        default_DSO_meth = DSO_METHOD_openssl();
    }
-    ret = OPENSSL_malloc(sizeof(DSO));
+    ret = OPENSSL_malloc(sizeof(*ret));
    if (ret == NULL) {
        DSOerr(DSO_F_DSO_NEW_METHOD, ERR_R_MALLOC_FAILURE);
        return (NULL);
--- a/crypto/dso/dso_vms.c
+++ b/crypto/dso/dso_vms.c
@ -230,7 +230,7 @@ static int vms_load(DSO *dso)
        goto err;
    }
-    p = DSO_MALLOC(sizeof(DSO_VMS_INTERNAL));
+    p = DSO_MALLOC(sizeof(*p));
    if (p == NULL) {
        DSOerr(DSO_F_VMS_LOAD, ERR_R_MALLOC_FAILURE);
        goto err;
--- a/crypto/dso/dso_win32.c
+++ b/crypto/dso/dso_win32.c
@ -168,7 +168,7 @@ static int win32_load(DSO *dso)
        ERR_add_error_data(3, "filename(", filename, ")");
        goto err;
    }
-    p = OPENSSL_malloc(sizeof(HINSTANCE));
+    p = OPENSSL_malloc(sizeof(*p));
    if (p == NULL) {
        DSOerr(DSO_F_WIN32_LOAD, ERR_R_MALLOC_FAILURE);
        goto err;
@ -304,7 +304,7 @@ static struct file_st *win32_splitter(DSO *dso, const char *filename,
        return (NULL);
    }
-    result = OPENSSL_malloc(sizeof(struct file_st));
+    result = OPENSSL_malloc(sizeof(*result));
    if (result == NULL) {
        DSOerr(DSO_F_WIN32_SPLITTER, ERR_R_MALLOC_FAILURE);
        return (NULL);
--- a/crypto/ec/Makefile
+++ b/crypto/ec/Makefile
@ -143,11 +143,12 @@ ec_check.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
 ec_check.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 ec_check.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 ec_check.o: ../../include/openssl/symhacks.h ec_check.c ec_lcl.h
-ec_curve.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ec_curve.o: ../../e_os.h ../../include/openssl/asn1.h
-ec_curve.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ec_curve.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-ec_curve.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ec_curve.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-ec_curve.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ec_curve.o: ../../include/openssl/ec.h ../../include/openssl/err.h
-ec_curve.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ec_curve.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
 ec_curve.o: ../../include/openssl/opensslconf.h
 ec_curve.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 ec_curve.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 ec_curve.o: ../../include/openssl/symhacks.h ec_curve.c ec_lcl.h
--- a/crypto/ec/ec_key.c
+++ b/crypto/ec/ec_key.c
@ -67,9 +67,8 @@
 EC_KEY *EC_KEY_new(void)
 {
-    EC_KEY *ret;
+    EC_KEY *ret = OPENSSL_malloc(sizeof(*ret));
    ret = OPENSSL_malloc(sizeof(EC_KEY));
    if (ret == NULL) {
        ECerr(EC_F_EC_KEY_NEW, ERR_R_MALLOC_FAILURE);
        return (NULL);
--- a/crypto/ec/ec_lib.c
+++ b/crypto/ec/ec_lib.c
@ -85,7 +85,7 @@ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth)
        return NULL;
    }
-    ret = OPENSSL_malloc(sizeof *ret);
+    ret = OPENSSL_malloc(sizeof(*ret));
    if (ret == NULL) {
        ECerr(EC_F_EC_GROUP_NEW, ERR_R_MALLOC_FAILURE);
        return NULL;
@ -158,7 +158,7 @@ void EC_GROUP_clear_free(EC_GROUP *group)
    BN_clear_free(group->order);
    BN_clear_free(group->cofactor);
    OPENSSL_clear_free(group->seed, group->seed_len);
-    OPENSSL_clear_free(group, sizeof *group);
+    OPENSSL_clear_free(group, sizeof(*group));
 }
 int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src)
@ -555,7 +555,7 @@ int EC_EX_DATA_set_data(EC_EXTRA_DATA **ex_data, void *data,
        /* no explicit entry needed */
        return 1;
-    d = OPENSSL_malloc(sizeof *d);
+    d = OPENSSL_malloc(sizeof(*d));
    if (d == NULL)
        return 0;
@ -692,7 +692,7 @@ EC_POINT *EC_POINT_new(const EC_GROUP *group)
        return NULL;
    }
-    ret = OPENSSL_malloc(sizeof *ret);
+    ret = OPENSSL_malloc(sizeof(*ret));
    if (ret == NULL) {
        ECerr(EC_F_EC_POINT_NEW, ERR_R_MALLOC_FAILURE);
        return NULL;
@ -727,7 +727,7 @@ void EC_POINT_clear_free(EC_POINT *point)
