From b4faea50c35d92a67d1369355b49cc3efba78406 Mon Sep 17 00:00:00 2001
From: Rich Salz <rsalz@akamai.com>
Date: Fri, 1 May 2015 23:10:31 -0400
Subject: Use safer sizeof variant in malloc

For a local variable:
        TYPE *p;
Allocations like this are "risky":
        p = OPENSSL_malloc(sizeof(TYPE));
if the type of p changes, and the malloc call isn't updated, you
could get memory corruption.  Instead do this:
        p = OPENSSL_malloc(sizeof(*p));
Also fixed a few memset() calls that I noticed while doing this.

Reviewed-by: Richard Levitte <levitte@openssl.org>
---
 crypto/conf/conf_def.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'crypto/conf/conf_def.c')

diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c
index 0ed06e11b8..8af2ab13ab 100644
--- a/crypto/conf/conf_def.c
+++ b/crypto/conf/conf_def.c
@@ -130,7 +130,7 @@ static CONF *def_create(CONF_METHOD *meth)
 {
     CONF *ret;
 
-    ret = OPENSSL_malloc(sizeof(CONF) + sizeof(unsigned short *));
+    ret = OPENSSL_malloc(sizeof(*ret));
     if (ret)
         if (meth->init(ret) == 0) {
             OPENSSL_free(ret);
@@ -357,7 +357,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
             p++;
             *p = '\0';
 
-            if (!(v = OPENSSL_malloc(sizeof(CONF_VALUE)))) {
+            if (!(v = OPENSSL_malloc(sizeof(*v)))) {
                 CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE);
                 goto err;
             }
-- 
cgit v1.2.3