diff options
| author | deraadt <> | 2014-04-21 16:34:43 +0000 |
|---|---|---|
| committer | deraadt <> | 2014-04-21 16:34:43 +0000 |
| commit | 852fcec6fe7cfa5d7c83e2f494208588dd4b4031 (patch) | |
| tree | db931d37021e7a614e9fe59092bb1351fc69273f | |
| parent | dbe50a7f3c84521e4543ad2e5292244bd0b81414 (diff) | |
| download | openbsd-852fcec6fe7cfa5d7c83e2f494208588dd4b4031.tar.gz openbsd-852fcec6fe7cfa5d7c83e2f494208588dd4b4031.tar.bz2 openbsd-852fcec6fe7cfa5d7c83e2f494208588dd4b4031.zip | |
more malloc/realloc/calloc cleanups; ok beck kettenis
27 files changed, 66 insertions, 96 deletions
diff --git a/src/lib/libssl/bio_ssl.c b/src/lib/libssl/bio_ssl.c index e88137aeca..4c5c5ac3de 100644 --- a/src/lib/libssl/bio_ssl.c +++ b/src/lib/libssl/bio_ssl.c | |||
| @@ -105,12 +105,11 @@ ssl_new(BIO *bi) | |||
| 105 | { | 105 | { |
| 106 | BIO_SSL *bs; | 106 | BIO_SSL *bs; |
| 107 | 107 | ||
| 108 | bs = (BIO_SSL *)malloc(sizeof(BIO_SSL)); | 108 | bs = calloc(1, sizeof(BIO_SSL)); |
| 109 | if (bs == NULL) { | 109 | if (bs == NULL) { |
| 110 | BIOerr(BIO_F_SSL_NEW, ERR_R_MALLOC_FAILURE); | 110 | BIOerr(BIO_F_SSL_NEW, ERR_R_MALLOC_FAILURE); |
| 111 | return (0); | 111 | return (0); |
| 112 | } | 112 | } |
| 113 | memset(bs, 0, sizeof(BIO_SSL)); | ||
| 114 | bi->init = 0; | 113 | bi->init = 0; |
| 115 | bi->ptr = (char *)bs; | 114 | bi->ptr = (char *)bs; |
| 116 | bi->flags = 0; | 115 | bi->flags = 0; |
diff --git a/src/lib/libssl/d1_both.c b/src/lib/libssl/d1_both.c index 2f7dc283a0..ae7e7b457b 100644 --- a/src/lib/libssl/d1_both.c +++ b/src/lib/libssl/d1_both.c | |||
| @@ -179,12 +179,12 @@ dtls1_hm_fragment_new(unsigned long frag_len, int reassembly) | |||
| 179 | unsigned char *buf = NULL; | 179 | unsigned char *buf = NULL; |
| 180 | unsigned char *bitmask = NULL; | 180 | unsigned char *bitmask = NULL; |
| 181 | 181 | ||
| 182 | frag = (hm_fragment *)malloc(sizeof(hm_fragment)); | 182 | frag = malloc(sizeof(hm_fragment)); |
| 183 | if (frag == NULL) | 183 | if (frag == NULL) |
| 184 | return NULL; | 184 | return NULL; |
| 185 | 185 | ||
| 186 | if (frag_len) { | 186 | if (frag_len) { |
| 187 | buf = (unsigned char *)malloc(frag_len); | 187 | buf = malloc(frag_len); |
| 188 | if (buf == NULL) { | 188 | if (buf == NULL) { |
| 189 | free(frag); | 189 | free(frag); |
| 190 | return NULL; | 190 | return NULL; |
| @@ -196,7 +196,7 @@ dtls1_hm_fragment_new(unsigned long frag_len, int reassembly) | |||
| 196 | 196 | ||
| 197 | /* Initialize reassembly bitmask if necessary */ | 197 | /* Initialize reassembly bitmask if necessary */ |
| 198 | if (reassembly) { | 198 | if (reassembly) { |
| 199 | bitmask = (unsigned char *)malloc(RSMBLY_BITMASK_SIZE(frag_len)); | 199 | bitmask = malloc(RSMBLY_BITMASK_SIZE(frag_len)); |
| 200 | if (bitmask == NULL) { | 200 | if (bitmask == NULL) { |
| 201 | if (buf != NULL) | 201 | if (buf != NULL) |
| 202 | free(buf); | 202 | free(buf); |
diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c index 6bceeea55b..cf9bc2d33e 100644 --- a/src/lib/libssl/d1_clnt.c +++ b/src/lib/libssl/d1_clnt.c | |||
| @@ -1308,9 +1308,7 @@ dtls1_send_client_key_exchange(SSL *s) | |||
| 1308 | POINT_CONVERSION_UNCOMPRESSED, | 1308 | POINT_CONVERSION_UNCOMPRESSED, |
| 1309 | NULL, 0, NULL); | 1309 | NULL, 0, NULL); |
| 1310 | 1310 | ||
| 1311 | encodedPoint = (unsigned char *) | 1311 | encodedPoint = malloc(encoded_pt_len); |
| 1312 | malloc(encoded_pt_len * | ||
| 1313 | sizeof(unsigned char)); | ||
| 1314 | 1312 | ||
| 1315 | bn_ctx = BN_CTX_new(); | 1313 | bn_ctx = BN_CTX_new(); |
| 1316 | if ((encodedPoint == NULL) || | 1314 | if ((encodedPoint == NULL) || |
diff --git a/src/lib/libssl/d1_srvr.c b/src/lib/libssl/d1_srvr.c index fc475485ba..8fa75819bb 100644 --- a/src/lib/libssl/d1_srvr.c +++ b/src/lib/libssl/d1_srvr.c | |||
| @@ -1182,8 +1182,7 @@ dtls1_send_server_key_exchange(SSL *s) | |||
| 1182 | POINT_CONVERSION_UNCOMPRESSED, | 1182 | POINT_CONVERSION_UNCOMPRESSED, |
| 1183 | NULL, 0, NULL); | 1183 | NULL, 0, NULL); |
| 1184 | 1184 | ||
| 1185 | encodedPoint = (unsigned char *) | 1185 | encodedPoint = malloc(encodedlen); |
| 1186 | malloc(encodedlen*sizeof(unsigned char)); | ||
| 1187 | 1186 | ||
| 1188 | bn_ctx = BN_CTX_new(); | 1187 | bn_ctx = BN_CTX_new(); |
| 1189 | if ((encodedPoint == NULL) || (bn_ctx == NULL)) { | 1188 | if ((encodedPoint == NULL) || (bn_ctx == NULL)) { |
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c index 10546ee848..ac1812d857 100644 --- a/src/lib/libssl/s3_clnt.c +++ b/src/lib/libssl/s3_clnt.c | |||
| @@ -2390,9 +2390,7 @@ ssl3_send_client_key_exchange(SSL *s) | |||
| 2390 | POINT_CONVERSION_UNCOMPRESSED, | 2390 | POINT_CONVERSION_UNCOMPRESSED, |
| 2391 | NULL, 0, NULL); | 2391 | NULL, 0, NULL); |
| 2392 | 2392 | ||
| 2393 | encodedPoint = | 2393 | encodedPoint = malloc(encoded_pt_len); |
| 2394 | (unsigned char *)malloc( | ||
| 2395 | encoded_pt_len * sizeof(unsigned char)); | ||
| 2396 | 2394 | ||
