summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/lib/libcrypto/asn1/a_set.c2
-rw-r--r--src/lib/libcrypto/asn1/tasn_enc.c2
-rw-r--r--src/lib/libcrypto/bn/bn_ctx.c4
-rw-r--r--src/lib/libcrypto/bn/bn_gf2m.c10
-rw-r--r--src/lib/libcrypto/bn/bn_lib.c4
-rw-r--r--src/lib/libcrypto/bn/bn_print.c2
-rw-r--r--src/lib/libcrypto/ec/ec_mult.c14
-rw-r--r--src/lib/libcrypto/ec/ecp_nistp224.c3
-rw-r--r--src/lib/libcrypto/ec/ecp_nistp256.c7
-rw-r--r--src/lib/libcrypto/ec/ecp_nistp521.c7
-rw-r--r--src/lib/libcrypto/ec/ecp_smpl.c2
-rw-r--r--src/lib/libcrypto/engine/eng_rsax.c2
-rw-r--r--src/lib/libcrypto/ex_data.c6
-rw-r--r--src/lib/libcrypto/lhash/lhash.c2
-rw-r--r--src/lib/libcrypto/objects/o_names.c3
-rw-r--r--src/lib/libcrypto/objects/obj_xref.c2
-rw-r--r--src/lib/libcrypto/pem/pem_lib.c2
-rw-r--r--src/lib/libcrypto/pem/pem_seal.c4
-rw-r--r--src/lib/libcrypto/srp/srp_lib.c2
-rw-r--r--src/lib/libcrypto/srp/srp_vfy.c4
-rw-r--r--src/lib/libcrypto/txt_db/txt_db.c4
-rw-r--r--src/lib/libcrypto/x509/x509spki.c2
-rw-r--r--src/lib/libcrypto/x509v3/pcy_tree.c2
-rw-r--r--src/lib/libssl/src/apps/apps.c8
-rw-r--r--src/lib/libssl/src/apps/ca.c4
-rw-r--r--src/lib/libssl/src/apps/ecparam.c2
-rw-r--r--src/lib/libssl/src/apps/rsautl.c2
-rw-r--r--src/lib/libssl/src/apps/speed.c2
-rw-r--r--src/lib/libssl/src/crypto/asn1/a_set.c2
-rw-r--r--src/lib/libssl/src/crypto/asn1/tasn_enc.c2
-rw-r--r--src/lib/libssl/src/crypto/bn/bn_ctx.c4
-rw-r--r--src/lib/libssl/src/crypto/bn/bn_gf2m.c10
-rw-r--r--src/lib/libssl/src/crypto/bn/bn_lib.c4
-rw-r--r--src/lib/libssl/src/crypto/bn/bn_print.c2
-rw-r--r--src/lib/libssl/src/crypto/ec/ec_mult.c14
-rw-r--r--src/lib/libssl/src/crypto/ec/ecp_nistp224.c3
-rw-r--r--src/lib/libssl/src/crypto/ec/ecp_nistp256.c7
-rw-r--r--src/lib/libssl/src/crypto/ec/ecp_nistp521.c7
-rw-r--r--src/lib/libssl/src/crypto/ec/ecp_smpl.c2
-rw-r--r--src/lib/libssl/src/crypto/engine/eng_rsax.c2
-rw-r--r--src/lib/libssl/src/crypto/ex_data.c6
-rw-r--r--src/lib/libssl/src/crypto/lhash/lhash.c2
-rw-r--r--src/lib/libssl/src/crypto/objects/o_names.c3
-rw-r--r--src/lib/libssl/src/crypto/objects/obj_xref.c2
-rw-r--r--src/lib/libssl/src/crypto/pem/pem_lib.c2
-rw-r--r--src/lib/libssl/src/crypto/pem/pem_seal.c4
-rw-r--r--src/lib/libssl/src/crypto/srp/srp_lib.c2
-rw-r--r--src/lib/libssl/src/crypto/srp/srp_vfy.c4
-rw-r--r--src/lib/libssl/src/crypto/txt_db/txt_db.c4
-rw-r--r--src/lib/libssl/src/crypto/x509/x509spki.c2
-rw-r--r--src/lib/libssl/src/crypto/x509v3/pcy_tree.c2
51 files changed, 109 insertions, 93 deletions
diff --git a/src/lib/libcrypto/asn1/a_set.c b/src/lib/libcrypto/asn1/a_set.c
index 3aeb7e54ff..8101f7722d 100644
--- a/src/lib/libcrypto/asn1/a_set.c
+++ b/src/lib/libcrypto/asn1/a_set.c
@@ -121,7 +121,7 @@ i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp, i2d_of_void *i2d,
121 121
122 pStart = p; /* Catch the beg of Setblobs*/ 122 pStart = p; /* Catch the beg of Setblobs*/
123 /* In this array we will store the SET blobs */ 123 /* In this array we will store the SET blobs */
124 rgSetBlob = malloc(sk_OPENSSL_BLOCK_num(a) * sizeof(MYBLOB)); 124 rgSetBlob = reallocarray(NULL, sk_OPENSSL_BLOCK_num(a), sizeof(MYBLOB));