        point->meth->point_clear_finish(point);
    else if (point->meth->point_finish != 0)
        point->meth->point_finish(point);
-    OPENSSL_clear_free(point, sizeof *point);
+    OPENSSL_clear_free(point, sizeof(*point));
 }
 int EC_POINT_copy(EC_POINT *dest, const EC_POINT *src)
--- a/crypto/ec/ec_mult.c
+++ b/crypto/ec/ec_mult.c
@ -100,7 +100,7 @@ static EC_PRE_COMP *ec_pre_comp_new(const EC_GROUP *group)
    if (!group)
        return NULL;
-    ret = OPENSSL_malloc(sizeof(EC_PRE_COMP));
+    ret = OPENSSL_malloc(sizeof(*ret));
    if (!ret) {
        ECerr(EC_F_EC_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
        return ret;
@ -165,11 +165,11 @@ static void ec_pre_comp_clear_free(void *pre_)
        for (p = pre->points; *p != NULL; p++) {
            EC_POINT_clear_free(*p);
-            OPENSSL_cleanse(p, sizeof *p);
+            OPENSSL_cleanse(p, sizeof(*p));
        }
        OPENSSL_free(pre->points);
    }
-    OPENSSL_clear_free(pre, sizeof *pre);
+    OPENSSL_clear_free(pre, sizeof(*pre));
 }
 /*
@ -659,7 +659,7 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx)
    num = pre_points_per_block * numblocks; /* number of points to compute
                                             * and store */
-    points = OPENSSL_malloc(sizeof(EC_POINT *) * (num + 1));
+    points = OPENSSL_malloc(sizeof(*points) * (num + 1));
    if (!points) {
        ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_MALLOC_FAILURE);
        goto err;
--- a/crypto/ec/ec_pmeth.c
+++ b/crypto/ec/ec_pmeth.c
@ -91,7 +91,8 @@ typedef struct {
 static int pkey_ec_init(EVP_PKEY_CTX *ctx)
 {
    EC_PKEY_CTX *dctx;
-    dctx = OPENSSL_malloc(sizeof(EC_PKEY_CTX));
+
    dctx = OPENSSL_malloc(sizeof(*dctx));
    if (!dctx)
        return 0;
    dctx->gen_group = NULL;
--- a/crypto/ec/ecp_nistp224.c
+++ b/crypto/ec/ecp_nistp224.c
@ -1200,7 +1200,7 @@ static void batch_mul(felem x_out, felem y_out, felem z_out,
 static NISTP224_PRE_COMP *nistp224_pre_comp_new()
 {
    NISTP224_PRE_COMP *ret = NULL;
-    ret = OPENSSL_malloc(sizeof *ret);
+    ret = OPENSSL_malloc(sizeof(*ret));
    if (!ret) {
        ECerr(EC_F_NISTP224_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
        return ret;
@ -1247,7 +1247,7 @@ static void nistp224_pre_comp_clear_free(void *pre_)
    if (i > 0)
        return;
-    OPENSSL_clear_free(pre, sizeof *pre);
+    OPENSSL_clear_free(pre, sizeof(*pre));
 }
 /******************************************************************************/
--- a/crypto/ec/ecp_nistp256.c
+++ b/crypto/ec/ecp_nistp256.c
@ -1815,7 +1815,7 @@ const EC_METHOD *EC_GFp_nistp256_method(void)
 static NISTP256_PRE_COMP *nistp256_pre_comp_new()
 {
    NISTP256_PRE_COMP *ret = NULL;
-    ret = OPENSSL_malloc(sizeof *ret);
+    ret = OPENSSL_malloc(sizeof(*ret));
    if (!ret) {
        ECerr(EC_F_NISTP256_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
        return ret;
@ -1862,7 +1862,7 @@ static void nistp256_pre_comp_clear_free(void *pre_)
    if (i > 0)
        return;
-    OPENSSL_clear_free(pre, sizeof *pre);
+    OPENSSL_clear_free(pre, sizeof(*pre));
 }
 /******************************************************************************/
--- a/crypto/ec/ecp_nistp521.c
+++ b/crypto/ec/ecp_nistp521.c
@ -1643,8 +1643,8 @@ const EC_METHOD *EC_GFp_nistp521_method(void)
 static NISTP521_PRE_COMP *nistp521_pre_comp_new()
 {
-    NISTP521_PRE_COMP *ret = NULL;
+    NISTP521_PRE_COMP *ret = OPENSSL_malloc(sizeof(*ret));
-    ret = OPENSSL_malloc(sizeof(NISTP521_PRE_COMP));
+
    if (!ret) {
        ECerr(EC_F_NISTP521_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
        return ret;
--- a/crypto/ec/ecp_nistz256.c
+++ b/crypto/ec/ecp_nistz256.c
@ -1408,7 +1408,7 @@ static EC_PRE_COMP *ecp_nistz256_pre_comp_new(const EC_GROUP *group)
    if (!group)
        return NULL;
-    ret = OPENSSL_malloc(sizeof(EC_PRE_COMP));
+    ret = OPENSSL_malloc(sizeof(*ret));
    if (!ret) {
        ECerr(EC_F_ECP_NISTZ256_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