| 2397 | bn_ctx = BN_CTX_new(); | 2395 | bn_ctx = BN_CTX_new(); |
| 2398 | if ((encodedPoint == NULL) || | 2396 | if ((encodedPoint == NULL) || |
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c index 95e5c903ec..c79464da55 100644 --- a/src/lib/libssl/s3_lib.c +++ b/src/lib/libssl/s3_lib.c | |||
| @@ -2777,9 +2777,8 @@ ssl3_new(SSL *s) | |||
| 2777 | { | 2777 | { |
| 2778 | SSL3_STATE *s3; | 2778 | SSL3_STATE *s3; |
| 2779 | 2779 | ||
| 2780 | if ((s3 = malloc(sizeof *s3)) == NULL) | 2780 | if ((s3 = calloc(1, sizeof *s3)) == NULL) |
| 2781 | goto err; | 2781 | goto err; |
| 2782 | memset(s3, 0, sizeof *s3); | ||
| 2783 | memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num)); | 2782 | memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num)); |
| 2784 | memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num)); | 2783 | memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num)); |
| 2785 | 2784 | ||
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c index 8416eb7042..ea3137c074 100644 --- a/src/lib/libssl/s3_srvr.c +++ b/src/lib/libssl/s3_srvr.c | |||
| @@ -1736,8 +1736,7 @@ ssl3_send_server_key_exchange(SSL *s) | |||
| 1736 | POINT_CONVERSION_UNCOMPRESSED, | 1736 | POINT_CONVERSION_UNCOMPRESSED, |
| 1737 | NULL, 0, NULL); | 1737 | NULL, 0, NULL); |
| 1738 | 1738 | ||
| 1739 | encodedPoint = (unsigned char *) | 1739 | encodedPoint = malloc(encodedlen); |
| 1740 | malloc(encodedlen*sizeof(unsigned char)); | ||
| 1741 | 1740 | ||
| 1742 | bn_ctx = BN_CTX_new(); | 1741 | bn_ctx = BN_CTX_new(); |
| 1743 | if ((encodedPoint == NULL) || (bn_ctx == NULL)) { | 1742 | if ((encodedPoint == NULL) || (bn_ctx == NULL)) { |
diff --git a/src/lib/libssl/src/ssl/bio_ssl.c b/src/lib/libssl/src/ssl/bio_ssl.c index e88137aeca..4c5c5ac3de 100644 --- a/src/lib/libssl/src/ssl/bio_ssl.c +++ b/src/lib/libssl/src/ssl/bio_ssl.c | |||
| @@ -105,12 +105,11 @@ ssl_new(BIO *bi) | |||
| 105 | { | 105 | { |
| 106 | BIO_SSL *bs; | 106 | BIO_SSL *bs; |
| 107 | 107 | ||
| 108 | bs = (BIO_SSL *)malloc(sizeof(BIO_SSL)); | 108 | bs = calloc(1, sizeof(BIO_SSL)); |
| 109 | if (bs == NULL) { | 109 | if (bs == NULL) { |
| 110 | BIOerr(BIO_F_SSL_NEW, ERR_R_MALLOC_FAILURE); | 110 | BIOerr(BIO_F_SSL_NEW, ERR_R_MALLOC_FAILURE); |
| 111 | return (0); | 111 | return (0); |
| 112 | } | 112 | } |
| 113 | memset(bs, 0, sizeof(BIO_SSL)); | ||
| 114 | bi->init = 0; | 113 | bi->init = 0; |
| 115 | bi->ptr = (char *)bs; | 114 | bi->ptr = (char *)bs; |
| 116 | bi->flags = 0; | 115 | bi->flags = 0; |
diff --git a/src/lib/libssl/src/ssl/d1_both.c b/src/lib/libssl/src/ssl/d1_both.c index 2f7dc283a0..ae7e7b457b 100644 --- a/src/lib/libssl/src/ssl/d1_both.c +++ b/src/lib/libssl/src/ssl/d1_both.c | |||
| @@ -179,12 +179,12 @@ dtls1_hm_fragment_new(unsigned long frag_len, int reassembly) | |||
| 179 | unsigned char *buf = NULL; | 179 | unsigned char *buf = NULL; |
| 180 | unsigned char *bitmask = NULL; | 180 | unsigned char *bitmask = NULL; |
| 181 | 181 | ||
| 182 | frag = (hm_fragment *)malloc(sizeof(hm_fragment)); | 182 | frag = malloc(sizeof(hm_fragment)); |
| 183 | if (frag == NULL) | 183 | if (frag == NULL) |
| 184 | return NULL; | 184 | return NULL; |
| 185 | 185 | ||
| 186 | if (frag_len) { | 186 | if (frag_len) { |
| 187 | buf = (unsigned char *)malloc(frag_len); | 187 | buf = malloc(frag_len); |
| 188 | if (buf == NULL) { | 188 | if (buf == NULL) { |
| 189 | free(frag); | 189 | free(frag); |
| 190 | return NULL; | 190 | return NULL; |
| @@ -196,7 +196,7 @@ dtls1_hm_fragment_new(unsigned long frag_len, int reassembly) | |||
| 196 | 196 | ||
| 197 | /* Initialize reassembly bitmask if necessary */ | 197 | /* Initialize reassembly bitmask if necessary */ |
| 198 | if (reassembly) { | 198 | if (reassembly) { |
| 199 | bitmask = (unsigned char *)malloc(RSMBLY_BITMASK_SIZE(frag_len)); | 199 | bitmask = malloc(RSMBLY_BITMASK_SIZE(frag_len)); |
| 200 | if (bitmask == NULL) { | 200 | if (bitmask == NULL) { |
| 201 | if (buf != NULL) | 201 | if (buf != NULL) |
| 202 | free(buf); | 202 | free(buf); |
diff --git a/src/lib/libssl/src/ssl/d1_clnt.c b/src/lib/libssl/src/ssl/d1_clnt.c index 6bceeea55b..cf9bc2d33e 100644 --- a/src/lib/libssl/src/ssl/d1_clnt.c +++ b/src/lib/libssl/src/ssl/d1_clnt.c | |||
| @@ -1308,9 +1308,7 @@ dtls1_send_client_key_exchange(SSL *s) | |||
| 1308 | POINT_CONVERSION_UNCOMPRESSED, | 1308 | POINT_CONVERSION_UNCOMPRESSED, |
| 1309 | NULL, 0, NULL); | 1309 | NULL, 0, NULL); |
| 1310 | 1310 | ||
| 1311 | encodedPoint = (unsigned char *) | 1311 | encodedPoint = malloc(encoded_pt_len); |
| 1312 | malloc(encoded_pt_len * | ||
| 1313 | sizeof(unsigned char)); | ||
| 1314 | 1312 | ||
| 1315 | bn_ctx = BN_CTX_new(); | 1313 | bn_ctx = BN_CTX_new(); |
| 1316 | if ((encodedPoint == NULL) || | 1314 | if ((encodedPoint == NULL) || |
diff --git a/src/lib/libssl/src/ssl/d1_srvr.c b/src/lib/libssl/src/ssl/d1_srvr.c index fc475485ba..8fa75819bb 100644 --- a/src/lib/libssl/src/ssl/d1_srvr.c +++ b/src/lib/libssl/src/ssl/d1_srvr.c | |||
