generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Use safer sizeof variant in malloc

Browse Source 
For a local variable:
        TYPE *p;
Allocations like this are "risky":
        p = OPENSSL_malloc(sizeof(TYPE));
if the type of p changes, and the malloc call isn't updated, you
could get memory corruption.  Instead do this:
        p = OPENSSL_malloc(sizeof(*p));
Also fixed a few memset() calls that I noticed while doing this.

Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
Rich Salz
2015-05-01 23:10:31 -04:00
committed by Rich Salz
parent 8920a7cd04
commit b4faea50c3
142 changed files with 278 additions and 283 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
ssl/s3_lib.c
View File

@@ -3098,9 +3098,9 @@ int ssl3_new(SSL *s)
{
SSL3_STATE *s3;
if ((s3 = OPENSSL_malloc(sizeof *s3)) == NULL)
if ((s3 = OPENSSL_malloc(sizeof(*s3))) == NULL)
goto err;
memset(s3, 0, sizeof *s3);
memset(s3, 0, sizeof(*s3));
s->s3 = s3;
#ifndef OPENSSL_NO_SRP
@@ -3137,7 +3137,7 @@ void ssl3_free(SSL *s)
#ifndef OPENSSL_NO_SRP
SSL_SRP_CTX_free(s);
#endif
OPENSSL_clear_free(s->s3, sizeof *s->s3);
OPENSSL_clear_free(s->s3, sizeof(*s->s3));
s->s3 = NULL;
}
@@ -3174,7 +3174,7 @@ void ssl3_clear(SSL *s)
s->s3->alpn_selected = NULL;
}
#endif
memset(s->s3, 0, sizeof *s->s3);
memset(s->s3, 0, sizeof(*s->s3));
s->s3->init_extra = init_extra;
ssl_free_wbio_buffer(s);