@ -1463,7 +1463,7 @@ static void ecp_nistz256_pre_comp_clear_free(void *pre_)
    OPENSSL_clear_free(pre->precomp,
                       32 * sizeof(unsigned char) * (1 << pre->w) * 2 * 37);
-    OPENSSL_clear_free(pre, sizeof *pre);
+    OPENSSL_clear_free(pre, sizeof(*pre));
 }
 static int ecp_nistz256_window_have_precompute_mult(const EC_GROUP *group)
--- a/crypto/ecdh/ech_lib.c
+++ b/crypto/ecdh/ech_lib.c
@ -117,7 +117,7 @@ static ECDH_DATA *ECDH_DATA_new_method(ENGINE *engine)
 {
    ECDH_DATA *ret;
-    ret = OPENSSL_malloc(sizeof(ECDH_DATA));
+    ret = OPENSSL_malloc(sizeof(*ret));
    if (ret == NULL) {
        ECDHerr(ECDH_F_ECDH_DATA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
        return (NULL);
--- a/crypto/ecdsa/ecs_lib.c
+++ b/crypto/ecdsa/ecs_lib.c
@ -105,7 +105,7 @@ static ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *engine)
 {
    ECDSA_DATA *ret;
-    ret = OPENSSL_malloc(sizeof(ECDSA_DATA));
+    ret = OPENSSL_malloc(sizeof(*ret));
    if (ret == NULL) {
        ECDSAerr(ECDSA_F_ECDSA_DATA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
        return (NULL);
@ -253,7 +253,7 @@ ECDSA_METHOD *ECDSA_METHOD_new(ECDSA_METHOD *ecdsa_meth)
 {
    ECDSA_METHOD *ret;
-    ret = OPENSSL_malloc(sizeof(ECDSA_METHOD));
+    ret = OPENSSL_malloc(sizeof(*ret));
    if (ret == NULL) {
        ECDSAerr(ECDSA_F_ECDSA_METHOD_NEW, ERR_R_MALLOC_FAILURE);
        return NULL;
--- a/crypto/engine/eng_dyn.c
+++ b/crypto/engine/eng_dyn.c
@ -202,8 +202,8 @@ static void dynamic_data_ctx_free_func(void *parent, void *ptr,
 */
 static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx)
 {
-    dynamic_data_ctx *c;
+    dynamic_data_ctx *c = OPENSSL_malloc(sizeof(*c));
-    c = OPENSSL_malloc(sizeof(dynamic_data_ctx));
+
    if (!c) {
        ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX, ERR_R_MALLOC_FAILURE);
        return 0;
--- a/crypto/engine/eng_lib.c
+++ b/crypto/engine/eng_lib.c
@ -66,7 +66,7 @@ ENGINE *ENGINE_new(void)
 {
    ENGINE *ret;
-    ret = OPENSSL_malloc(sizeof(ENGINE));
+    ret = OPENSSL_malloc(sizeof(*ret));
    if (ret == NULL) {
        ENGINEerr(ENGINE_F_ENGINE_NEW, ERR_R_MALLOC_FAILURE);
        return NULL;
@ -163,7 +163,7 @@ static int int_cleanup_check(int create)
 static ENGINE_CLEANUP_ITEM *int_cleanup_item(ENGINE_CLEANUP_CB *cb)
 {
-    ENGINE_CLEANUP_ITEM *item = OPENSSL_malloc(sizeof(ENGINE_CLEANUP_ITEM));
+    ENGINE_CLEANUP_ITEM *item = OPENSSL_malloc(sizeof(*item));
    if (!item)
        return NULL;
    item->cb = cb;
--- a/crypto/engine/eng_openssl.c
+++ b/crypto/engine/eng_openssl.c
@ -425,7 +425,7 @@ typedef struct {
 static int ossl_hmac_init(EVP_PKEY_CTX *ctx)
 {
    OSSL_HMAC_PKEY_CTX *hctx;
-    hctx = OPENSSL_malloc(sizeof(OSSL_HMAC_PKEY_CTX));
+    hctx = OPENSSL_malloc(sizeof(*hctx));
    if (!hctx)
        return 0;
    hctx->md = NULL;
--- a/crypto/engine/eng_table.c
+++ b/crypto/engine/eng_table.c
@ -147,7 +147,7 @@ int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
        tmplate.nid = *nids;
        fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate);
        if (!fnd) {
-            fnd = OPENSSL_malloc(sizeof(ENGINE_PILE));
+            fnd = OPENSSL_malloc(sizeof(*fnd));
            if (!fnd)
                goto end;
            fnd->uptodate = 1;
--- a/crypto/err/err.c
+++ b/crypto/err/err.c
@ -455,8 +455,8 @@ static void build_SYS_str_reasons(void)
            char (*dest)[LEN_SYS_STR_REASON] = &(strerror_tab[i - 1]);
            char *src = strerror(i);
            if (src != NULL) {
-                strncpy(*dest, src, sizeof *dest);
+                strncpy(*dest, src, sizeof(*dest));
-                (*dest)[sizeof *dest - 1] = '\0';
+                (*dest)[sizeof(*dest) - 1] = '\0';
                str->string = *dest;
            }
        }
@ -882,7 +882,7 @@ ERR_STATE *ERR_get_state(void)
    /* ret == the error state, if NULL, make a new one */
    if (ret == NULL) {
