- djm@cvs.openbsd.org 2006/03/25 00:05:41

     [auth-bsdauth.c auth-skey.c auth.c auth2-chall.c channels.c]
     [clientloop.c deattack.c gss-genr.c kex.c key.c misc.c moduli.c]
     [monitor.c monitor_wrap.c packet.c scard.c sftp-server.c ssh-agent.c]
     [ssh-keyscan.c ssh.c sshconnect.c sshconnect2.c sshd.c uuencode.c]
     [xmalloc.c xmalloc.h]
     introduce xcalloc() and xasprintf() failure-checked allocations
     functions and use them throughout openssh

     xcalloc is particularly important because malloc(nmemb * size) is a
     dangerous idiom (subject to integer overflow) and it is time for it
     to die

     feedback and ok deraadt@

1 files changed, 2 insertions, 3 deletions

diff --git a/clientloop.c b/clientloop.c
index 36a4a64a..aa4ebb3a 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -820,8 +820,7 @@ client_process_control(fd_set * readset)
 		return;
 	}
 
-	cctx = xmalloc(sizeof(*cctx));
-	memset(cctx, 0, sizeof(*cctx));
+	cctx = xcalloc(1, sizeof(*cctx));
 	cctx->want_tty = (flags & SSHMUX_FLAG_TTY) != 0;
 	cctx->want_subsys = (flags & SSHMUX_FLAG_SUBSYS) != 0;
 	cctx->want_x_fwd = (flags & SSHMUX_FLAG_X11_FWD) != 0;
@@ -836,7 +835,7 @@ client_process_control(fd_set * readset)
 	env_len = MIN(env_len, 4096);
 	debug3("%s: receiving %d env vars", __func__, env_len);
 	if (env_len != 0) {
-		cctx->env = xmalloc(sizeof(*cctx->env) * (env_len + 1));
+		cctx->env = xcalloc(env_len + 1, sizeof(*cctx->env));
 		for (i = 0; i < env_len; i++)
 			cctx->env[i] = buffer_get_string(&m, &len);
 		cctx->env[i] = NULL;