| @@ -1182,8 +1182,7 @@ dtls1_send_server_key_exchange(SSL *s) | |||
| 1182 | POINT_CONVERSION_UNCOMPRESSED, | 1182 | POINT_CONVERSION_UNCOMPRESSED, |
| 1183 | NULL, 0, NULL); | 1183 | NULL, 0, NULL); |
| 1184 | 1184 | ||
| 1185 | encodedPoint = (unsigned char *) | 1185 | encodedPoint = malloc(encodedlen); |
| 1186 | malloc(encodedlen*sizeof(unsigned char)); | ||
| 1187 | 1186 | ||
| 1188 | bn_ctx = BN_CTX_new(); | 1187 | bn_ctx = BN_CTX_new(); |
| 1189 | if ((encodedPoint == NULL) || (bn_ctx == NULL)) { | 1188 | if ((encodedPoint == NULL) || (bn_ctx == NULL)) { |
diff --git a/src/lib/libssl/src/ssl/s3_clnt.c b/src/lib/libssl/src/ssl/s3_clnt.c index 10546ee848..ac1812d857 100644 --- a/src/lib/libssl/src/ssl/s3_clnt.c +++ b/src/lib/libssl/src/ssl/s3_clnt.c | |||
| @@ -2390,9 +2390,7 @@ ssl3_send_client_key_exchange(SSL *s) | |||
| 2390 | POINT_CONVERSION_UNCOMPRESSED, | 2390 | POINT_CONVERSION_UNCOMPRESSED, |
| 2391 | NULL, 0, NULL); | 2391 | NULL, 0, NULL); |
| 2392 | 2392 | ||
| 2393 | encodedPoint = | 2393 | encodedPoint = malloc(encoded_pt_len); |
| 2394 | (unsigned char *)malloc( | ||
| 2395 | encoded_pt_len * sizeof(unsigned char)); | ||
| 2396 | 2394 | ||
| 2397 | bn_ctx = BN_CTX_new(); | 2395 | bn_ctx = BN_CTX_new(); |
| 2398 | if ((encodedPoint == NULL) || | 2396 | if ((encodedPoint == NULL) || |
diff --git a/src/lib/libssl/src/ssl/s3_enc.c b/src/lib/libssl/src/ssl/s3_enc.c index 2b02c5ba06..5a45cec1c1 100644 --- a/src/lib/libssl/src/ssl/s3_enc.c +++ b/src/lib/libssl/src/ssl/s3_enc.c | |||
| @@ -245,9 +245,10 @@ ssl3_change_cipher_state(SSL *s, int which) | |||
| 245 | reuse_dd = 1; | 245 | reuse_dd = 1; |
| 246 | else if ((s->enc_read_ctx = malloc(sizeof(EVP_CIPHER_CTX))) == NULL) | 246 | else if ((s->enc_read_ctx = malloc(sizeof(EVP_CIPHER_CTX))) == NULL) |
| 247 | goto err; | 247 | goto err; |
| 248 | else | 248 | else { |
| 249 | /* make sure it's intialized in case we exit later with an error */ | 249 | /* make sure it's intialized in case we exit later with an error */ |
| 250 | EVP_CIPHER_CTX_init(s->enc_read_ctx); | 250 | EVP_CIPHER_CTX_init(s->enc_read_ctx); |
| 251 | } | ||
| 251 | dd = s->enc_read_ctx; | 252 | dd = s->enc_read_ctx; |
| 252 | 253 | ||
| 253 | ssl_replace_hash(&s->read_hash, m); | 254 | ssl_replace_hash(&s->read_hash, m); |
| @@ -264,8 +265,7 @@ ssl3_change_cipher_state(SSL *s, int which) | |||
| 264 | goto err2; | 265 | goto err2; |
| 265 | } | 266 | } |
| 266 | if (s->s3->rrec.comp == NULL) | 267 | if (s->s3->rrec.comp == NULL) |
| 267 | s->s3->rrec.comp = (unsigned char *) | 268 | s->s3->rrec.comp = malloc(SSL3_RT_MAX_PLAIN_LENGTH); |
| 268 | malloc(SSL3_RT_MAX_PLAIN_LENGTH); | ||
| 269 | if (s->s3->rrec.comp == NULL) | 269 | if (s->s3->rrec.comp == NULL) |
| 270 | goto err; | 270 | goto err; |
| 271 | } | 271 | } |
| @@ -277,9 +277,10 @@ ssl3_change_cipher_state(SSL *s, int which) | |||
| 277 | reuse_dd = 1; | 277 | reuse_dd = 1; |
| 278 | else if ((s->enc_write_ctx = malloc(sizeof(EVP_CIPHER_CTX))) == NULL) | 278 | else if ((s->enc_write_ctx = malloc(sizeof(EVP_CIPHER_CTX))) == NULL) |
| 279 | goto err; | 279 | goto err; |
| 280 | else | 280 | else { |
| 281 | /* make sure it's intialized in case we exit later with an error */ | 281 | /* make sure it's intialized in case we exit later with an error */ |
| 282 | EVP_CIPHER_CTX_init(s->enc_write_ctx); | 282 | EVP_CIPHER_CTX_init(s->enc_write_ctx); |
| 283 | } | ||
| 283 | dd = s->enc_write_ctx; | 284 | dd = s->enc_write_ctx; |
| 284 | ssl_replace_hash(&s->write_hash, m); | 285 | ssl_replace_hash(&s->write_hash, m); |
| 285 | #ifndef OPENSSL_NO_COMP | 286 | #ifndef OPENSSL_NO_COMP |
| @@ -577,8 +578,7 @@ ssl3_digest_cached_records(SSL *s) | |||
| 577 | 578 | ||
| 578 | /* Allocate handshake_dgst array */ | 579 | /* Allocate handshake_dgst array */ |
| 579 | ssl3_free_digest_list(s); | 580 | ssl3_free_digest_list(s); |
| 580 | s->s3->handshake_dgst = malloc(SSL_MAX_DIGEST * sizeof(EVP_MD_CTX *)); | 581 | s->s3->handshake_dgst = calloc(SSL_MAX_DIGEST, sizeof(EVP_MD_CTX *)); |
| 581 | memset(s->s3->handshake_dgst, 0, SSL_MAX_DIGEST *sizeof(EVP_MD_CTX *)); | ||
| 582 | hdatalen = BIO_get_mem_data(s->s3->handshake_buffer, &hdata); | 582 | hdatalen = BIO_get_mem_data(s->s3->handshake_buffer, &hdata); |
| 583 | if (hdatalen <= 0) { | 583 | if (hdatalen <= 0) { |
| 584 | SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS, SSL_R_BAD_HANDSHAKE_LENGTH); | 584 | SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS, SSL_R_BAD_HANDSHAKE_LENGTH); |
diff --git a/src/lib/libssl/src/ssl/s3_lib.c b/src/lib/libssl/src/ssl/s3_lib.c index 95e5c903ec..c79464da55 100644 --- a/src/lib/libssl/src/ssl/s3_lib.c +++ b/src/lib/libssl/src/ssl/s3_lib.c | |||
| @@ -2777,9 +2777,8 @@ ssl3_new(SSL *s) | |||
| 2777 | { | 2777 | { |
| 2778 | SSL3_STATE *s3; | 2778 | SSL3_STATE *s3; |