-        ret = OPENSSL_malloc(sizeof(ERR_STATE));
+        ret = OPENSSL_malloc(sizeof(*ret));
        if (ret == NULL)
            return (&fallback);
        CRYPTO_THREADID_cpy(&ret->tid, &tid);
--- a/crypto/evp/bio_b64.c
+++ b/crypto/evp/bio_b64.c
@ -115,7 +115,7 @@ static int b64_new(BIO *bi)
 {
    BIO_B64_CTX *ctx;
-    ctx = OPENSSL_malloc(sizeof(BIO_B64_CTX));
+    ctx = OPENSSL_malloc(sizeof(*ctx));
    if (ctx == NULL)
        return (0);
--- a/crypto/evp/bio_enc.c
+++ b/crypto/evp/bio_enc.c
@ -112,7 +112,7 @@ static int enc_new(BIO *bi)
 {
    BIO_ENC_CTX *ctx;
-    ctx = OPENSSL_malloc(sizeof(BIO_ENC_CTX));
+    ctx = OPENSSL_malloc(sizeof(*ctx));
    if (ctx == NULL)
        return (0);
    EVP_CIPHER_CTX_init(&ctx->cipher);
--- a/crypto/evp/bio_ok.c
+++ b/crypto/evp/bio_ok.c
@ -176,7 +176,7 @@ static int ok_new(BIO *bi)
 {
    BIO_OK_CTX *ctx;
-    ctx = OPENSSL_malloc(sizeof(BIO_OK_CTX));
+    ctx = OPENSSL_malloc(sizeof(*ctx));
    if (ctx == NULL)
        return (0);
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@ -119,12 +119,12 @@
 void EVP_MD_CTX_init(EVP_MD_CTX *ctx)
 {
-    memset(ctx, '\0', sizeof *ctx);
+    memset(ctx, '\0', sizeof(*ctx));
 }
 EVP_MD_CTX *EVP_MD_CTX_create(void)
 {
-    EVP_MD_CTX *ctx = OPENSSL_malloc(sizeof *ctx);
+    EVP_MD_CTX *ctx = OPENSSL_malloc(sizeof(*ctx));
    if (ctx)
        EVP_MD_CTX_init(ctx);
@ -281,7 +281,7 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
    } else
        tmp_buf = NULL;
    EVP_MD_CTX_cleanup(out);
-    memcpy(out, in, sizeof *out);
+    memcpy(out, in, sizeof(*out));
    if (in->md_data && out->digest->ctx_size) {
        if (tmp_buf)
@ -360,7 +360,7 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
         */
        ENGINE_finish(ctx->engine);
 #endif
-    memset(ctx, '\0', sizeof *ctx);
+    memset(ctx, '\0', sizeof(*ctx));
    return 1;
 }
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@ -76,7 +76,7 @@ void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
 EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void)
 {
-    EVP_CIPHER_CTX *ctx = OPENSSL_malloc(sizeof *ctx);
+    EVP_CIPHER_CTX *ctx = OPENSSL_malloc(sizeof(*ctx));
    if (ctx)
        EVP_CIPHER_CTX_init(ctx);
    return ctx;
@ -619,7 +619,7 @@ int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
 #endif
    EVP_CIPHER_CTX_cleanup(out);
-    memcpy(out, in, sizeof *out);
+    memcpy(out, in, sizeof(*out));
    if (in->cipher_data && in->cipher->ctx_size) {
        out->cipher_data = OPENSSL_malloc(in->cipher->ctx_size);
--- a/crypto/evp/evp_pbe.c
+++ b/crypto/evp/evp_pbe.c
@ -226,9 +226,10 @@ int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid,
                         int md_nid, EVP_PBE_KEYGEN *keygen)
 {
    EVP_PBE_CTL *pbe_tmp;
    if (!pbe_algs)
        pbe_algs = sk_EVP_PBE_CTL_new(pbe_cmp);
-    if (!(pbe_tmp = OPENSSL_malloc(sizeof(EVP_PBE_CTL)))) {
+    if (!(pbe_tmp = OPENSSL_malloc(sizeof(*pbe_tmp)))) {
        EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE, ERR_R_MALLOC_FAILURE);
        return 0;
    }
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@ -185,7 +185,7 @@ EVP_PKEY *EVP_PKEY_new(void)
 {
    EVP_PKEY *ret;
-    ret = OPENSSL_malloc(sizeof(EVP_PKEY));
+    ret = OPENSSL_malloc(sizeof(*ret));
    if (ret == NULL) {
        EVPerr(EVP_F_EVP_PKEY_NEW, ERR_R_MALLOC_FAILURE);
        return (NULL);
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@ -165,7 +165,7 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id)
        return NULL;
    }
-    ret = OPENSSL_malloc(sizeof(EVP_PKEY_CTX));
+    ret = OPENSSL_malloc(sizeof(*ret));
    if (!ret) {
 #ifndef OPENSSL_NO_ENGINE
        if (e)
@ -197,7 +197,8 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id)
 EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags)
 {
    EVP_PKEY_METHOD *pmeth;
-    pmeth = OPENSSL_malloc(sizeof(EVP_PKEY_METHOD));
+
    pmeth = OPENSSL_malloc(sizeof(*pmeth));
    if (!pmeth)
        return NULL;
