From b4faea50c35d92a67d1369355b49cc3efba78406 Mon Sep 17 00:00:00 2001
From: Rich Salz <rsalz@akamai.com>
Date: Fri, 1 May 2015 23:10:31 -0400
Subject: Use safer sizeof variant in malloc

For a local variable:
        TYPE *p;
Allocations like this are "risky":
        p = OPENSSL_malloc(sizeof(TYPE));
if the type of p changes, and the malloc call isn't updated, you
could get memory corruption.  Instead do this:
        p = OPENSSL_malloc(sizeof(*p));
Also fixed a few memset() calls that I noticed while doing this.

Reviewed-by: Richard Levitte <levitte@openssl.org>
---
 apps/ca.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'apps/ca.c')

diff --git a/apps/ca.c b/apps/ca.c
index b6cf47f0f2..abce534896 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -1970,7 +1970,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
     row[DB_type][0] = 'V';
     row[DB_type][1] = '\0';
 
-    irow = app_malloc(sizeof(char *) * (DB_NUMBER + 1), "row space");
+    irow = app_malloc(sizeof(*irow) * (DB_NUMBER + 1), "row space");
     for (i = 0; i < DB_NUMBER; i++) {
         irow[i] = row[i];
         row[i] = NULL;
@@ -2207,7 +2207,7 @@ static int do_revoke(X509 *x509, CA_DB *db, int type, char *value)
         row[DB_type][0] = 'V';
         row[DB_type][1] = '\0';
 
-        irow = app_malloc(sizeof(char *) * (DB_NUMBER + 1), "row ptr");
+        irow = app_malloc(sizeof(*irow) * (DB_NUMBER + 1), "row ptr");
         for (i = 0; i < DB_NUMBER; i++) {
             irow[i] = row[i];
             row[i] = NULL;
-- 
cgit v1.2.3