diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2014-05-29 21:07:44 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2014-05-29 21:07:44 +0000 |
| commit | 23e318bc3fe7526bacb503f5b14da8aee3502871 (patch) | |
| tree | 995dde2c607d492c07a8f8e71f0c0d56b8271549 /lib | |
| parent | 4b83ed84c358f5a49df194b2f225f69533870f5c (diff) | |
convert 53 malloc(a*b) to reallocarray(NULL, a, b). that is 53
potential integer overflows easily changed into an allocation return
of NULL, with errno nicely set if need be. checks for an allocations
returning NULL are commonplace, or if the object is dereferenced
(quite normal) will result in a nice fault which can be detected &
repaired properly.
ok tedu
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libcrypto/asn1/a_set.c | 2 | ||||
| -rw-r--r-- | lib/libcrypto/asn1/tasn_enc.c | 2 | ||||
| -rw-r--r-- | lib/libcrypto/bn/bn_ctx.c | 4 | ||||
| -rw-r--r-- | lib/libcrypto/bn/bn_gf2m.c | 10 | ||||
| -rw-r--r-- | lib/libcrypto/bn/bn_lib.c | 4 | ||||
| -rw-r--r-- | lib/libcrypto/bn/bn_print.c | 2 | ||||
| -rw-r--r-- | lib/libcrypto/ec/ec_mult.c | 14 | ||||
| -rw-r--r-- | lib/libcrypto/ec/ecp_nistp224.c | 3 | ||||
| -rw-r--r-- | lib/libcrypto/ec/ecp_nistp256.c | 7 | ||||
| -rw-r--r-- | lib/libcrypto/ec/ecp_nistp521.c | 7 | ||||
| -rw-r--r-- | lib/libcrypto/ec/ecp_smpl.c | 2 | ||||
| -rw-r--r-- | lib/libcrypto/engine/eng_rsax.c | 2 | ||||
| -rw-r--r-- | lib/libcrypto/ex_data.c | 6 | ||||
| -rw-r--r-- | lib/libcrypto/lhash/lhash.c | 2 | ||||
| -rw-r--r-- | lib/libcrypto/objects/o_names.c | 3 | ||||
| -rw-r--r-- | lib/libcrypto/objects/obj_xref.c | 2 | ||||
| -rw-r--r-- | lib/libcrypto/pem/pem_lib.c | 2 | ||||
| -rw-r--r-- | lib/libcrypto/pem/pem_seal.c | 4 | ||||
| -rw-r--r-- | lib/libcrypto/srp/srp_lib.c | 2 | ||||
| -rw-r--r-- | lib/libcrypto/srp/srp_vfy.c | 4 | ||||
| -rw-r--r-- | lib/libcrypto/txt_db/txt_db.c | 4 | ||||
| -rw-r--r-- | lib/libcrypto/x509/x509spki.c | 2 | ||||
| -rw-r--r-- | lib/libcrypto/x509v3/pcy_tree.c | 2 |
23 files changed, 50 insertions, 42 deletions
diff --git a/lib/libcrypto/asn1/a_set.c b/lib/libcrypto/asn1/a_set.c index 3aeb7e54fff..8101f7722d9 100644 --- a/lib/libcrypto/asn1/a_set.c +++ b/lib/libcrypto/asn1/a_set.c @@ -121,7 +121,7 @@ i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp, i2d_of_void *i2d, pStart = p; /* Catch the beg of Setblobs*/ /* In this array we will store the SET blobs */ - rgSetBlob = malloc(sk_OPENSSL_BLOCK_num(a) * sizeof(MYBLOB)); + rgSetBlob = reallocarray(NULL, sk_OPENSSL_BLOCK_num(a), sizeof(MYBLOB)); if (rgSetBlob == NULL) { ASN1err(ASN1_F_I2D_ASN1_SET, ERR_R_MALLOC_FAILURE); return 0; diff --git a/lib/libcrypto/asn1/tasn_enc.c b/lib/libcrypto/asn1/tasn_enc.c index f5fc8820f66..cfceabe5a91 100644 --- a/lib/libcrypto/asn1/tasn_enc.c +++ b/lib/libcrypto/asn1/tasn_enc.c @@ -435,7 +435,7 @@ asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out, int skcontlen, if (sk_ASN1_VALUE_num(sk) < 2) do_sort = 0; else { - derlst = malloc(sk_ASN1_VALUE_num(sk) * + derlst = reallocarray(NULL, sk_ASN1_VALUE_num(sk), sizeof(*derlst)); tmpdat = malloc(skcontlen); if (!derlst || !tmpdat) { diff --git a/lib/libcrypto/bn/bn_ctx.c b/lib/libcrypto/bn/bn_ctx.c index 7407dade505..2368e251835 100644 --- a/lib/libcrypto/bn/bn_ctx.c +++ b/lib/libcrypto/bn/bn_ctx.c @@ -349,8 +349,8 @@ BN_STACK_push(BN_STACK *st, unsigned int idx) { unsigned int newsize = (st->size ? (st->size * 3 / 2) : BN_CTX_START_FRAMES); - unsigned int *newitems = malloc(newsize * - sizeof(unsigned int)); + unsigned int *newitems = reallocarray(NULL, + newsize, sizeof(unsigned int)); if (!newitems) return 0; if (st->depth) diff --git a/lib/libcrypto/bn/bn_gf2m.c b/lib/libcrypto/bn/bn_gf2m.c index 4000fb8733f..4bd50924d30 100644 --- a/lib/libcrypto/bn/bn_gf2m.c +++ b/lib/libcrypto/bn/bn_gf2m.c @@ -547,7 +547,7 @@ BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *p, bn_check_top(a); bn_check_top(b); bn_check_top(p); - if ((arr = (int *)malloc(sizeof(int) * max)) == NULL) + if ((arr = reallocarray(NULL, sizeof(int), max)) == NULL) goto err; ret = BN_GF2m_poly2arr(p, arr, max); if (!ret || ret > max) { @@ -609,7 +609,7 @@ BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) bn_check_top(a); bn_check_top(p); - if ((arr = (int *)malloc(sizeof(int) * max)) == NULL) + if ((arr = reallocarray(NULL, sizeof(int), max)) == NULL) goto err; ret = BN_GF2m_poly2arr(p, arr, max); if (!ret || ret > max) { @@ -1037,7 +1037,7 @@ BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *p, bn_check_top(a); bn_check_top(b); bn_check_top(p); - if ((arr = (int *)malloc(sizeof(int) * max)) == NULL) + if ((arr = reallocarray(NULL, sizeof(int), max)) == NULL) goto err; ret = BN_GF2m_poly2arr(p, arr, max); if (!ret || ret > max) { @@ -1099,7 +1099,7 @@ BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) int *arr = NULL; bn_check_top(a); bn_check_top(p); - if ((arr = (int *)malloc(sizeof(int) * max)) == NULL) + if ((arr = reallocarray(NULL, sizeof(int), max)) == NULL) goto err; ret = BN_GF2m_poly2arr(p, arr, max); if (!ret || ret > max) { @@ -1234,7 +1234,7 @@ BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) bn_check_top(a); bn_check_top(p); - if ((arr = (int *)malloc(sizeof(int) * max)) == NULL) + if ((arr = reallocarray(NULL, sizeof(int), max)) == NULL) goto err; ret = BN_GF2m_poly2arr(p, arr, max); if (!ret || ret > max) { diff --git a/lib/libcrypto/bn/bn_lib.c b/lib/libcrypto/bn/bn_lib.c index a3a96662e85..28489f8181d 100644 --- a/lib/libcrypto/bn/bn_lib.c +++ b/lib/libcrypto/bn/bn_lib.c @@ -245,7 +245,7 @@ BN_new(void) { BIGNUM *ret; - if ((ret = (BIGNUM *)malloc(sizeof(BIGNUM))) == NULL) { + if ((ret = malloc(sizeof(BIGNUM))) == NULL) { BNerr(BN_F_BN_NEW, ERR_R_MALLOC_FAILURE); return (NULL); } @@ -278,7 +278,7 @@ bn_expand_internal(const BIGNUM *b, int words) BN_R_EXPAND_ON_STATIC_BIGNUM_DATA); return (NULL); } - a = A = (BN_ULONG *)malloc(sizeof(BN_ULONG)*words); + a = A = reallocarray(NULL, sizeof(BN_ULONG), words); if (A == NULL) { BNerr(BN_F_BN_EXPAND_INTERNAL, ERR_R_MALLOC_FAILURE); return (NULL); diff --git a/lib/libcrypto/bn/bn_print.c b/lib/libcrypto/bn/bn_print.c index 3a0fb253691..ea5fa5c3dae 100644 --- a/lib/libcrypto/bn/bn_print.c +++ b/lib/libcrypto/bn/bn_print.c @@ -116,7 +116,7 @@ BN_bn2dec(const BIGNUM *a) */ i = BN_num_bits(a) * 3; num = (i / 10 + i / 1000 + 1) + 1; - bn_data = (BN_ULONG *)malloc((num / BN_DEC_NUM + 1) * sizeof(BN_ULONG)); + bn_data = reallocarray(NULL, num / BN_DEC_NUM + 1, sizeof(BN_ULONG)); buf = (char *)malloc(num + 3); if ((buf == NULL) || (bn_data == NULL)) { BNerr(BN_F_BN_BN2DEC, ERR_R_MALLOC_FAILURE); diff --git a/lib/libcrypto/ec/ec_mult.c b/lib/libcrypto/ec/ec_mult.c index c0525c49406..b3bd34d82df 100644 --- a/lib/libcrypto/ec/ec_mult.c +++ b/lib/libcrypto/ec/ec_mult.c @@ -425,11 +425,11 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar, } totalnum = num + numblocks; - wsize = malloc(totalnum * sizeof wsize[0]); - wNAF_len = malloc(totalnum * sizeof wNAF_len[0]); - wNAF = malloc((totalnum + 1) * sizeof wNAF[0]); /* includes space for - * pivot */ - val_sub = malloc(totalnum * sizeof val_sub[0]); + wsize = reallocarray(NULL, totalnum, sizeof wsize[0]); + wNAF_len = reallocarray(NULL, totalnum, sizeof wNAF_len[0]); + /* includes space for pivot */ + wNAF = reallocarray(NULL, (totalnum + 1), sizeof wNAF[0]); + val_sub = reallocarray(NULL, totalnum, sizeof val_sub[0]); if (!wsize || !wNAF_len || !wNAF || !val_sub) { ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE); @@ -573,7 +573,7 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar, * to a subarray of 'pre_comp->points' if we already have * precomputation. */ - val = malloc((num_val + 1) * sizeof val[0]); + val = reallocarray(NULL, (num_val + 1), sizeof val[0]); if (val == NULL) { ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE); goto err; @@ -790,7 +790,7 @@ ec_wNAF_precompute_mult(EC_GROUP * group, BN_CTX * ctx) num = pre_points_per_block * numblocks; /* number of points to * compute and store */ - points = malloc(sizeof(EC_POINT *) * (num + 1)); + points = reallocarray(NULL, sizeof(EC_POINT *), (num + 1)); if (!points) { ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_MALLOC_FAILURE); goto err; diff --git a/lib/libcrypto/ec/ecp_nistp224.c b/lib/libcrypto/ec/ecp_nistp224.c index 53aced54d54..6e9b9fac3ca 100644 --- a/lib/libcrypto/ec/ecp_nistp224.c +++ b/lib/libcrypto/ec/ecp_nistp224.c @@ -1438,7 +1438,8 @@ ec_GFp_nistp224_points_mul(const EC_GROUP * group, EC_POINT * r, secrets = calloc(num_points, sizeof(felem_bytearray)); pre_comp = calloc(num_points, 17 * 3 * sizeof(felem)); if (mixed) - tmp_felems = malloc((num_points * 17 + 1) * sizeof(felem)); + tmp_felems = reallocarray(NULL, + (num_points * 17 + 1), sizeof(felem)); if ((secrets == NULL) || (pre_comp == NULL) || (mixed && (tmp_felems == NULL))) { ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_MALLOC_FAILURE); goto err; diff --git a/lib/libcrypto/ec/ecp_nistp256.c b/lib/libcrypto/ec/ecp_nistp256.c index df80cc2b8ab..b2398e106c0 100644 --- a/lib/libcrypto/ec/ecp_nistp256.c +++ b/lib/libcrypto/ec/ecp_nistp256.c @@ -1987,8 +1987,11 @@ ec_GFp_nistp256_points_mul(const EC_GROUP * group, EC_POINT * r, } secrets = calloc(num_points, sizeof(felem_bytearray)); pre_comp = calloc(num_points, 17 * 3 * sizeof(smallfelem)); - if (mixed) - tmp_smallfelems = malloc((num_points * 17 + 1) * sizeof(smallfelem)); + if (mixed) { + /* XXX should do more int overflow checking */ + tmp_smallfelems = reallocarray(NULL, + (num_points * 17 + 1), sizeof(smallfelem)); + } if ((secrets == NULL) || (pre_comp == NULL) || (mixed && (tmp_smallfelems == NULL))) { ECerr(EC_F_EC_GFP_NISTP256_POINTS_MUL, ERR_R_MALLOC_FAILURE); goto err; diff --git a/lib/libcrypto/ec/ecp_nistp521.c b/lib/libcrypto/ec/ecp_nistp521.c index 6792c5b71d8..083e017cdc2 100644 --- a/lib/libcrypto/ec/ecp_nistp521.c +++ b/lib/libcrypto/ec/ecp_nistp521.c @@ -1874,8 +1874,11 @@ ec_GFp_nistp521_points_mul(const EC_GROUP * group, EC_POINT * r, } secrets = calloc(num_points, sizeof(felem_bytearray)); pre_comp = calloc(num_points, 17 * 3 * sizeof(felem)); - if (mixed) - tmp_felems = malloc((num_points * 17 + 1) * sizeof(felem)); + if (mixed) { + /* XXX should do more int overflow checking */ + tmp_felems = reallocarray(NULL, + (num_points * 17 + 1), sizeof(felem)); + } if ((secrets == NULL) || (pre_comp == NULL) || (mixed && (tmp_felems == NULL))) { ECerr(EC_F_EC_GFP_NISTP521_POINTS_MUL, ERR_R_MALLOC_FAILURE); goto err; diff --git a/lib/libcrypto/ec/ecp_smpl.c b/lib/libcrypto/ec/ecp_smpl.c index b87410120df..46783a47a83 100644 --- a/lib/libcrypto/ec/ecp_smpl.c +++ b/lib/libcrypto/ec/ecp_smpl.c @@ -1257,7 +1257,7 @@ ec_GFp_simple_points_make_affine(const EC_GROUP * group, size_t num, EC_POINT * */ pow2 <<= 1; - heap = malloc(pow2 * sizeof heap[0]); + heap = reallocarray(NULL, pow2, sizeof heap[0]); if (heap == NULL) goto err; diff --git a/lib/libcrypto/engine/eng_rsax.c b/lib/libcrypto/engine/eng_rsax.c index 1b15b6f1a3f..0f8e1cd498a 100644 --- a/lib/libcrypto/engine/eng_rsax.c +++ b/lib/libcrypto/engine/eng_rsax.c @@ -268,7 +268,7 @@ static E_RSAX_MOD_CTX *e_rsax_get_ctx(RSA *rsa, int idx, BIGNUM* m) hptr = RSA_get_ex_data(rsa, rsax_ex_data_idx); if (!hptr) { - hptr = malloc(3*sizeof(E_RSAX_MOD_CTX)); + hptr = reallocarray(NULL, 3, sizeof(E_RSAX_MOD_CTX)); if (!hptr) return NULL; hptr[2].type = hptr[1].type= hptr[0].type = 0; RSA_set_ex_data(rsa, rsax_ex_data_idx, hptr); diff --git a/lib/libcrypto/ex_data.c b/lib/libcrypto/ex_data.c index d8d25d320ec..5cd01c72d10 100644 --- a/lib/libcrypto/ex_data.c +++ b/lib/libcrypto/ex_data.c @@ -424,7 +424,7 @@ int_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad) CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA); mx = sk_CRYPTO_EX_DATA_FUNCS_num(item->meth); if (mx > 0) { - storage = malloc(mx * sizeof(CRYPTO_EX_DATA_FUNCS*)); + storage = reallocarray(NULL, mx, sizeof(CRYPTO_EX_DATA_FUNCS*)); if (!storage) goto skip; for (i = 0; i < mx; i++) @@ -468,7 +468,7 @@ int_dup_ex_data(int class_index, CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from) if (j < mx) mx = j; if (mx > 0) { - storage = malloc(mx * sizeof(CRYPTO_EX_DATA_FUNCS*)); + storage = reallocarray(NULL, mx, sizeof(CRYPTO_EX_DATA_FUNCS*)); if (!storage) goto skip; for (i = 0; i < mx; i++) @@ -505,7 +505,7 @@ int_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad) CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA); mx = sk_CRYPTO_EX_DATA_FUNCS_num(item->meth); if (mx > 0) { - storage = malloc(mx * sizeof(CRYPTO_EX_DATA_FUNCS*)); + storage = reallocarray(NULL, mx, sizeof(CRYPTO_EX_DATA_FUNCS*)); if (!storage) goto skip; for (i = 0; i < mx; i++) diff --git a/lib/libcrypto/lhash/lhash.c b/lib/libcrypto/lhash/lhash.c index ad24a7726b1..e75a43f5066 100644 --- a/lib/libcrypto/lhash/lhash.c +++ b/lib/libcrypto/lhash/lhash.c @@ -119,7 +119,7 @@ lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c) if ((ret = malloc(sizeof(_LHASH))) == NULL) goto err0; - if ((ret->b = malloc(sizeof(LHASH_NODE *) * MIN_NODES)) == NULL) + if ((ret->b = reallocarray(NULL, sizeof(LHASH_NODE *), MIN_NODES)) == NULL) goto err1; for (i = 0; i < MIN_NODES; i++) ret->b[i] = NULL; diff --git a/lib/libcrypto/objects/o_names.c b/lib/libcrypto/objects/o_names.c index 196d3ab0a75..169b8ae87da 100644 --- a/lib/libcrypto/objects/o_names.c +++ b/lib/libcrypto/objects/o_names.c @@ -292,7 +292,8 @@ OBJ_NAME_do_all_sorted(int type, void (*fn)(const OBJ_NAME *, void *arg), int n; d.type = type; - d.names = malloc(lh_OBJ_NAME_num_items(names_lh)*sizeof *d.names); + d.names = reallocarray(NULL, lh_OBJ_NAME_num_items(names_lh), + sizeof *d.names); d.n = 0; OBJ_NAME_do_all(type, do_all_sorted_fn, &d); diff --git a/lib/libcrypto/objects/obj_xref.c b/lib/libcrypto/objects/obj_xref.c index 25aed74ff11..8e9128efc4b 100644 --- a/lib/libcrypto/objects/obj_xref.c +++ b/lib/libcrypto/objects/obj_xref.c @@ -164,7 +164,7 @@ OBJ_add_sigid(int signid, int dig_id, int pkey_id) sigx_app = sk_nid_triple_new(sigx_cmp); if (!sigx_app) return 0; - ntr = malloc(sizeof(int) * 3); + ntr = reallocarray(NULL, sizeof(int), 3); if (!ntr) return 0; ntr->sign_id = signid; diff --git a/lib/libcrypto/pem/pem_lib.c b/lib/libcrypto/pem/pem_lib.c index 58d2bfbee96..945262f0199 100644 --- a/lib/libcrypto/pem/pem_lib.c +++ b/lib/libcrypto/pem/pem_lib.c @@ -605,7 +605,7 @@ PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data, goto err; } - buf = malloc(PEM_BUFSIZE * 8); + buf = reallocarray(NULL, PEM_BUFSIZE, 8); if (buf == NULL) { reason = ERR_R_MALLOC_FAILURE; goto err; diff --git a/lib/libcrypto/pem/pem_seal.c b/lib/libcrypto/pem/pem_seal.c index 92b70157cdb..a7b93792235 100644 --- a/lib/libcrypto/pem/pem_seal.c +++ b/lib/libcrypto/pem/pem_seal.c @@ -85,7 +85,7 @@ PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type, if (j > max) max = j; } - s = (char *)malloc(max*2); + s = (char *)reallocarray(NULL, max, 2); if (s == NULL) { PEMerr(PEM_F_PEM_SEALINIT, ERR_R_MALLOC_FAILURE); goto err; @@ -159,7 +159,7 @@ PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl, i = RSA_size(priv->pkey.rsa); if (i < 100) i = 100; - s = (unsigned