| 2779 | 2779 | ||
| 2780 | if ((s3 = malloc(sizeof *s3)) == NULL) | 2780 | if ((s3 = calloc(1, sizeof *s3)) == NULL) |
| 2781 | goto err; | 2781 | goto err; |
| 2782 | memset(s3, 0, sizeof *s3); | ||
| 2783 | memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num)); | 2782 | memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num)); |
| 2784 | memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num)); | 2783 | memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num)); |
| 2785 | 2784 | ||
diff --git a/src/lib/libssl/src/ssl/s3_srvr.c b/src/lib/libssl/src/ssl/s3_srvr.c index 8416eb7042..ea3137c074 100644 --- a/src/lib/libssl/src/ssl/s3_srvr.c +++ b/src/lib/libssl/src/ssl/s3_srvr.c | |||
| @@ -1736,8 +1736,7 @@ ssl3_send_server_key_exchange(SSL *s) | |||
| 1736 | POINT_CONVERSION_UNCOMPRESSED, | 1736 | POINT_CONVERSION_UNCOMPRESSED, |
| 1737 | NULL, 0, NULL); | 1737 | NULL, 0, NULL); |
| 1738 | 1738 | ||
| 1739 | encodedPoint = (unsigned char *) | 1739 | encodedPoint = malloc(encodedlen); |
| 1740 | malloc(encodedlen*sizeof(unsigned char)); | ||
| 1741 | 1740 | ||
| 1742 | bn_ctx = BN_CTX_new(); | 1741 | bn_ctx = BN_CTX_new(); |
| 1743 | if ((encodedPoint == NULL) || (bn_ctx == NULL)) { | 1742 | if ((encodedPoint == NULL) || (bn_ctx == NULL)) { |
diff --git a/src/lib/libssl/src/ssl/ssl_cert.c b/src/lib/libssl/src/ssl/ssl_cert.c index 389d47408c..b493585c58 100644 --- a/src/lib/libssl/src/ssl/ssl_cert.c +++ b/src/lib/libssl/src/ssl/ssl_cert.c | |||
| @@ -176,13 +176,11 @@ ssl_cert_new(void) | |||
| 176 | { | 176 | { |
| 177 | CERT *ret; | 177 | CERT *ret; |
| 178 | 178 | ||
| 179 | ret = (CERT *)malloc(sizeof(CERT)); | 179 | ret = calloc(1, sizeof(CERT)); |
| 180 | if (ret == NULL) { | 180 | if (ret == NULL) { |
| 181 | SSLerr(SSL_F_SSL_CERT_NEW, ERR_R_MALLOC_FAILURE); | 181 | SSLerr(SSL_F_SSL_CERT_NEW, ERR_R_MALLOC_FAILURE); |
| 182 | return (NULL); | 182 | return (NULL); |
| 183 | } | 183 | } |
| 184 | memset(ret, 0, sizeof(CERT)); | ||
| 185 | |||
| 186 | ret->key = &(ret->pkeys[SSL_PKEY_RSA_ENC]); | 184 | ret->key = &(ret->pkeys[SSL_PKEY_RSA_ENC]); |
| 187 | ret->references = 1; | 185 | ret->references = 1; |
| 188 | ssl_cert_set_default_md(ret); | 186 | ssl_cert_set_default_md(ret); |
| @@ -195,14 +193,12 @@ ssl_cert_dup(CERT *cert) | |||
| 195 | CERT *ret; | 193 | CERT *ret; |
| 196 | int i; | 194 | int i; |
| 197 | 195 | ||
| 198 | ret = (CERT *)malloc(sizeof(CERT)); | 196 | ret = calloc(1, sizeof(CERT)); |
| 199 | if (ret == NULL) { | 197 | if (ret == NULL) { |
| 200 | SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE); | 198 | SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE); |
| 201 | return (NULL); | 199 | return (NULL); |
| 202 | } | 200 | } |
| 203 | 201 | ||
| 204 | memset(ret, 0, sizeof(CERT)); | ||
| 205 | |||
| 206 | ret->key = &ret->pkeys[cert->key - &cert->pkeys[0]]; | 202 | ret->key = &ret->pkeys[cert->key - &cert->pkeys[0]]; |
| 207 | /* or ret->key = ret->pkeys + (cert->key - cert->pkeys), | 203 | /* or ret->key = ret->pkeys + (cert->key - cert->pkeys), |
| 208 | * if you find that more readable */ | 204 | * if you find that more readable */ |
| @@ -403,13 +399,11 @@ ssl_sess_cert_new(void) | |||
| 403 | { | 399 | { |
| 404 | SESS_CERT *ret; | 400 | SESS_CERT *ret; |
| 405 | 401 | ||
| 406 | ret = malloc(sizeof *ret); | 402 | ret = calloc(1, sizeof *ret); |
| 407 | if (ret == NULL) { | 403 | if (ret == NULL) { |
| 408 | SSLerr(SSL_F_SSL_SESS_CERT_NEW, ERR_R_MALLOC_FAILURE); | 404 | SSLerr(SSL_F_SSL_SESS_CERT_NEW, ERR_R_MALLOC_FAILURE); |
| 409 | return NULL; | 405 | return NULL; |
| 410 | } | 406 | } |
| 411 | |||
| 412 | memset(ret, 0 , sizeof *ret); | ||
| 413 | ret->peer_key = &(ret->peer_pkeys[SSL_PKEY_RSA_ENC]); | 407 | ret->peer_key = &(ret->peer_pkeys[SSL_PKEY_RSA_ENC]); |
| 414 | ret->references = 1; | 408 | ret->references = 1; |
| 415 | 409 | ||
diff --git a/src/lib/libssl/src/ssl/ssl_ciph.c b/src/lib/libssl/src/ssl/ssl_ciph.c index 87b3f7a3cc..41632720be 100644 --- a/src/lib/libssl/src/ssl/ssl_ciph.c +++ b/src/lib/libssl/src/ssl/ssl_ciph.c | |||
| @@ -456,7 +456,7 @@ load_builtin_compressions(void) | |||
| 456 | MemCheck_off(); | 456 | MemCheck_off(); |
| 457 | ssl_comp_methods = sk_SSL_COMP_new(sk_comp_cmp); | 457 | ssl_comp_methods = sk_SSL_COMP_new(sk_comp_cmp); |
| 458 | if (ssl_comp_methods != NULL) { | 458 | if (ssl_comp_methods != NULL) { |
| 459 | comp = (SSL_COMP *)malloc(sizeof(SSL_COMP)); | 459 | comp = malloc(sizeof(SSL_COMP)); |
| 460 | if (comp != NULL) { | 460 | if (comp != NULL) { |
| 461 | comp->method = COMP_zlib(); | 461 | comp->method = COMP_zlib(); |
| 462 | if (comp->method && | 462 | if (comp->method && |
| @@ -1759,7 +1759,7 @@ SSL_COMP_add_compression_method(int id, COMP_METHOD *cm) | |||
| 1759 | } | 1759 | } |
| 1760 | 1760 | ||
| 1761 | MemCheck_off(); | 1761 | MemCheck_off(); |
| 1762 | comp = (SSL_COMP *)malloc(sizeof(SSL_COMP)); | 1762 | comp = malloc(sizeof(SSL_COMP)); |
