Use safer sizeof variant in malloc

For a local variable:
        TYPE *p;
Allocations like this are "risky":
        p = OPENSSL_malloc(sizeof(TYPE));
if the type of p changes, and the malloc call isn't updated, you
could get memory corruption.  Instead do this:
        p = OPENSSL_malloc(sizeof(*p));
Also fixed a few memset() calls that I noticed while doing this.

Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
Rich Salz
2015-05-01 23:10:31 -04:00
committed by Rich Salz
parent 8920a7cd04
commit b4faea50c3
142 changed files with 278 additions and 283 deletions

View File

@@ -499,7 +499,7 @@ static void load_builtin_compressions(void)
MemCheck_off();
ssl_comp_methods = sk_SSL_COMP_new(sk_comp_cmp);
if (ssl_comp_methods != NULL) {
comp = OPENSSL_malloc(sizeof(SSL_COMP));
comp = OPENSSL_malloc(sizeof(*comp));
if (comp != NULL) {
comp->method = COMP_zlib();
if (comp->method && comp->method->type == NID_undef)
@@ -1452,7 +1452,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, STACK
fprintf(stderr, "ssl_create_cipher_list() for %d ciphers\n",
num_of_ciphers);
#endif /* KSSL_DEBUG */
co_list = OPENSSL_malloc(sizeof(CIPHER_ORDER) * num_of_ciphers);
co_list = OPENSSL_malloc(sizeof(*co_list) * num_of_ciphers);
if (co_list == NULL) {
SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
return (NULL); /* Failure */
@@ -1533,7 +1533,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, STACK
*/
num_of_group_aliases = OSSL_NELEM(cipher_aliases);
num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1;
ca_list = OPENSSL_malloc(sizeof(SSL_CIPHER *) * num_of_alias_max);
ca_list = OPENSSL_malloc(sizeof(*ca_list) * num_of_alias_max);
if (ca_list == NULL) {
OPENSSL_free(co_list);
SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
@@ -1933,7 +1933,7 @@ int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
}
MemCheck_off();
comp = OPENSSL_malloc(sizeof(SSL_COMP));
comp = OPENSSL_malloc(sizeof(*comp));
if (comp == NULL) {
MemCheck_on();
SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, ERR_R_MALLOC_FAILURE);