From 07d86bec5eeaf19fe33dca99c8ebcbe9a77c3938 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Sun, 26 Mar 2006 14:19:21 +1100
Subject:    - djm@cvs.openbsd.org 2006/03/25 00:05:41      [auth-bsdauth.c
 auth-skey.c auth.c auth2-chall.c channels.c]      [clientloop.c deattack.c
 gss-genr.c kex.c key.c misc.c moduli.c]      [monitor.c monitor_wrap.c
 packet.c scard.c sftp-server.c ssh-agent.c]      [ssh-keyscan.c ssh.c
 sshconnect.c sshconnect2.c sshd.c uuencode.c]      [xmalloc.c xmalloc.h]     
 introduce xcalloc() and xasprintf() failure-checked allocations     
 functions and use them throughout openssh

     xcalloc is particularly important because malloc(nmemb * size) is a
     dangerous idiom (subject to integer overflow) and it is time for it
     to die

     feedback and ok deraadt@
---
 deattack.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'deattack.c')

diff --git a/deattack.c b/deattack.c
index bf4451b8..746ff5d4 100644
--- a/deattack.c
+++ b/deattack.c
@@ -93,7 +93,7 @@ detect_attack(u_char *buf, u_int32_t len)
 
 	if (h == NULL) {
 		debug("Installing crc compensation attack detector.");
-		h = (u_int16_t *) xmalloc(l * HASH_ENTRYSIZE);
+		h = (u_int16_t *) xcalloc(l, HASH_ENTRYSIZE);
 		n = l;
 	} else {
 		if (l > n) {
-- 
cgit v1.2.3