@ -313,7 +314,7 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx)
        return 0;
    }
 #endif
-    rctx = OPENSSL_malloc(sizeof(EVP_PKEY_CTX));
+    rctx = OPENSSL_malloc(sizeof(*rctx));
    if (!rctx)
        return NULL;
--- a/crypto/ex_data.c
+++ b/crypto/ex_data.c
@ -318,7 +318,7 @@ static EX_CLASS_ITEM *def_get_class(int class_index)
    CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA);
    p = lh_EX_CLASS_ITEM_retrieve(ex_data, &d);
    if (!p) {
-        gen = OPENSSL_malloc(sizeof(EX_CLASS_ITEM));
+        gen = OPENSSL_malloc(sizeof(*gen));
        if (gen) {
            gen->class_index = class_index;
            gen->meth_num = 0;
@ -350,7 +350,7 @@ static int def_add_index(EX_CLASS_ITEM *item, long argl, void *argp,
                         CRYPTO_EX_free *free_func)
 {
    int toret = -1;
-    CRYPTO_EX_DATA_FUNCS *a = OPENSSL_malloc(sizeof(CRYPTO_EX_DATA_FUNCS));
+    CRYPTO_EX_DATA_FUNCS *a = OPENSSL_malloc(sizeof(*a));
    if (!a) {
        CRYPTOerr(CRYPTO_F_DEF_ADD_INDEX, ERR_R_MALLOC_FAILURE);
        return -1;
--- a/crypto/hmac/hm_pmeth.c
+++ b/crypto/hmac/hm_pmeth.c
@ -75,7 +75,7 @@ typedef struct {
 static int pkey_hmac_init(EVP_PKEY_CTX *ctx)
 {
    HMAC_PKEY_CTX *hctx;
-    hctx = OPENSSL_malloc(sizeof(HMAC_PKEY_CTX));
+    hctx = OPENSSL_malloc(sizeof(*hctx));
    if (!hctx)
        return 0;
    hctx->md = NULL;
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@ -197,7 +197,7 @@ void HMAC_CTX_cleanup(HMAC_CTX *ctx)
    EVP_MD_CTX_cleanup(&ctx->i_ctx);
    EVP_MD_CTX_cleanup(&ctx->o_ctx);
    EVP_MD_CTX_cleanup(&ctx->md_ctx);
-    memset(ctx, 0, sizeof *ctx);
+    memset(ctx, 0, sizeof(*ctx));
 }
 unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
--- a/crypto/jpake/jpake.c
+++ b/crypto/jpake/jpake.c
@ -107,14 +107,14 @@ static void JPAKE_CTX_release(JPAKE_CTX *ctx)
    OPENSSL_free(ctx->p.peer_name);
    OPENSSL_free(ctx->p.name);
-    memset(ctx, '\0', sizeof *ctx);
+    memset(ctx, '\0', sizeof(*ctx));
 }
 JPAKE_CTX *JPAKE_CTX_new(const char *name, const char *peer_name,
                         const BIGNUM *p, const BIGNUM *g, const BIGNUM *q,
                         const BIGNUM *secret)
 {
-    JPAKE_CTX *ctx = OPENSSL_malloc(sizeof *ctx);
+    JPAKE_CTX *ctx = OPENSSL_malloc(sizeof(*ctx));
    if (ctx == NULL)
        return NULL;
--- a/crypto/lhash/lhash.c
+++ b/crypto/lhash/lhash.c
@ -117,9 +117,9 @@ _LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c)
    _LHASH *ret;
    int i;
-    if ((ret = OPENSSL_malloc(sizeof(_LHASH))) == NULL)
+    if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL)
        goto err0;
-    if ((ret->b = OPENSSL_malloc(sizeof(LHASH_NODE *) * MIN_NODES)) == NULL)
+    if ((ret->b = OPENSSL_malloc(sizeof(*ret->b) * MIN_NODES)) == NULL)
        goto err1;
    for (i = 0; i < MIN_NODES; i++)
        ret->b[i] = NULL;
@ -188,7 +188,7 @@ void *lh_insert(_LHASH *lh, void *data)
    rn = getrn(lh, data, &hash);
    if (*rn == NULL) {
-        if ((nn = OPENSSL_malloc(sizeof(LHASH_NODE))) == NULL) {
+        if ((nn = OPENSSL_malloc(sizeof(*nn))) == NULL) {
            lh->error++;
            return (NULL);
        }
--- a/crypto/lock.c
+++ b/crypto/lock.c
@ -251,7 +251,7 @@ int CRYPTO_get_new_dynlockid(void)
    }
    CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
-    pointer = OPENSSL_malloc(sizeof(CRYPTO_dynlock));
+    pointer = OPENSSL_malloc(sizeof(*pointer));
    if (pointer == NULL) {
        CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID, ERR_R_MALLOC_FAILURE);
        return (0);
--- a/crypto/mem_dbg.c
+++ b/crypto/mem_dbg.c
@ -394,7 +394,7 @@ int CRYPTO_push_info_(const char *info, const char *file, int line)
    if (is_MemCheck_on()) {
        MemCheck_off();         /* obtain MALLOC2 lock */
-        if ((ami = OPENSSL_malloc(sizeof(APP_INFO))) == NULL) {
+        if ((ami = OPENSSL_malloc(sizeof(*ami))) == NULL) {
            ret = 0;
            goto err;
        }
@ -478,7 +478,7 @@ void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line,