| 1763 | comp->id = id; | 1763 | comp->id = id; |
| 1764 | comp->method = cm; | 1764 | comp->method = cm; |
| 1765 | load_builtin_compressions(); | 1765 | load_builtin_compressions(); |
diff --git a/src/lib/libssl/src/ssl/ssl_lib.c b/src/lib/libssl/src/ssl/ssl_lib.c index 21d6835b98..cde564cade 100644 --- a/src/lib/libssl/src/ssl/ssl_lib.c +++ b/src/lib/libssl/src/ssl/ssl_lib.c | |||
| @@ -270,10 +270,9 @@ SSL_new(SSL_CTX *ctx) | |||
| 270 | return (NULL); | 270 | return (NULL); |
| 271 | } | 271 | } |
| 272 | 272 | ||
| 273 | s = (SSL *)malloc(sizeof(SSL)); | 273 | s = calloc(1, sizeof(SSL)); |
| 274 | if (s == NULL) | 274 | if (s == NULL) |
| 275 | goto err; | 275 | goto err; |
| 276 | memset(s, 0, sizeof(SSL)); | ||
| 277 | 276 | ||
| 278 | #ifndef OPENSSL_NO_KRB5 | 277 | #ifndef OPENSSL_NO_KRB5 |
| 279 | s->kssl_ctx = kssl_ctx_new(); | 278 | s->kssl_ctx = kssl_ctx_new(); |
| @@ -1685,12 +1684,10 @@ SSL_CTX_new(const SSL_METHOD *meth) | |||
| 1685 | SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS); | 1684 | SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS); |
| 1686 | goto err; | 1685 | goto err; |
| 1687 | } | 1686 | } |
| 1688 | ret = (SSL_CTX *)malloc(sizeof(SSL_CTX)); | 1687 | ret = calloc(1, sizeof(SSL_CTX)); |
| 1689 | if (ret == NULL) | 1688 | if (ret == NULL) |
| 1690 | goto err; | 1689 | goto err; |
| 1691 | 1690 | ||
| 1692 | memset(ret, 0, sizeof(SSL_CTX)); | ||
| 1693 | |||
| 1694 | ret->method = meth; | 1691 | ret->method = meth; |
| 1695 | 1692 | ||
| 1696 | ret->cert_store = NULL; | 1693 | ret->cert_store = NULL; |
diff --git a/src/lib/libssl/src/ssl/ssl_sess.c b/src/lib/libssl/src/ssl/ssl_sess.c index c032154d48..cc8e66b49d 100644 --- a/src/lib/libssl/src/ssl/ssl_sess.c +++ b/src/lib/libssl/src/ssl/ssl_sess.c | |||
| @@ -195,12 +195,11 @@ SSL_SESSION_new(void) | |||
| 195 | { | 195 | { |
| 196 | SSL_SESSION *ss; | 196 | SSL_SESSION *ss; |
| 197 | 197 | ||
| 198 | ss = (SSL_SESSION *)malloc(sizeof(SSL_SESSION)); | 198 | ss = calloc(1, sizeof(SSL_SESSION)); |
| 199 | if (ss == NULL) { | 199 | if (ss == NULL) { |
| 200 | SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE); | 200 | SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE); |
| 201 | return (0); | 201 | return (0); |
| 202 | } | 202 | } |
| 203 | memset(ss, 0, sizeof(SSL_SESSION)); | ||
| 204 | 203 | ||
| 205 | ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */ | 204 | ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */ |
| 206 | ss->references = 1; | 205 | ss->references = 1; |
| @@ -758,7 +757,7 @@ SSL_set_session(SSL *s, SSL_SESSION *session) | |||
| 758 | #ifndef OPENSSL_NO_KRB5 | 757 | #ifndef OPENSSL_NO_KRB5 |
| 759 | if (s->kssl_ctx && !s->kssl_ctx->client_princ && | 758 | if (s->kssl_ctx && !s->kssl_ctx->client_princ && |
| 760 | session->krb5_client_princ_len > 0) { | 759 | session->krb5_client_princ_len > 0) { |
| 761 | s->kssl_ctx->client_princ = (char *)malloc(session->krb5_client_princ_len + 1); | 760 | s->kssl_ctx->client_princ = malloc(session->krb5_client_princ_len + 1); |
| 762 | memcpy(s->kssl_ctx->client_princ, session->krb5_client_princ, | 761 | memcpy(s->kssl_ctx->client_princ, session->krb5_client_princ, |
| 763 | session->krb5_client_princ_len); | 762 | session->krb5_client_princ_len); |
| 764 | s->kssl_ctx->client_princ[session->krb5_client_princ_len] = '\0'; | 763 | s->kssl_ctx->client_princ[session->krb5_client_princ_len] = '\0'; |
diff --git a/src/lib/libssl/src/ssl/t1_enc.c b/src/lib/libssl/src/ssl/t1_enc.c index 3f5df9ad7a..ac503f53ee 100644 --- a/src/lib/libssl/src/ssl/t1_enc.c +++ b/src/lib/libssl/src/ssl/t1_enc.c | |||
| @@ -593,7 +593,7 @@ tls1_setup_key_block(SSL *s) | |||
| 593 | 593 | ||
| 594 | ssl3_cleanup_key_block(s); | 594 | ssl3_cleanup_key_block(s); |
| 595 | 595 | ||
| 596 | if ((p1 = (unsigned char *)malloc(num)) == NULL) { | 596 | if ((p1 = malloc(num)) == NULL) { |
| 597 | SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, ERR_R_MALLOC_FAILURE); | 597 | SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, ERR_R_MALLOC_FAILURE); |
| 598 | goto err; | 598 | goto err; |
| 599 | } | 599 | } |
| @@ -601,7 +601,7 @@ tls1_setup_key_block(SSL *s) | |||
| 601 | s->s3->tmp.key_block_length = num; | 601 | s->s3->tmp.key_block_length = num; |
| 602 | s->s3->tmp.key_block = p1; | 602 | s->s3->tmp.key_block = p1; |
| 603 | 603 | ||
| 604 | if ((p2 = (unsigned char *)malloc(num)) == NULL) { | 604 | if ((p2 = malloc(num)) == NULL) { |
| 605 | SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, ERR_R_MALLOC_FAILURE); | 605 | SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, ERR_R_MALLOC_FAILURE); |
| 606 | goto err; | 606 | goto err; |
| 607 | } | 607 | } |
diff --git a/src/lib/libssl/src/ssl/t1_lib.c b/src/lib/libssl/src/ssl/t1_lib.c index 85d0fa4970..01ecf9479d 100644 --- a/src/lib/libssl/src/ssl/t1_lib.c +++ b/src/lib/libssl/src/ssl/t1_lib.c | |||
