Use safer sizeof variant in malloc
For a local variable: TYPE *p; Allocations like this are "risky": p = OPENSSL_malloc(sizeof(TYPE)); if the type of p changes, and the malloc call isn't updated, you could get memory corruption. Instead do this: p = OPENSSL_malloc(sizeof(*p)); Also fixed a few memset() calls that I noticed while doing this. Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
@@ -499,7 +499,7 @@ static void load_builtin_compressions(void)
|
||||
MemCheck_off();
|
||||
ssl_comp_methods = sk_SSL_COMP_new(sk_comp_cmp);
|
||||
if (ssl_comp_methods != NULL) {
|
||||
comp = OPENSSL_malloc(sizeof(SSL_COMP));
|
||||
comp = OPENSSL_malloc(sizeof(*comp));
|
||||
if (comp != NULL) {
|
||||
comp->method = COMP_zlib();
|
||||
if (comp->method && comp->method->type == NID_undef)
|
||||
@@ -1452,7 +1452,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, STACK
|
||||
fprintf(stderr, "ssl_create_cipher_list() for %d ciphers\n",
|
||||
num_of_ciphers);
|
||||
#endif /* KSSL_DEBUG */
|
||||
co_list = OPENSSL_malloc(sizeof(CIPHER_ORDER) * num_of_ciphers);
|
||||
co_list = OPENSSL_malloc(sizeof(*co_list) * num_of_ciphers);
|
||||
if (co_list == NULL) {
|
||||
SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
|
||||
return (NULL); /* Failure */
|
||||
@@ -1533,7 +1533,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, STACK
|
||||
*/
|
||||
num_of_group_aliases = OSSL_NELEM(cipher_aliases);
|
||||
num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1;
|
||||
ca_list = OPENSSL_malloc(sizeof(SSL_CIPHER *) * num_of_alias_max);
|
||||
ca_list = OPENSSL_malloc(sizeof(*ca_list) * num_of_alias_max);
|
||||
if (ca_list == NULL) {
|
||||
OPENSSL_free(co_list);
|
||||
SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
|
||||
@@ -1933,7 +1933,7 @@ int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
|
||||
}
|
||||
|
||||
MemCheck_off();
|
||||
comp = OPENSSL_malloc(sizeof(SSL_COMP));
|
||||
comp = OPENSSL_malloc(sizeof(*comp));
|
||||
if (comp == NULL) {
|
||||
MemCheck_on();
|
||||
SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, ERR_R_MALLOC_FAILURE);
|
||||
|
Reference in New Issue
Block a user