        if (is_MemCheck_on()) {
            MemCheck_off();     /* make sure we hold MALLOC2 lock */
-            if ((m = OPENSSL_malloc(sizeof(MEM))) == NULL) {
+            if ((m = OPENSSL_malloc(sizeof(*m))) == NULL) {
                OPENSSL_free(addr);
                MemCheck_on();  /* release MALLOC2 lock if num_disabled drops
                                 * to 0 */
--- a/crypto/modes/gcm128.c
+++ b/crypto/modes/gcm128.c
@ -1701,7 +1701,7 @@ GCM128_CONTEXT *CRYPTO_gcm128_new(void *key, block128_f block)
 {
    GCM128_CONTEXT *ret;
-    if ((ret = OPENSSL_malloc(sizeof(GCM128_CONTEXT))))
+    if ((ret = OPENSSL_malloc(sizeof(*ret))))
        CRYPTO_gcm128_init(ret, key, block);
    return ret;
--- a/crypto/modes/ocb128.c
+++ b/crypto/modes/ocb128.c
@ -210,7 +210,7 @@ OCB128_CONTEXT *CRYPTO_ocb128_new(void *keyenc, void *keydec,
    OCB128_CONTEXT *octx;
    int ret;
-    if ((octx = OPENSSL_malloc(sizeof(OCB128_CONTEXT)))) {
+    if ((octx = OPENSSL_malloc(sizeof(*octx)))) {
        ret = CRYPTO_ocb128_init(octx, keyenc, keydec, encrypt, decrypt);
        if (ret)
            return octx;
--- a/crypto/objects/Makefile
+++ b/crypto/objects/Makefile
@ -106,10 +106,10 @@ obj_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
 obj_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
 obj_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 obj_lib.o: ../cryptlib.h ../include/internal/asn1_int.h obj_lib.c
-obj_xref.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+obj_xref.o: ../../e_os.h ../../include/openssl/asn1.h
-obj_xref.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+obj_xref.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-obj_xref.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+obj_xref.o: ../../include/openssl/e_os2.h ../../include/openssl/obj_mac.h
-obj_xref.o: ../../include/openssl/opensslconf.h
+obj_xref.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 obj_xref.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 obj_xref.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 obj_xref.o: ../../include/openssl/symhacks.h obj_xref.c obj_xref.h
--- a/crypto/objects/o_names.c
+++ b/crypto/objects/o_names.c
@ -83,7 +83,7 @@ int OBJ_NAME_new_index(unsigned long (*hash_func) (const char *),
    names_type_num++;
    for (i = sk_NAME_FUNCS_num(name_funcs_stack); i < names_type_num; i++) {
        MemCheck_off();
-        name_funcs = OPENSSL_malloc(sizeof(NAME_FUNCS));
+        name_funcs = OPENSSL_malloc(sizeof(*name_funcs));
        MemCheck_on();
        if (!name_funcs) {
            OBJerr(OBJ_F_OBJ_NAME_NEW_INDEX, ERR_R_MALLOC_FAILURE);
@ -187,7 +187,7 @@ int OBJ_NAME_add(const char *name, int type, const char *data)
    alias = type & OBJ_NAME_ALIAS;
    type &= ~OBJ_NAME_ALIAS;
-    onp = OPENSSL_malloc(sizeof(OBJ_NAME));
+    onp = OPENSSL_malloc(sizeof(*onp));
    if (onp == NULL) {
        /* ERROR */
        return (0);
@ -310,13 +310,13 @@ void OBJ_NAME_do_all_sorted(int type,
    d.type = type;
    d.names =
-        OPENSSL_malloc(lh_OBJ_NAME_num_items(names_lh) * sizeof *d.names);
+        OPENSSL_malloc(sizeof(*d.names) * lh_OBJ_NAME_num_items(names_lh));
    /* Really should return an error if !d.names...but its a void function! */
    if (d.names) {
        d.n = 0;
        OBJ_NAME_do_all(type, do_all_sorted_fn, &d);
-        qsort((void *)d.names, d.n, sizeof *d.names, do_all_sorted_cmp);
+        qsort((void *)d.names, d.n, sizeof(*d.names), do_all_sorted_cmp);
        for (n = 0; n < d.n; ++n)
            fn(d.names[n], arg);
--- a/crypto/objects/obj_dat.c
+++ b/crypto/objects/obj_dat.c
@ -255,19 +255,16 @@ int OBJ_add_object(const ASN1_OBJECT *obj)
            return (0);
    if ((o = OBJ_dup(obj)) == NULL)
        goto err;
-    if (!(ao[ADDED_NID] = OPENSSL_malloc(sizeof(ADDED_OBJ))))
+    if (!(ao[ADDED_NID] = OPENSSL_malloc(sizeof(*ao))))
        goto err2;
    if ((o->length != 0) && (obj->data != NULL))
-        if (!