| @@ -506,8 +506,7 @@ ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) | |||
| 506 | if (!s->session->tlsext_tick) | 506 | if (!s->session->tlsext_tick) |
| 507 | return NULL; | 507 | return NULL; |
| 508 | memcpy(s->session->tlsext_tick, | 508 | memcpy(s->session->tlsext_tick, |
| 509 | s->tlsext_session_ticket->data, | 509 | s->tlsext_session_ticket->data, ticklen); |
| 510 | ticklen); | ||
| 511 | s->session->tlsext_ticklen = ticklen; | 510 | s->session->tlsext_ticklen = ticklen; |
| 512 | } else | 511 | } else |
| 513 | ticklen = 0; | 512 | ticklen = 0; |
| @@ -1029,7 +1028,8 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, | |||
| 1029 | *al = TLS1_AD_UNRECOGNIZED_NAME; | 1028 | *al = TLS1_AD_UNRECOGNIZED_NAME; |
| 1030 | return 0; | 1029 | return 0; |
| 1031 | } | 1030 | } |
| 1032 | if ((s->session->tlsext_hostname = malloc(len + 1)) == NULL) { | 1031 | if ((s->session->tlsext_hostname = |
| 1032 | malloc(len + 1)) == NULL) { | ||
| 1033 | *al = TLS1_AD_INTERNAL_ERROR; | 1033 | *al = TLS1_AD_INTERNAL_ERROR; |
| 1034 | return 0; | 1034 | return 0; |
| 1035 | } | 1035 | } |
| @@ -1101,7 +1101,8 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, | |||
| 1101 | s->session->tlsext_ecpointformatlist = NULL; | 1101 | s->session->tlsext_ecpointformatlist = NULL; |
| 1102 | } | 1102 | } |
| 1103 | s->session->tlsext_ecpointformatlist_length = 0; | 1103 | s->session->tlsext_ecpointformatlist_length = 0; |
| 1104 | if ((s->session->tlsext_ecpointformatlist = malloc(ecpointformatlist_length)) == NULL) { | 1104 | if ((s->session->tlsext_ecpointformatlist = |
| 1105 | malloc(ecpointformatlist_length)) == NULL) { | ||
| 1105 | *al = TLS1_AD_INTERNAL_ERROR; | 1106 | *al = TLS1_AD_INTERNAL_ERROR; |
| 1106 | return 0; | 1107 | return 0; |
| 1107 | } | 1108 | } |
| @@ -1132,7 +1133,8 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, | |||
| 1132 | return 0; | 1133 | return 0; |
| 1133 | } | 1134 | } |
| 1134 | s->session->tlsext_ellipticcurvelist_length = 0; | 1135 | s->session->tlsext_ellipticcurvelist_length = 0; |
| 1135 | if ((s->session->tlsext_ellipticcurvelist = malloc(ellipticcurvelist_length)) == NULL) { | 1136 | if ((s->session->tlsext_ellipticcurvelist = |
| 1137 | malloc(ellipticcurvelist_length)) == NULL) { | ||
| 1136 | *al = TLS1_AD_INTERNAL_ERROR; | 1138 | *al = TLS1_AD_INTERNAL_ERROR; |
| 1137 | return 0; | 1139 | return 0; |
| 1138 | } | 1140 | } |
| @@ -1423,7 +1425,8 @@ ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, int n, | |||
| 1423 | s->session->tlsext_ecpointformatlist_length = 0; | 1425 | s->session->tlsext_ecpointformatlist_length = 0; |
| 1424 | if (s->session->tlsext_ecpointformatlist != NULL) | 1426 | if (s->session->tlsext_ecpointformatlist != NULL) |
| 1425 | free(s->session->tlsext_ecpointformatlist); | 1427 | free(s->session->tlsext_ecpointformatlist); |
| 1426 | if ((s->session->tlsext_ecpointformatlist = malloc(ecpointformatlist_length)) == NULL) { | 1428 | if ((s->session->tlsext_ecpointformatlist = |
| 1429 | malloc(ecpointformatlist_length)) == NULL) { | ||
| 1427 | *al = TLS1_AD_INTERNAL_ERROR; | 1430 | *al = TLS1_AD_INTERNAL_ERROR; |
| 1428 | return 0; | 1431 | return 0; |
| 1429 | } | 1432 | } |
diff --git a/src/lib/libssl/ssl_cert.c b/src/lib/libssl/ssl_cert.c index 389d47408c..b493585c58 100644 --- a/src/lib/libssl/ssl_cert.c +++ b/src/lib/libssl/ssl_cert.c | |||
| @@ -176,13 +176,11 @@ ssl_cert_new(void) | |||
| 176 | { | 176 | { |
| 177 | CERT *ret; | 177 | CERT *ret; |
| 178 | 178 | ||
| 179 | ret = (CERT *)malloc(sizeof(CERT)); | 179 | ret = calloc(1, sizeof(CERT)); |
| 180 | if (ret == NULL) { | 180 | if (ret == NULL) { |
| 181 | SSLerr(SSL_F_SSL_CERT_NEW, ERR_R_MALLOC_FAILURE); | 181 | SSLerr(SSL_F_SSL_CERT_NEW, ERR_R_MALLOC_FAILURE); |
| 182 | return (NULL); | 182 | return (NULL); |
| 183 | } | 183 | } |
| 184 | memset(ret, 0, sizeof(CERT)); | ||
| 185 | |||
| 186 | ret->key = &(ret->pkeys[SSL_PKEY_RSA_ENC]); | 184 | ret->key = &(ret->pkeys[SSL_PKEY_RSA_ENC]); |
| 187 | ret->references = 1; | 185 | ret->references = 1; |
| 188 | ssl_cert_set_default_md(ret); | 186 | ssl_cert_set_default_md(ret); |
| @@ -195,14 +193,12 @@ ssl_cert_dup(CERT *cert) | |||
| 195 | CERT *ret; | 193 | CERT *ret; |
| 196 | int i; | 194 | int i; |
| 197 | 195 | ||
| 198 | ret = (CERT *)malloc(sizeof(CERT)); | 196 | ret = calloc(1, sizeof(CERT)); |
| 199 | if (ret == NULL) { | 197 | if (ret == NULL) { |
| 200 | SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE); | 198 | SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE); |
| 201 | return (NULL); | 199 | return (NULL); |
| 202 | } | 200 | } |
| 203 | 201 | ||
| 204 | memset(ret, 0, sizeof(CERT)); | ||
| 205 | |||
| 206 | ret->key = &ret->pkeys[cert->key - &cert->pkeys[0]]; | 202 | ret->key = &ret->pkeys[cert->key - &cert->pkeys[0]]; |
| 207 | /* or ret->key = ret->pkeys + (cert->key - cert->pkeys), | 203 | /* or ret->key = ret->pkeys + (cert->key - cert->pkeys), |
