From b4faea50c35d92a67d1369355b49cc3efba78406 Mon Sep 17 00:00:00 2001 From: Rich Salz Date: Fri, 1 May 2015 23:10:31 -0400 Subject: Use safer sizeof variant in malloc For a local variable: TYPE *p; Allocations like this are "risky": p = OPENSSL_malloc(sizeof(TYPE)); if the type of p changes, and the malloc call isn't updated, you could get memory corruption. Instead do this: p = OPENSSL_malloc(sizeof(*p)); Also fixed a few memset() calls that I noticed while doing this. Reviewed-by: Richard Levitte --- crypto/bn/bn_blind.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'crypto/bn/bn_blind.c') diff --git a/crypto/bn/bn_blind.c b/crypto/bn/bn_blind.c index 659638bc45..9338cdd4c3 100644 --- a/crypto/bn/bn_blind.c +++ b/crypto/bn/bn_blind.c @@ -137,7 +137,7 @@ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod) bn_check_top(mod); - if ((ret = OPENSSL_malloc(sizeof(BN_BLINDING))) == NULL) { + if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL) { BNerr(BN_F_BN_BLINDING_NEW, ERR_R_MALLOC_FAILURE); return (NULL); } -- cgit v1.2.3