diff options
author | Rich Salz <rsalz@akamai.com> | 2015-05-01 23:10:31 -0400 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2015-05-04 15:00:13 -0400 |
commit | b4faea50c35d92a67d1369355b49cc3efba78406 (patch) | |
tree | cfebea69d625f936c9fd7281f1fa3eaa2fa38834 /crypto/ec | |
parent | 8920a7cd04f43b1a090d0b0a8c9e16b94c6898d4 (diff) | |
download | openssl-b4faea50c35d92a67d1369355b49cc3efba78406.tar.gz |
Use safer sizeof variant in malloc
For a local variable:
TYPE *p;
Allocations like this are "risky":
p = OPENSSL_malloc(sizeof(TYPE));
if the type of p changes, and the malloc call isn't updated, you
could get memory corruption. Instead do this:
p = OPENSSL_malloc(sizeof(*p));
Also fixed a few memset() calls that I noticed while doing this.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'crypto/ec')
-rw-r--r-- | crypto/ec/Makefile | 11 | ||||
-rw-r--r-- | crypto/ec/ec_key.c | 3 | ||||
-rw-r--r-- | crypto/ec/ec_lib.c | 10 | ||||
-rw-r--r-- | crypto/ec/ec_mult.c | 8 | ||||
-rw-r--r-- | crypto/ec/ec_pmeth.c | 3 | ||||
-rw-r--r-- | crypto/ec/ecp_nistp224.c | 4 | ||||
-rw-r--r-- | crypto/ec/ecp_nistp256.c | 4 | ||||
-rw-r--r-- | crypto/ec/ecp_nistp521.c | 4 | ||||
-rw-r--r-- | crypto/ec/ecp_nistz256.c | 4 |
9 files changed, 26 insertions, 25 deletions
diff --git a/crypto/ec/Makefile b/crypto/ec/Makefile index 423f60bb54..ec17b3f36a 100644 --- a/crypto/ec/Makefile +++ b/crypto/ec/Makefile @@ -143,11 +143,12 @@ ec_check.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h ec_check.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h ec_check.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h ec_check.o: ../../include/openssl/symhacks.h ec_check.c ec_lcl.h -ec_curve.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -ec_curve.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -ec_curve.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -ec_curve.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -ec_curve.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h +ec_curve.o: ../../e_os.h ../../include/openssl/asn1.h +ec_curve.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +ec_curve.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h +ec_curve.o: ../../include/openssl/ec.h ../../include/openssl/err.h +ec_curve.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +ec_curve.o: ../../include/openssl/opensslconf.h ec_curve.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h ec_curve.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h ec_curve.o: ../../include/openssl/symhacks.h ec_curve.c ec_lcl.h diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c index 4c588e83aa..07c33fe733 100644 --- a/crypto/ec/ec_key.c +++ b/crypto/ec/ec_key.c @@ -67,9 +67,8 @@ EC_KEY *EC_KEY_new(void) { - EC_KEY *ret; + EC_KEY *ret = OPENSSL_malloc(sizeof(*ret)); - ret = OPENSSL_malloc(sizeof(EC_KEY)); if (ret == NULL) { ECerr(EC_F_EC_KEY_NEW, ERR_R_MALLOC_FAILURE); return (NULL); diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c index 628e8799d4..9156943e20 100644 --- a/crypto/ec/ec_lib.c +++ b/crypto/ec/ec_lib.c @@ -85,7 +85,7 @@ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth) return NULL; } - ret = OPENSSL_malloc(sizeof *ret); + ret = OPENSSL_malloc(sizeof(*ret)); if (ret == NULL) { ECerr(EC_F_EC_GROUP_NEW, ERR_R_MALLOC_FAILURE); return NULL; @@ -158,7 +158,7 @@ void EC_GROUP_clear_free(EC_GROUP *group) BN_clear_free(group->order); BN_clear_free(group->cofactor); OPENSSL_clear_free(group->seed, group->seed_len); - OPENSSL_clear_free(group, sizeof *group); + OPENSSL_clear_free(group, sizeof(*group)); } int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src) @@ -555,7 +555,7 @@ int EC_EX_DATA_set_data(EC_EXTRA_DATA **ex_data, void *data, /* no explicit entry needed */ return 1; - d = OPENSSL_malloc(sizeof *d); + d = OPENSSL_malloc(sizeof(*d)); if (d == NULL) return 0; @@ -692,7 +692,7 @@ EC_POINT *EC_POINT_new(const EC_GROUP *group) return NULL; } - ret = OPENSSL_malloc(sizeof *ret); + ret = OPENSSL_malloc(sizeof(*ret)); if (ret == NULL) { ECerr(EC_F_EC_POINT_NEW, ERR_R_MALLOC_FAILURE); return NULL; @@ -727,7 +727,7 @@ void EC_POINT_clear_free(EC_POINT *point) point->meth->point_clear_finish(point); else if (point->meth->point_finish != 0) point->meth->point_finish(point); - OPENSSL_clear_free(point, sizeof *point); + OPENSSL_clear_free(point, sizeof(*point)); } int