From b4faea50c35d92a67d1369355b49cc3efba78406 Mon Sep 17 00:00:00 2001
From: Rich Salz <rsalz@akamai.com>
Date: Fri, 1 May 2015 23:10:31 -0400
Subject: Use safer sizeof variant in malloc

For a local variable:
        TYPE *p;
Allocations like this are "risky":
        p = OPENSSL_malloc(sizeof(TYPE));
if the type of p changes, and the malloc call isn't updated, you
could get memory corruption.  Instead do this:
        p = OPENSSL_malloc(sizeof(*p));
Also fixed a few memset() calls that I noticed while doing this.

Reviewed-by: Richard Levitte <levitte@openssl.org>
---
 ssl/t1_enc.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'ssl/t1_enc.c')

diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 5c7fb86a70..47bab9985b 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -375,7 +375,7 @@ int tls1_change_cipher_state(SSL *s, int which)
         if (s->enc_read_ctx != NULL)
             reuse_dd = 1;
         else if ((s->enc_read_ctx =
-                  OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
+                  OPENSSL_malloc(sizeof(*s->enc_read_ctx))) == NULL)
             goto err;
         else
             /*
-- 
cgit v1.2.3