Use calloc() rather than malloc() when allocating initial CBB buffer.

CBB uses recallocarray() to expand buffers, however was still using
malloc() for the initial buffer, which could result in memory being leaked
in incorrect use cases.

While here also use calloc() to allocate internal structs.

ok inoguchi@ tb@

1 files changed, 3 insertions, 4 deletions

diff --git a/src/lib/libssl/bs_cbb.c b/src/lib/libssl/bs_cbb.c
index a34e822c94..16e17fb70f 100644
--- a/src/lib/libssl/bs_cbb.c
+++ b/src/lib/libssl/bs_cbb.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: bs_cbb.c,v 1.20 2019/01/23 22:20:40 beck Exp $        */
+/*      $OpenBSD: bs_cbb.c,v 1.21 2020/03/12 17:17:12 jsing Exp $       */
 /*
  * Copyright (c) 2014, Google Inc.
  *
@@ -28,8 +28,7 @@ cbb_init(CBB *cbb, uint8_t *buf, size_t cap)
 {
         struct cbb_buffer_st *base;
 
-        base = malloc(sizeof(struct cbb_buffer_st));
-        if (base == NULL)
+        if ((base = calloc(1, sizeof(struct cbb_buffer_st))) == NULL)
                 return 0;
 
         base->buf = buf;
@@ -53,7 +52,7 @@ CBB_init(CBB *cbb, size_t initial_capacity)
         if (initial_capacity == 0)
                 initial_capacity = CBB_INITIAL_SIZE;
 
-        if ((buf = malloc(initial_capacity)) == NULL)
+        if ((buf = calloc(1, initial_capacity)) == NULL)
                 return 0;
 
         if (!cbb_init(cbb, buf, initial_capacity)) {