Use safer sizeof variant in malloc

For a local variable: TYPE *p; Allocations like this are "risky": p = OPENSSL_malloc(sizeof(TYPE)); if the type of p changes, and the malloc call isn't updated, you could get memory corruption. Instead do this: p = OPENSSL_malloc(sizeof(*p)); Also fixed a few memset() calls that I noticed while doing this. Reviewed-by: Richard Levitte <levitte@openssl.org>
author: Rich Salz <rsalz@akamai.com> 2015-05-01 23:10:31 -0400
committer: Rich Salz <rsalz@openssl.org> 2015-05-04 15:00:13 -0400
commit: b4faea50c35d92a67d1369355b49cc3efba78406 (patch)
tree: cfebea69d625f936c9fd7281f1fa3eaa2fa38834 /ssl/s3_lib.c
parent: 8920a7cd04f43b1a090d0b0a8c9e16b94c6898d4 (diff)
1 files changed, 4 insertions, 4 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index e346c22eb3..a962b5cb63 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3098,9 +3098,9 @@ int ssl3_new(SSL *s)
 {
     SSL3_STATE *s3;
 
-    if ((s3 = OPENSSL_malloc(sizeof *s3)) == NULL)
+    if ((s3 = OPENSSL_malloc(sizeof(*s3))) == NULL)
         goto err;
-    memset(s3, 0, sizeof *s3);
+    memset(s3, 0, sizeof(*s3));
     s->s3 = s3;
     
 #ifndef OPENSSL_NO_SRP
@@ -3137,7 +3137,7 @@ void ssl3_free(SSL *s)
 #ifndef OPENSSL_NO_SRP
     SSL_SRP_CTX_free(s);
 #endif
-    OPENSSL_clear_free(s->s3, sizeof *s->s3);
+    OPENSSL_clear_free(s->s3, sizeof(*s->s3));
     s->s3 = NULL;
 }
 
@@ -3174,7 +3174,7 @@ void ssl3_clear(SSL *s)
         s->s3->alpn_selected = NULL;
     }
 #endif
-    memset(s->s3, 0, sizeof *s->s3);
+    memset(s->s3, 0, sizeof(*s->s3));
     s->s3->init_extra = init_extra;
 
     ssl_free_wbio_buffer(s);
author	Rich Salz <rsalz@akamai.com>	2015-05-01 23:10:31 -0400
committer	Rich Salz <rsalz@openssl.org>	2015-05-04 15:00:13 -0400
commit	b4faea50c35d92a67d1369355b49cc3efba78406 (patch)
tree	cfebea69d625f936c9fd7281f1fa3eaa2fa38834 /ssl/s3_lib.c
parent	8920a7cd04f43b1a090d0b0a8c9e16b94c6898d4 (diff)