125 if (rgSetBlob == NULL) { 125 if (rgSetBlob == NULL) {
126 ASN1err(ASN1_F_I2D_ASN1_SET, ERR_R_MALLOC_FAILURE); 126 ASN1err(ASN1_F_I2D_ASN1_SET, ERR_R_MALLOC_FAILURE);
127 return 0; 127 return 0;
diff --git a/src/lib/libcrypto/asn1/tasn_enc.c b/src/lib/libcrypto/asn1/tasn_enc.c
index f5fc8820f6..cfceabe5a9 100644
--- a/src/lib/libcrypto/asn1/tasn_enc.c
+++ b/src/lib/libcrypto/asn1/tasn_enc.c
@@ -435,7 +435,7 @@ asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out, int skcontlen,
435 if (sk_ASN1_VALUE_num(sk) < 2) 435 if (sk_ASN1_VALUE_num(sk) < 2)
436 do_sort = 0; 436 do_sort = 0;
437 else { 437 else {
438 derlst = malloc(sk_ASN1_VALUE_num(sk) * 438 derlst = reallocarray(NULL, sk_ASN1_VALUE_num(sk),
439 sizeof(*derlst)); 439 sizeof(*derlst));
440 tmpdat = malloc(skcontlen); 440 tmpdat = malloc(skcontlen);
441 if (!derlst || !tmpdat) { 441 if (!derlst || !tmpdat) {
diff --git a/src/lib/libcrypto/bn/bn_ctx.c b/src/lib/libcrypto/bn/bn_ctx.c
index 7407dade50..2368e25183 100644
--- a/src/lib/libcrypto/bn/bn_ctx.c
+++ b/src/lib/libcrypto/bn/bn_ctx.c
@@ -349,8 +349,8 @@ BN_STACK_push(BN_STACK *st, unsigned int idx)
349 { 349 {
350 unsigned int newsize = (st->size ? 350 unsigned int newsize = (st->size ?
351 (st->size * 3 / 2) : BN_CTX_START_FRAMES); 351 (st->size * 3 / 2) : BN_CTX_START_FRAMES);
352 unsigned int *newitems = malloc(newsize * 352 unsigned int *newitems = reallocarray(NULL,
353 sizeof(unsigned int)); 353 newsize, sizeof(unsigned int));
354 if (!newitems) 354 if (!newitems)
355 return 0; 355 return 0;
356 if (st->depth) 356 if (st->depth)
diff --git a/src/lib/libcrypto/bn/bn_gf2m.c b/src/lib/libcrypto/bn/bn_gf2m.c
index 4000fb8733..4bd50924d3 100644
--- a/src/lib/libcrypto/bn/bn_gf2m.c
+++ b/src/lib/libcrypto/bn/bn_gf2m.c
@@ -547,7 +547,7 @@ BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *p,
547 bn_check_top(a); 547 bn_check_top(a);
548 bn_check_top(b); 548 bn_check_top(b);
549 bn_check_top(p); 549 bn_check_top(p);
550 if ((arr = (int *)malloc(sizeof(int) * max)) == NULL) 550 if ((arr = reallocarray(NULL, sizeof(int), max)) == NULL)
551 goto err; 551 goto err;
552 ret = BN_GF2m_poly2arr(p, arr, max); 552 ret = BN_GF2m_poly2arr(p, arr, max);
553 if (!ret || ret > max) { 553 if (!ret || ret > max) {
@@ -609,7 +609,7 @@ BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
609 609
610 bn_check_top(a); 610 bn_check_top(a);
611 bn_check_top(p); 611 bn_check_top(p);
612 if ((arr = (int *)malloc(sizeof(int) * max)) == NULL) 612 if ((arr = reallocarray(NULL, sizeof(int), max)) == NULL)
613 goto err; 613 goto err;
614 ret = BN_GF2m_poly2arr(p, arr, max); 614 ret = BN_GF2m_poly2arr(p, arr, max);
615 if (!ret || ret > max) { 615 if (!ret || ret > max) {
@@ -1037,7 +1037,7 @@ BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *p,
1037 bn_check_top(a); 1037 bn_check_top(a);
1038 bn_check_top(b); 1038 bn_check_top(b);
1039 bn_check_top(p); 1039 bn_check_top(p);
1040 if ((arr = (int *)malloc(sizeof(int) * max)) == NULL) 1040 if ((arr = reallocarray(NULL, sizeof(int), max)) == NULL)
1041 goto err; 1041 goto err;
1042 ret = BN_GF2m_poly2arr(p, arr, max); 1042 ret = BN_GF2m_poly2arr(p, arr, max);
1043 if (!ret || ret > max) { 1043 if (!ret || ret > max) {
