From b4faea50c35d92a67d1369355b49cc3efba78406 Mon Sep 17 00:00:00 2001 From: Rich Salz Date: Fri, 1 May 2015 23:10:31 -0400 Subject: Use safer sizeof variant in malloc For a local variable: TYPE *p; Allocations like this are "risky": p = OPENSSL_malloc(sizeof(TYPE)); if the type of p changes, and the malloc call isn't updated, you could get memory corruption. Instead do this: p = OPENSSL_malloc(sizeof(*p)); Also fixed a few memset() calls that I noticed while doing this. Reviewed-by: Richard Levitte --- crypto/evp/bio_enc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'crypto/evp/bio_enc.c') diff --git a/crypto/evp/bio_enc.c b/crypto/evp/bio_enc.c index 0afd8cc502..86a2dc5743 100644 --- a/crypto/evp/bio_enc.c +++ b/crypto/evp/bio_enc.c @@ -112,7 +112,7 @@ static int enc_new(BIO *bi) { BIO_ENC_CTX *ctx; - ctx = OPENSSL_malloc(sizeof(BIO_ENC_CTX)); + ctx = OPENSSL_malloc(sizeof(*ctx)); if (ctx == NULL) return (0); EVP_CIPHER_CTX_init(&ctx->cipher); -- cgit v1.2.3