+        if (!(ao[ADDED_DATA] = OPENSSL_malloc(sizeof(*ao))))
            (ao[ADDED_DATA] = OPENSSL_malloc(sizeof(ADDED_OBJ))))
            goto err2;
    if (o->sn != NULL)
-        if (!
+        if (!(ao[ADDED_SNAME] = OPENSSL_malloc(sizeof(*ao))))
            (ao[ADDED_SNAME] = OPENSSL_malloc(sizeof(ADDED_OBJ))))
            goto err2;
    if (o->ln != NULL)
-        if (!
+        if (!(ao[ADDED_LNAME] = OPENSSL_malloc(sizeof(*ao))))
            (ao[ADDED_LNAME] = OPENSSL_malloc(sizeof(ADDED_OBJ))))
            goto err2;
    for (i = ADDED_DATA; i <= ADDED_NID; i++) {
--- a/crypto/objects/obj_xref.c
+++ b/crypto/objects/obj_xref.c
@ -154,7 +154,7 @@ int OBJ_add_sigid(int signid, int dig_id, int pkey_id)
        sigx_app = sk_nid_triple_new(sigx_cmp);
    if (!sigx_app)
        return 0;
-    ntr = OPENSSL_malloc(sizeof(int) * 3);
+    ntr = OPENSSL_malloc(sizeof(*ntr));
    if (!ntr)
        return 0;
    ntr->sign_id = signid;
--- a/crypto/ocsp/ocsp_ht.c
+++ b/crypto/ocsp/ocsp_ht.c
@ -113,8 +113,8 @@ static int parse_http_line1(char *line);
 OCSP_REQ_CTX *OCSP_REQ_CTX_new(BIO *io, int maxline)
 {
-    OCSP_REQ_CTX *rctx;
+    OCSP_REQ_CTX *rctx = OPENSSL_malloc(sizeof(*rctx));
-    rctx = OPENSSL_malloc(sizeof(OCSP_REQ_CTX));
+
    if (!rctx)
        return NULL;
    rctx->state = OHS_ERROR;
--- a/crypto/pqueue/pqueue.c
+++ b/crypto/pqueue/pqueue.c
@ -68,7 +68,7 @@ typedef struct _pqueue {
 pitem *pitem_new(unsigned char *prio64be, void *data)
 {
-    pitem *item = OPENSSL_malloc(sizeof(pitem));
+    pitem *item = OPENSSL_malloc(sizeof(*item));
    if (item == NULL)
        return NULL;
@ -87,7 +87,7 @@ void pitem_free(pitem *item)
 pqueue_s *pqueue_new()
 {
-    pqueue_s *pq = OPENSSL_malloc(sizeof(pqueue_s));
+    pqueue_s *pq = OPENSSL_malloc(sizeof(*pq));
    if (pq == NULL)
        return NULL;
--- a/crypto/rsa/rsa_lib.c
+++ b/crypto/rsa/rsa_lib.c
@ -127,7 +127,7 @@ RSA *RSA_new_method(ENGINE *engine)
 {
    RSA *ret;
-    ret = OPENSSL_malloc(sizeof(RSA));
+    ret = OPENSSL_malloc(sizeof(*ret));
    if (ret == NULL) {
        RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
        return NULL;
--- a/crypto/rsa/rsa_pmeth.c
+++ b/crypto/rsa/rsa_pmeth.c
@ -97,7 +97,7 @@ typedef struct {
 static int pkey_rsa_init(EVP_PKEY_CTX *ctx)
 {
    RSA_PKEY_CTX *rctx;
-    rctx = OPENSSL_malloc(sizeof(RSA_PKEY_CTX));
+    rctx = OPENSSL_malloc(sizeof(*rctx));
    if (!rctx)
        return 0;
    rctx->nbits = 1024;
--- a/crypto/srp/srp_vfy.c
+++ b/crypto/srp/srp_vfy.c
@ -198,7 +198,7 @@ static void SRP_user_pwd_free(SRP_user_pwd *user_pwd)
 static SRP_user_pwd *SRP_user_pwd_new(void)
 {
-    SRP_user_pwd *ret = OPENSSL_malloc(sizeof(SRP_user_pwd));
+    SRP_user_pwd *ret = OPENSSL_malloc(sizeof(*ret));
    if (ret == NULL)
        return NULL;
    ret->N = NULL;
@ -249,7 +249,7 @@ static int SRP_user_pwd_set_sv_BN(SRP_user_pwd *vinfo, BIGNUM *s, BIGNUM *v)
 SRP_VBASE *SRP_VBASE_new(char *seed_key)
 {
-    SRP_VBASE *vb = OPENSSL_malloc(sizeof(SRP_VBASE));