| 208 | * if you find that more readable */ | 204 | * if you find that more readable */ |
| @@ -403,13 +399,11 @@ ssl_sess_cert_new(void) | |||
| 403 | { | 399 | { |
| 404 | SESS_CERT *ret; | 400 | SESS_CERT *ret; |
| 405 | 401 | ||
| 406 | ret = malloc(sizeof *ret); | 402 | ret = calloc(1, sizeof *ret); |
| 407 | if (ret == NULL) { | 403 | if (ret == NULL) { |
| 408 | SSLerr(SSL_F_SSL_SESS_CERT_NEW, ERR_R_MALLOC_FAILURE); | 404 | SSLerr(SSL_F_SSL_SESS_CERT_NEW, ERR_R_MALLOC_FAILURE); |
| 409 | return NULL; | 405 | return NULL; |
| 410 | } | 406 | } |
| 411 | |||
| 412 | memset(ret, 0 , sizeof *ret); | ||
| 413 | ret->peer_key = &(ret->peer_pkeys[SSL_PKEY_RSA_ENC]); | 407 | ret->peer_key = &(ret->peer_pkeys[SSL_PKEY_RSA_ENC]); |
| 414 | ret->references = 1; | 408 | ret->references = 1; |
| 415 | 409 | ||
diff --git a/src/lib/libssl/ssl_ciph.c b/src/lib/libssl/ssl_ciph.c index 87b3f7a3cc..41632720be 100644 --- a/src/lib/libssl/ssl_ciph.c +++ b/src/lib/libssl/ssl_ciph.c | |||
| @@ -456,7 +456,7 @@ load_builtin_compressions(void) | |||
| 456 | MemCheck_off(); | 456 | MemCheck_off(); |
| 457 | ssl_comp_methods = sk_SSL_COMP_new(sk_comp_cmp); | 457 | ssl_comp_methods = sk_SSL_COMP_new(sk_comp_cmp); |
| 458 | if (ssl_comp_methods != NULL) { | 458 | if (ssl_comp_methods != NULL) { |
| 459 | comp = (SSL_COMP *)malloc(sizeof(SSL_COMP)); | 459 | comp = malloc(sizeof(SSL_COMP)); |
| 460 | if (comp != NULL) { | 460 | if (comp != NULL) { |
| 461 | comp->method = COMP_zlib(); | 461 | comp->method = COMP_zlib(); |
| 462 | if (comp->method && | 462 | if (comp->method && |
| @@ -1759,7 +1759,7 @@ SSL_COMP_add_compression_method(int id, COMP_METHOD *cm) | |||
| 1759 | } | 1759 | } |
| 1760 | 1760 | ||
| 1761 | MemCheck_off(); | 1761 | MemCheck_off(); |
| 1762 | comp = (SSL_COMP *)malloc(sizeof(SSL_COMP)); | 1762 | comp = malloc(sizeof(SSL_COMP)); |
| 1763 | comp->id = id; | 1763 | comp->id = id; |
| 1764 | comp->method = cm; | 1764 | comp->method = cm; |
| 1765 | load_builtin_compressions(); | 1765 | load_builtin_compressions(); |
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c index 21d6835b98..cde564cade 100644 --- a/src/lib/libssl/ssl_lib.c +++ b/src/lib/libssl/ssl_lib.c | |||
| @@ -270,10 +270,9 @@ SSL_new(SSL_CTX *ctx) | |||
| 270 | return (NULL); | 270 | return (NULL); |
| 271 | } | 271 | } |
| 272 | 272 | ||
| 273 | s = (SSL *)malloc(sizeof(SSL)); | 273 | s = calloc(1, sizeof(SSL)); |
| 274 | if (s == NULL) | 274 | if (s == NULL) |
| 275 | goto err; | 275 | goto err; |
| 276 | memset(s, 0, sizeof(SSL)); | ||
| 277 | 276 | ||
| 278 | #ifndef OPENSSL_NO_KRB5 | 277 | #ifndef OPENSSL_NO_KRB5 |
| 279 | s->kssl_ctx = kssl_ctx_new(); | 278 | s->kssl_ctx = kssl_ctx_new(); |
| @@ -1685,12 +1684,10 @@ SSL_CTX_new(const SSL_METHOD *meth) | |||
| 1685 | SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS); | 1684 | SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS); |
| 1686 | goto err; | 1685 | goto err; |
| 1687 | } | 1686 | } |
| 1688 | ret = (SSL_CTX *)malloc(sizeof(SSL_CTX)); | 1687 | ret = calloc(1, sizeof(SSL_CTX)); |
| 1689 | if (ret == NULL) | 1688 | if (ret == NULL) |
| 1690 | goto err; | 1689 | goto err; |
| 1691 | 1690 | ||
| 1692 | memset(ret, 0, sizeof(SSL_CTX)); | ||
| 1693 | |||
| 1694 | ret->method = meth; | 1691 | ret->method = meth; |
| 1695 | 1692 | ||
| 1696 | ret->cert_store = NULL; | 1693 | ret->cert_store = NULL; |
diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c index c032154d48..cc8e66b49d 100644 --- a/src/lib/libssl/ssl_sess.c +++ b/src/lib/libssl/ssl_sess.c | |||
| @@ -195,12 +195,11 @@ SSL_SESSION_new(void) | |||
| 195 | { | 195 | { |
| 196 | SSL_SESSION *ss; | 196 | SSL_SESSION *ss; |
| 197 | 197 | ||
| 198 | ss = (SSL_SESSION *)malloc(sizeof(SSL_SESSION)); | 198 | ss = calloc(1, sizeof(SSL_SESSION)); |
| 199 | if (ss == NULL) { | 199 | if (ss == NULL) { |
| 200 | SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE); | 200 | SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE); |
| 201 | return (0); | 201 | return (0); |
| 202 | } | 202 | } |
| 203 | memset(ss, 0, sizeof(SSL_SESSION)); | ||
| 204 | 203 | ||
| 205 | ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */ | 204 | ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */ |
| 206 | ss->references = 1; | 205 | ss->references = 1; |
| @@ -758,7 +757,7 @@ SSL_set_session(SSL *s, SSL_SESSION *session) | |||
| 758 | #ifndef OPENSSL_NO_KRB5 | 757 | #ifndef OPENSSL_NO_KRB5 |
| 759 | if (s->kssl_ctx && !s->kssl_ctx->client_princ && | 758 | if (s->kssl_ctx && !s->kssl_ctx->client_princ && |
| 760 | session->krb5_client_princ_len > 0) { | 759 | session->krb5_client_princ_len > 0) { |
| 761 | s->kssl_ctx->client_princ = (char *)malloc(session->krb5_client_princ_len + 1); | 760 | s->kssl_ctx->client_princ = malloc(session->krb5_client_princ_len + 1); |