EC_POINT_copy(EC_POINT *dest, const EC_POINT *src) diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c index bd99c82516..9b75b9b739 100644 --- a/crypto/ec/ec_mult.c +++ b/crypto/ec/ec_mult.c @@ -100,7 +100,7 @@ static EC_PRE_COMP *ec_pre_comp_new(const EC_GROUP *group) if (!group) return NULL; - ret = OPENSSL_malloc(sizeof(EC_PRE_COMP)); + ret = OPENSSL_malloc(sizeof(*ret)); if (!ret) { ECerr(EC_F_EC_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE); return ret; @@ -165,11 +165,11 @@ static void ec_pre_comp_clear_free(void *pre_) for (p = pre->points; *p != NULL; p++) { EC_POINT_clear_free(*p); - OPENSSL_cleanse(p, sizeof *p); + OPENSSL_cleanse(p, sizeof(*p)); } OPENSSL_free(pre->points); } - OPENSSL_clear_free(pre, sizeof *pre); + OPENSSL_clear_free(pre, sizeof(*pre)); } /* @@ -659,7 +659,7 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) num = pre_points_per_block * numblocks; /* number of points to compute * and store */ - points = OPENSSL_malloc(sizeof(EC_POINT *) * (num + 1)); + points = OPENSSL_malloc(sizeof(*points) * (num + 1)); if (!points) { ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_MALLOC_FAILURE); goto err; diff --git a/crypto/ec/ec_pmeth.c b/crypto/ec/ec_pmeth.c index ec27e23c68..3fbeac5789 100644 --- a/crypto/ec/ec_pmeth.c +++ b/crypto/ec/ec_pmeth.c @@ -91,7 +91,8 @@ typedef struct { static int pkey_ec_init(EVP_PKEY_CTX *ctx) { EC_PKEY_CTX *dctx; - dctx = OPENSSL_malloc(sizeof(EC_PKEY_CTX)); + + dctx = OPENSSL_malloc(sizeof(*dctx)); if (!dctx) return 0; dctx->gen_group = NULL; diff --git a/crypto/ec/ecp_nistp224.c b/crypto/ec/ecp_nistp224.c index 60a8d50925..c79e6dabe3 100644 --- a/crypto/ec/ecp_nistp224.c +++ b/crypto/ec/ecp_nistp224.c @@ -1200,7 +1200,7 @@ static void batch_mul(felem x_out, felem y_out, felem z_out, static NISTP224_PRE_COMP *nistp224_pre_comp_new() { NISTP224_PRE_COMP *ret = NULL; - ret = OPENSSL_malloc(sizeof *ret); + ret = OPENSSL_malloc(sizeof(*ret)); if (!ret) { ECerr(EC_F_NISTP224_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE); return ret; @@ -1247,7 +1247,7 @@ static void nistp224_pre_comp_clear_free(void *pre_) if (i > 0) return; - OPENSSL_clear_free(pre, sizeof *pre); + OPENSSL_clear_free(pre, sizeof(*pre)); } /******************************************************************************/ diff --git a/crypto/ec/ecp_nistp256.c b/crypto/ec/ecp_nistp256.c index c9f073b616..6ec569282c 100644 --- a/crypto/ec/ecp_nistp256.c +++ b/crypto/ec/ecp_nistp256.c @@ -1815,7 +1815,7 @@ const EC_METHOD *EC_GFp_nistp256_method(void) static NISTP256_PRE_COMP *nistp256_pre_comp_new() { NISTP256_PRE_COMP *ret = NULL; - ret = OPENSSL_malloc(sizeof *ret); + ret = OPENSSL_malloc(sizeof(*ret)); if (!ret) { ECerr(EC_F_NISTP256_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE); return ret; @@ -1862,7 +1862,7 @@ static void nistp256_pre_comp_clear_free(void *pre_) if (i > 0) return; - OPENSSL_clear_free(pre, sizeof *pre); + OPENSSL_clear_free(pre, sizeof(*pre)); } /******************************************************************************/ diff --git a/crypto/ec/ecp_nistp521.c b/crypto/ec/ecp_nistp521.c index bdfd57662f..e208a83113 100644 --- a/crypto/ec/ecp_nistp521.c +++ b/crypto/ec/ecp_nistp521.c @@ -1643,8 +1643,8 @@ const EC_METHOD *EC_GFp_nistp521_method(void) static NISTP521_PRE_COMP *nistp521_pre_comp_new() { - NISTP521_PRE_COMP *ret = NULL; - ret = OPENSSL_malloc(sizeof(NISTP521_PRE_COMP)); + NISTP521_PRE_COMP *ret = OPENSSL_malloc(sizeof(*ret)); + if (!ret) { ECerr(EC_F_NISTP521_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE); return ret; diff --git a/crypto/ec/ecp_nistz256.c b/crypto/ec/ecp_nistz256.c index e73d26cf7d..83f0c6fdfd 100644 --- a/crypto/ec/ecp_nistz256.c +++ b/crypto/ec/ecp_nistz256.c @@ -1408,7 +1408,7 @@ static EC_PRE_COMP *ecp_nistz256_pre_comp_new(const EC_GROUP *group) if (!group) return NULL; - ret = OPENSSL_malloc(sizeof(EC_PRE_COMP)); + ret = OPENSSL_malloc(sizeof(*ret)); if (!ret) { ECerr(EC_F_ECP_NISTZ256_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE); @@ -1463,7 +1463,7 @@ static void ecp_nistz256_pre_comp_clear_free(void *pre_) OPENSSL_clear_free(pre->precomp, 32 * sizeof(unsigned char) * (1 << pre->w) * 2 * 37); - OPENSSL_clear_free(pre, sizeof *pre); + OPENSSL_clear_free(pre, sizeof(*pre)); } static int ecp_nistz256_window_have_precompute_mult(const EC_GROUP *group) |