Use safer sizeof variant in malloc

For a local variable:
        TYPE *p;
Allocations like this are "risky":
        p = OPENSSL_malloc(sizeof(TYPE));
if the type of p changes, and the malloc call isn't updated, you
could get memory corruption.  Instead do this:
        p = OPENSSL_malloc(sizeof(*p));
Also fixed a few memset() calls that I noticed while doing this.

Reviewed-by: Richard Levitte <levitte@openssl.org>

1 files changed, 3 insertions, 3 deletions

diff --git a/apps/s_server.c b/apps/s_server.c
index fead620210..c1b799f9d0 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -461,7 +461,7 @@ static int ebcdic_new(BIO *bi)
 {
     EBCDIC_OUTBUFF *wbuf;
 
-    wbuf = app_malloc(sizeof(EBCDIC_OUTBUFF) + 1024, "ebcdef wbuf");
+    wbuf = app_malloc(sizeof(*wbuf) + 1024, "ebcdic wbuf");
     wbuf->alloced = 1024;
     wbuf->buff[0] = '\0';
 
@@ -515,7 +515,7 @@ static int ebcdic_write(BIO *b, const char *in, int inl)
         num = num + num;        /* double the size */
         if (num < inl)
             num = inl;
-        wbuf = app_malloc(sizeof(EBCDIC_OUTBUFF) + num, "grow ebcdic wbuf");
+        wbuf = app_malloc(sizeof(*wbuf) + num, "grow ebcdic wbuf");
         OPENSSL_free(b->ptr);
 
         wbuf->alloced = num;
@@ -3127,7 +3127,7 @@ static simple_ssl_session *first = NULL;
 
 static int add_session(SSL *ssl, SSL_SESSION *session)
 {
-    simple_ssl_session *sess = app_malloc(sizeof *sess, "get session");
+    simple_ssl_session *sess = app_malloc(sizeof(*sess), "get session");
     unsigned char *p;
 
     SSL_SESSION_get_id(session, &sess->idlen);