| 762 | memcpy(s->kssl_ctx->client_princ, session->krb5_client_princ, | 761 | memcpy(s->kssl_ctx->client_princ, session->krb5_client_princ, |
| 763 | session->krb5_client_princ_len); | 762 | session->krb5_client_princ_len); |
| 764 | s->kssl_ctx->client_princ[session->krb5_client_princ_len] = '\0'; | 763 | s->kssl_ctx->client_princ[session->krb5_client_princ_len] = '\0'; |
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c index 3f5df9ad7a..ac503f53ee 100644 --- a/src/lib/libssl/t1_enc.c +++ b/src/lib/libssl/t1_enc.c | |||
| @@ -593,7 +593,7 @@ tls1_setup_key_block(SSL *s) | |||
| 593 | 593 | ||
| 594 | ssl3_cleanup_key_block(s); | 594 | ssl3_cleanup_key_block(s); |
| 595 | 595 | ||
| 596 | if ((p1 = (unsigned char *)malloc(num)) == NULL) { | 596 | if ((p1 = malloc(num)) == NULL) { |
| 597 | SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, ERR_R_MALLOC_FAILURE); | 597 | SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, ERR_R_MALLOC_FAILURE); |
| 598 | goto err; | 598 | goto err; |
| 599 | } | 599 | } |
| @@ -601,7 +601,7 @@ tls1_setup_key_block(SSL *s) | |||
| 601 | s->s3->tmp.key_block_length = num; | 601 | s->s3->tmp.key_block_length = num; |
| 602 | s->s3->tmp.key_block = p1; | 602 | s->s3->tmp.key_block = p1; |
| 603 | 603 | ||
| 604 | if ((p2 = (unsigned char *)malloc(num)) == NULL) { | 604 | if ((p2 = malloc(num)) == NULL) { |
| 605 | SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, ERR_R_MALLOC_FAILURE); | 605 | SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, ERR_R_MALLOC_FAILURE); |
| 606 | goto err; | 606 | goto err; |
| 607 | } | 607 | } |
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c index 85d0fa4970..01ecf9479d 100644 --- a/src/lib/libssl/t1_lib.c +++ b/src/lib/libssl/t1_lib.c | |||
| @@ -506,8 +506,7 @@ ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) | |||
| 506 | if (!s->session->tlsext_tick) | 506 | if (!s->session->tlsext_tick) |
| 507 | return NULL; | 507 | return NULL; |
| 508 | memcpy(s->session->tlsext_tick, | 508 | memcpy(s->session->tlsext_tick, |
| 509 | s->tlsext_session_ticket->data, | 509 | s->tlsext_session_ticket->data, ticklen); |
| 510 | ticklen); | ||
| 511 | s->session->tlsext_ticklen = ticklen; | 510 | s->session->tlsext_ticklen = ticklen; |
| 512 | } else | 511 | } else |
| 513 | ticklen = 0; | 512 | ticklen = 0; |
| @@ -1029,7 +1028,8 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, | |||
| 1029 | *al = TLS1_AD_UNRECOGNIZED_NAME; | 1028 | *al = TLS1_AD_UNRECOGNIZED_NAME; |
| 1030 | return 0; | 1029 | return 0; |
| 1031 | } | 1030 | } |
| 1032 | if ((s->session->tlsext_hostname = malloc(len + 1)) == NULL) { | 1031 | if ((s->session->tlsext_hostname = |
| 1032 | malloc(len + 1)) == NULL) { | ||
| 1033 | *al = TLS1_AD_INTERNAL_ERROR; | 1033 | *al = TLS1_AD_INTERNAL_ERROR; |
| 1034 | return 0; | 1034 | return 0; |
| 1035 | } | 1035 | } |
| @@ -1101,7 +1101,8 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, | |||
| 1101 | s->session->tlsext_ecpointformatlist = NULL; | 1101 | s->session->tlsext_ecpointformatlist = NULL; |
| 1102 | } | 1102 | } |
| 1103 | s->session->tlsext_ecpointformatlist_length = 0; | 1103 | s->session->tlsext_ecpointformatlist_length = 0; |
| 1104 | if ((s->session->tlsext_ecpointformatlist = malloc(ecpointformatlist_length)) == NULL) { | 1104 | if ((s->session->tlsext_ecpointformatlist = |
| 1105 | malloc(ecpointformatlist_length)) == NULL) { | ||
| 1105 | *al = TLS1_AD_INTERNAL_ERROR; | 1106 | *al = TLS1_AD_INTERNAL_ERROR; |
| 1106 | return 0; | 1107 | return 0; |
| 1107 | } | 1108 | } |
| @@ -1132,7 +1133,8 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, | |||
| 1132 | return 0; | 1133 | return 0; |
| 1133 | } | 1134 | } |
| 1134 | s->session->tlsext_ellipticcurvelist_length = 0; | 1135 | s->session->tlsext_ellipticcurvelist_length = 0; |
| 1135 | if ((s->session->tlsext_ellipticcurvelist = malloc(ellipticcurvelist_length)) == NULL) { | 1136 | if ((s->session->tlsext_ellipticcurvelist = |
| 1137 | malloc(ellipticcurvelist_length)) == NULL) { | ||
| 1136 | *al = TLS1_AD_INTERNAL_ERROR; | 1138 | *al = TLS1_AD_INTERNAL_ERROR; |
| 1137 | return 0; | 1139 | return 0; |
| 1138 | } | 1140 | } |
| @@ -1423,7 +1425,8 @@ ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, int n, | |||
| 1423 | s->session->tlsext_ecpointformatlist_length = 0; | 1425 | s->session->tlsext_ecpointformatlist_length = 0; |
| 1424 | if (s->session->tlsext_ecpointformatlist != NULL) | 1426 | if (s->session->tlsext_ecpointformatlist != NULL) |
| 1425 | free(s->session->tlsext_ecpointformatlist); | 1427 | free(s->session->tlsext_ecpointformatlist); |
| 1426 | if ((s->session->tlsext_ecpointformatlist = malloc(ecpointformatlist_length)) == NULL) { | 1428 | if ((s->session->tlsext_ecpointformatlist = |
| 1429 | malloc(ecpointformatlist_length)) == NULL) { | ||
| 1427 | *al = TLS1_AD_INTERNAL_ERROR; | 1430 | *al = TLS1_AD_INTERNAL_ERROR; |
| 1428 | return 0; | 1431 | return 0; |
| 1429 | } | 1432 | } |