Add and use OPENSSL_zalloc
There are many places (nearly 50) where we malloc and then memset.
Add an OPENSSL_zalloc routine to encapsulate that.
(Missed one conversion; thanks Richard)
Also fixes GH328
Reviewed-by: Richard Levitte <levitte@openssl.org>
diff --git a/ssl/bio_ssl.c b/ssl/bio_ssl.c
index aa6d623..639b105 100644
--- a/ssl/bio_ssl.c
+++ b/ssl/bio_ssl.c
@@ -101,13 +101,12 @@
static int ssl_new(BIO *bi)
{
- BIO_SSL *bs = OPENSSL_malloc(sizeof(*bs));
+ BIO_SSL *bs = OPENSSL_zalloc(sizeof(*bs));
if (bs == NULL) {
BIOerr(BIO_F_SSL_NEW, ERR_R_MALLOC_FAILURE);
return (0);
}
- memset(bs, 0, sizeof(*bs));
bi->init = 0;
bi->ptr = (char *)bs;
bi->flags = 0;
diff --git a/ssl/d1_both.c b/ssl/d1_both.c
index d2f5def..52b7304 100644
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -187,13 +187,12 @@
/* Initialize reassembly bitmask if necessary */
if (reassembly) {
- bitmask = OPENSSL_malloc(RSMBLY_BITMASK_SIZE(frag_len));
+ bitmask = OPENSSL_zalloc(RSMBLY_BITMASK_SIZE(frag_len));
if (bitmask == NULL) {
OPENSSL_free(buf);
OPENSSL_free(frag);
return NULL;
}
- memset(bitmask, 0, RSMBLY_BITMASK_SIZE(frag_len));
}
frag->reassembly = bitmask;
diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
index fc1887a..d3b582a 100644
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c
@@ -135,11 +135,10 @@
if (!ssl3_new(s))
return (0);
- if ((d1 = OPENSSL_malloc(sizeof(*d1))) == NULL) {
+ if ((d1 = OPENSSL_zalloc(sizeof(*d1))) == NULL) {
ssl3_free(s);
return (0);
}
- memset(d1, 0, sizeof(*d1));
d1->buffered_messages = pqueue_new();
d1->sent_messages = pqueue_new();
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 47d28e7..bb090ef 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3836,9 +3836,8 @@
{
SSL3_STATE *s3;
- if ((s3 = OPENSSL_malloc(sizeof(*s3))) == NULL)
+ if ((s3 = OPENSSL_zalloc(sizeof(*s3))) == NULL)
goto err;
- memset(s3, 0, sizeof(*s3));
s->s3 = s3;
#ifndef OPENSSL_NO_SRP
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index 1183961..c3e2c2e 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -167,13 +167,12 @@
CERT *ssl_cert_new(void)
{
- CERT *ret = OPENSSL_malloc(sizeof(*ret));
+ CERT *ret = OPENSSL_zalloc(sizeof(*ret));
if (ret == NULL) {
SSLerr(SSL_F_SSL_CERT_NEW, ERR_R_MALLOC_FAILURE);
return (NULL);
}
- memset(ret, 0, sizeof(*ret));
ret->key = &(ret->pkeys[SSL_PKEY_RSA_ENC]);
ret->references = 1;
@@ -185,7 +184,7 @@
CERT *ssl_cert_dup(CERT *cert)
{
- CERT *ret = OPENSSL_malloc(sizeof(*ret));
+ CERT *ret = OPENSSL_zalloc(sizeof(*ret));
int i;
if (ret == NULL) {
@@ -193,8 +192,6 @@
return (NULL);
}
- memset(ret, 0, sizeof(*ret));
-
ret->key = &ret->pkeys[cert->key - cert->pkeys];
#ifndef OPENSSL_NO_RSA
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index c048fc2..2dd2379 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -1038,12 +1038,11 @@
curr = curr->next;
}
- number_uses = OPENSSL_malloc(sizeof(int) * (max_strength_bits + 1));
+ number_uses = OPENSSL_zalloc(sizeof(int) * (max_strength_bits + 1));
if (!number_uses) {
SSLerr(SSL_F_SSL_CIPHER_STRENGTH_SORT, ERR_R_MALLOC_FAILURE);
return (0);
}
- memset(number_uses, 0, sizeof(int) * (max_strength_bits + 1));
/*
* Now find the strength_bits values actually used
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index fd1561e..b1d4771 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -277,10 +277,9 @@
return (NULL);
}
- s = OPENSSL_malloc(sizeof(*s));
+ s = OPENSSL_zalloc(sizeof(*s));
if (s == NULL)
goto err;
- memset(s, 0, sizeof(*s));
RECORD_LAYER_init(&s->rlayer, s);
@@ -1684,14 +1683,11 @@
SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
goto err;
}
- ret = OPENSSL_malloc(sizeof(*ret));
+ ret = OPENSSL_zalloc(sizeof(*ret));
if (ret == NULL)
goto err;
- memset(ret, 0, sizeof(*ret));
-
ret->method = meth;
-
ret->cert_store = NULL;
ret->session_cache_mode = SSL_SESS_CACHE_SERVER;
ret->session_cache_size = SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;
@@ -1706,8 +1702,6 @@
ret->get_session_cb = 0;
ret->generate_session_id = 0;
- memset(&ret->stats, 0, sizeof(ret->stats));
-
ret->references = 1;
ret->quiet_shutdown = 0;
ret->info_callback = NULL;
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 69e6d7f..3e980bf 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -193,12 +193,11 @@
{
SSL_SESSION *ss;
- ss = OPENSSL_malloc(sizeof(*ss));
+ ss = OPENSSL_zalloc(sizeof(*ss));
if (ss == NULL) {
SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE);
return (0);
}
- memset(ss, 0, sizeof(*ss));
ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */
ss->references = 1;
