Use safer sizeof variant in malloc

For a local variable: TYPE *p; Allocations like this are "risky": p = OPENSSL_malloc(sizeof(TYPE)); if the type of p changes, and the malloc call isn't updated, you could get memory corruption. Instead do this: p = OPENSSL_malloc(sizeof(*p)); Also fixed a few memset() calls that I noticed while doing this. Reviewed-by: Richard Levitte <levitte@openssl.org>
author: Rich Salz <rsalz@akamai.com> 2015-05-01 23:10:31 -0400
committer: Rich Salz <rsalz@openssl.org> 2015-05-04 15:00:13 -0400
commit: b4faea50c35d92a67d1369355b49cc3efba78406 (patch)
tree: cfebea69d625f936c9fd7281f1fa3eaa2fa38834 /crypto/evp/evp_pbe.c
parent: 8920a7cd04f43b1a090d0b0a8c9e16b94c6898d4 (diff)
download: openssl-b4faea50c35d92a67d1369355b49cc3efba78406.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/crypto/evp/evp_pbe.c b/crypto/evp/evp_pbe.c
index 6128a73620..0f325076d4 100644
--- a/crypto/evp/evp_pbe.c
+++ b/crypto/evp/evp_pbe.c
@@ -226,9 +226,10 @@ int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid,
                          int md_nid, EVP_PBE_KEYGEN *keygen)
 {
     EVP_PBE_CTL *pbe_tmp;
+
     if (!pbe_algs)
         pbe_algs = sk_EVP_PBE_CTL_new(pbe_cmp);
-    if (!(pbe_tmp = OPENSSL_malloc(sizeof(EVP_PBE_CTL)))) {
+    if (!(pbe_tmp = OPENSSL_malloc(sizeof(*pbe_tmp)))) {
         EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE, ERR_R_MALLOC_FAILURE);
         return 0;
     }
author	Rich Salz <rsalz@akamai.com>	2015-05-01 23:10:31 -0400
committer	Rich Salz <rsalz@openssl.org>	2015-05-04 15:00:13 -0400
commit	b4faea50c35d92a67d1369355b49cc3efba78406 (patch)
tree	cfebea69d625f936c9fd7281f1fa3eaa2fa38834 /crypto/evp/evp_pbe.c
parent	8920a7cd04f43b1a090d0b0a8c9e16b94c6898d4 (diff)
download	openssl-b4faea50c35d92a67d1369355b49cc3efba78406.tar.gz