Use safer sizeof variant in malloc
For a local variable:
TYPE *p;
Allocations like this are "risky":
p = OPENSSL_malloc(sizeof(TYPE));
if the type of p changes, and the malloc call isn't updated, you
could get memory corruption. Instead do this:
p = OPENSSL_malloc(sizeof(*p));
Also fixed a few memset() calls that I noticed while doing this.
Reviewed-by: Richard Levitte <levitte@openssl.org>
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index cce7f15..c7a2aa9 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -182,9 +182,8 @@
CERT *ssl_cert_new(void)
{
- CERT *ret;
+ CERT *ret = OPENSSL_malloc(sizeof(*ret));
- ret = OPENSSL_malloc(sizeof(CERT));
if (ret == NULL) {
SSLerr(SSL_F_SSL_CERT_NEW, ERR_R_MALLOC_FAILURE);
return (NULL);
@@ -202,10 +201,9 @@
CERT *ssl_cert_dup(CERT *cert)
{
- CERT *ret;
+ CERT *ret = OPENSSL_malloc(sizeof(*ret));
int i;
- ret = OPENSSL_malloc(sizeof(CERT));
if (ret == NULL) {
SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE);
return (NULL);
@@ -577,13 +575,13 @@
{
SESS_CERT *ret;
- ret = OPENSSL_malloc(sizeof *ret);
+ ret = OPENSSL_malloc(sizeof(*ret));
if (ret == NULL) {
SSLerr(SSL_F_SSL_SESS_CERT_NEW, ERR_R_MALLOC_FAILURE);
return NULL;
}
- memset(ret, 0, sizeof *ret);
+ memset(ret, 0, sizeof(*ret));
ret->peer_key = &(ret->peer_pkeys[SSL_PKEY_RSA_ENC]);
ret->references = 1;