+    SRP_VBASE *vb = OPENSSL_malloc(sizeof(*vb));
    if (vb == NULL)
        return NULL;
@ -284,7 +284,7 @@ static SRP_gN_cache *SRP_gN_new_init(const char *ch)
 {
    unsigned char tmp[MAX_LEN];
    int len;
-    SRP_gN_cache *newgN = OPENSSL_malloc(sizeof(SRP_gN_cache));
+    SRP_gN_cache *newgN = OPENSSL_malloc(sizeof(*newgN));
    if (newgN == NULL)
        return NULL;
@ -391,7 +391,7 @@ int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file)
             * we add this couple in the internal Stack
             */
-            if ((gN = OPENSSL_malloc(sizeof(SRP_gN))) == NULL)
+            if ((gN = OPENSSL_malloc(sizeof(*gN))) == NULL)
                goto err;
            if (!(gN->id = BUF_strdup(pp[DB_srpid]))
--- a/crypto/stack/stack.c
+++ b/crypto/stack/stack.c
@ -122,7 +122,7 @@ _STACK *sk_deep_copy(_STACK *sk, void *(*copy_func) (void *),
    ret->sorted = sk->sorted;
    ret->num = sk->num;
    ret->num_alloc = sk->num > MIN_NODES ? sk->num : MIN_NODES;
-    ret->data = OPENSSL_malloc(sizeof(char *) * ret->num_alloc);
+    ret->data = OPENSSL_malloc(sizeof(*ret->data) * ret->num_alloc);
    if (ret->data == NULL) {
        OPENSSL_free(ret);
        return NULL;
@ -156,7 +156,7 @@ _STACK *sk_new(int (*c) (const void *, const void *))
    if ((ret = OPENSSL_malloc(sizeof(_STACK))) == NULL)
        goto err;
-    if ((ret->data = OPENSSL_malloc(sizeof(char *) * MIN_NODES)) == NULL)
+    if ((ret->data = OPENSSL_malloc(sizeof(*ret->data) * MIN_NODES)) == NULL)
        goto err;
    for (i = 0; i < MIN_NODES; i++)
        ret->data[i] = NULL;
--- a/crypto/store/str_lib.c
+++ b/crypto/store/str_lib.c
@ -109,7 +109,7 @@ STORE *STORE_new_method(const STORE_METHOD *method)
        return NULL;
    }
-    ret = OPENSSL_malloc(sizeof(STORE));
+    ret = OPENSSL_malloc(sizeof(*ret));
    if (ret == NULL) {
        STOREerr(STORE_F_STORE_NEW_METHOD, ERR_R_MALLOC_FAILURE);
        return NULL;
@ -1156,9 +1156,9 @@ int STORE_delete_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
 STORE_OBJECT *STORE_OBJECT_new(void)
 {
-    STORE_OBJECT *object = OPENSSL_malloc(sizeof(STORE_OBJECT));
+    STORE_OBJECT *object = OPENSSL_malloc(sizeof(*object));
    if (object)
-        memset(object, 0, sizeof(STORE_OBJECT));
+        memset(object, 0, sizeof(*object));
    return object;
 }
@ -1206,7 +1206,9 @@ struct STORE_attr_info_st {
 STORE_ATTR_INFO *STORE_ATTR_INFO_new(void)
 {
-    return OPENSSL_malloc(sizeof(STORE_ATTR_INFO));
+    STORE_ATTR_INFO *p = OPENSSL_malloc(sizeof(*p));
    return p;
 }
 static void STORE_ATTR_INFO_attr_free(STORE_ATTR_INFO *attrs,
@ -1450,8 +1452,7 @@ struct attr_list_ctx_st {
 void *STORE_parse_attrs_start(OPENSSL_ITEM *attributes)
 {
    if (attributes) {
-        struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)
+        struct attr_list_ctx_st *context = OPENSSL_malloc(sizeof(*context));
            OPENSSL_malloc(sizeof(struct attr_list_ctx_st));
        if (context)
            context->attributes = attributes;
        else
--- a/Show More
+++ b/Show More