char *)malloc(i*2); + s = reallocarray(NULL, i, 2); if (s == NULL) { PEMerr(PEM_F_PEM_SEALFINAL, ERR_R_MALLOC_FAILURE); goto err; diff --git a/lib/libcrypto/srp/srp_lib.c b/lib/libcrypto/srp/srp_lib.c index a3a67eda2e2..77e2c2c2f2c 100644 --- a/lib/libcrypto/srp/srp_lib.c +++ b/lib/libcrypto/srp/srp_lib.c @@ -121,7 +121,7 @@ BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N) longN= BN_num_bytes(N); - if ((cAB = malloc(2*longN)) == NULL) + if ((cAB = reallocarray(NULL, 2, longN)) == NULL) return NULL; memset(cAB, 0, longN); diff --git a/lib/libcrypto/srp/srp_vfy.c b/lib/libcrypto/srp/srp_vfy.c index de7dbe5bbd4..6ad80ef9927 100644 --- a/lib/libcrypto/srp/srp_vfy.c +++ b/lib/libcrypto/srp/srp_vfy.c @@ -573,7 +573,7 @@ char *SRP_create_verifier(const char *user, const char *pass, char **salt, if(!SRP_create_verifier_BN(user, pass, &s, &v, N_bn, g_bn)) goto err; BN_bn2bin(v,tmp); - if (((vf = malloc(BN_num_bytes(v)*2)) == NULL)) + if (((vf = reallocarray(NULL, BN_num_bytes(v), 2)) == NULL)) goto err; t_tob64(vf, tmp, BN_num_bytes(v)); @@ -582,7 +582,7 @@ char *SRP_create_verifier(const char *user, const char *pass, char **salt, { char *tmp_salt; - if ((tmp_salt = malloc(SRP_RANDOM_SALT_LEN * 2)) == NULL) + if ((tmp_salt = reallocarray(NULL, SRP_RANDOM_SALT_LEN, 2)) == NULL) { free(vf); goto err; diff --git a/lib/libcrypto/txt_db/txt_db.c b/lib/libcrypto/txt_db/txt_db.c index a2afa3df234..0f3a7ffbb39 100644 --- a/lib/libcrypto/txt_db/txt_db.c +++ b/lib/libcrypto/txt_db/txt_db.c @@ -94,9 +94,9 @@ TXT_DB_read(BIO *in, int num) ret->qual = NULL; if ((ret->data = sk_OPENSSL_PSTRING_new_null()) == NULL) goto err; - if ((ret->index = malloc(sizeof(*ret->index)*num)) == NULL) + if ((ret->index = reallocarray(NULL, sizeof(*ret->index), num)) == NULL) goto err; - if ((ret->qual = malloc(sizeof(*(ret->qual))*num)) == NULL) + if ((ret->qual = reallocarray(NULL, sizeof(*(ret->qual)), num)) == NULL) goto err; for (i = 0; i < num; i++) { ret->index[i] = NULL; diff --git a/lib/libcrypto/x509/x509spki.c b/lib/libcrypto/x509/x509spki.c index b5f67b5a97c..23172fdb8ee 100644 --- a/lib/libcrypto/x509/x509spki.c +++ b/lib/libcrypto/x509/x509spki.c @@ -115,7 +115,7 @@ NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki) int der_len; der_len = i2d_NETSCAPE_SPKI(spki, NULL); der_spki = malloc(der_len); - b64_str = malloc(der_len * 2); + b64_str = reallocarray(NULL, der_len, 2); if (!der_spki || !b64_str) { X509err(X509_F_NETSCAPE_SPKI_B64_ENCODE, ERR_R_MALLOC_FAILURE); free(der_spki); diff --git a/lib/libcrypto/x509v3/pcy_tree.c b/lib/libcrypto/x509v3/pcy_tree.c index ebc4809371c..080a87d6741 100644 --- a/lib/libcrypto/x509v3/pcy_tree.c +++ b/lib/libcrypto/x509v3/pcy_tree.c @@ -220,7 +220,7 @@ tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs, unsigned int flags) return 0; tree->flags = 0; - tree->levels = malloc(sizeof(X509_POLICY_LEVEL) * n); + tree->levels = reallocarray(NULL, sizeof(X509_POLICY_LEVEL), n); tree->nlevel = 0; tree->extra_data = NULL; tree->auth_policies = NULL; |