From b4faea50c35d92a67d1369355b49cc3efba78406 Mon Sep 17 00:00:00 2001 From: Rich Salz Date: Fri, 1 May 2015 23:10:31 -0400 Subject: Use safer sizeof variant in malloc For a local variable: TYPE *p; Allocations like this are "risky": p = OPENSSL_malloc(sizeof(TYPE)); if the type of p changes, and the malloc call isn't updated, you could get memory corruption. Instead do this: p = OPENSSL_malloc(sizeof(*p)); Also fixed a few memset() calls that I noticed while doing this. Reviewed-by: Richard Levitte --- crypto/ocsp/ocsp_ht.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'crypto/ocsp') diff --git a/crypto/ocsp/ocsp_ht.c b/crypto/ocsp/ocsp_ht.c index aa10c0345c..582ef9c635 100644 --- a/crypto/ocsp/ocsp_ht.c +++ b/crypto/ocsp/ocsp_ht.c @@ -113,8 +113,8 @@ static int parse_http_line1(char *line); OCSP_REQ_CTX *OCSP_REQ_CTX_new(BIO *io, int maxline) { - OCSP_REQ_CTX *rctx; - rctx = OPENSSL_malloc(sizeof(OCSP_REQ_CTX)); + OCSP_REQ_CTX *rctx = OPENSSL_malloc(sizeof(*rctx)); + if (!rctx) return NULL; rctx->state = OHS_ERROR; -- cgit v1.2.3