@@ -1099,7 +1099,7 @@ BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
1099 int *arr = NULL; 1099 int *arr = NULL;
1100 bn_check_top(a); 1100 bn_check_top(a);
1101 bn_check_top(p); 1101 bn_check_top(p);
1102 if ((arr = (int *)malloc(sizeof(int) * max)) == NULL) 1102 if ((arr = reallocarray(NULL, sizeof(int), max)) == NULL)
1103 goto err; 1103 goto err;
1104 ret = BN_GF2m_poly2arr(p, arr, max); 1104 ret = BN_GF2m_poly2arr(p, arr, max);
1105 if (!ret || ret > max) { 1105 if (!ret || ret > max) {
@@ -1234,7 +1234,7 @@ BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
1234 1234
1235 bn_check_top(a); 1235 bn_check_top(a);
1236 bn_check_top(p); 1236 bn_check_top(p);
1237 if ((arr = (int *)malloc(sizeof(int) * max)) == NULL) 1237 if ((arr = reallocarray(NULL, sizeof(int), max)) == NULL)
1238 goto err; 1238 goto err;
1239 ret = BN_GF2m_poly2arr(p, arr, max); 1239 ret = BN_GF2m_poly2arr(p, arr, max);
1240 if (!ret || ret > max) { 1240 if (!ret || ret > max) {
diff --git a/src/lib/libcrypto/bn/bn_lib.c b/src/lib/libcrypto/bn/bn_lib.c
index a3a96662e8..28489f8181 100644
--- a/src/lib/libcrypto/bn/bn_lib.c
+++ b/src/lib/libcrypto/bn/bn_lib.c
@@ -245,7 +245,7 @@ BN_new(void)
245{ 245{
246 BIGNUM *ret; 246 BIGNUM *ret;
247 247
248 if ((ret = (BIGNUM *)malloc(sizeof(BIGNUM))) == NULL) { 248 if ((ret = malloc(sizeof(BIGNUM))) == NULL) {
249 BNerr(BN_F_BN_NEW, ERR_R_MALLOC_FAILURE); 249 BNerr(BN_F_BN_NEW, ERR_R_MALLOC_FAILURE);
250 return (NULL); 250 return (NULL);
251 } 251 }
@@ -278,7 +278,7 @@ bn_expand_internal(const BIGNUM *b, int words)
278 BN_R_EXPAND_ON_STATIC_BIGNUM_DATA); 278 BN_R_EXPAND_ON_STATIC_BIGNUM_DATA);
279 return (NULL); 279 return (NULL);
280 } 280 }
281 a = A = (BN_ULONG *)malloc(sizeof(BN_ULONG)*words); 281 a = A = reallocarray(NULL, sizeof(BN_ULONG), words);
282 if (A == NULL) { 282 if (A == NULL) {
283 BNerr(BN_F_BN_EXPAND_INTERNAL, ERR_R_MALLOC_FAILURE); 283 BNerr(BN_F_BN_EXPAND_INTERNAL, ERR_R_MALLOC_FAILURE);
284 return (NULL); 284 return (NULL);
diff --git a/src/lib/libcrypto/bn/bn_print.c b/src/lib/libcrypto/bn/bn_print.c
index 3a0fb25369..ea5fa5c3da 100644
--- a/src/lib/libcrypto/bn/bn_print.c
+++ b/src/lib/libcrypto/bn/bn_print.c
@@ -116,7 +116,7 @@ BN_bn2dec(const BIGNUM *a)
116 */ 116 */
117 i = BN_num_bits(a) * 3; 117 i = BN_num_bits(a) * 3;
118 num = (i / 10 + i / 1000 + 1) + 1; 118 num = (i / 10 + i / 1000 + 1) + 1;
119 bn_data = (BN_ULONG *)malloc((num / BN_DEC_NUM + 1) * sizeof(BN_ULONG)); 119 bn_data = reallocarray(NULL, num / BN_DEC_NUM + 1, sizeof(BN_ULONG));
120 buf = (char *)malloc(num + 3); 120 buf = (char *)malloc(num + 3);
121 if ((buf == NULL) || (bn_data == NULL)) { 121 if ((buf == NULL) || (bn_data == NULL)) {
122 BNerr(BN_F_BN_BN2DEC, ERR_R_MALLOC_FAILURE); 122 BNerr(BN_F_BN_BN2DEC, ERR_R_MALLOC_FAILURE);
diff --git a/src/lib/libcrypto/ec/ec_mult.c b/src/lib/libcrypto/ec/ec_mult.c
index c0525c4940..b3bd34d82d 100644
--- a/src/lib/libcrypto/ec/ec_mult.c
+++ b/src/lib/libcrypto/ec/ec_mult.c
@@ -425,11 +425,11 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
425 } 425 }
426 totalnum = num + numblocks; 426 totalnum = num + numblocks;
427 427
428 wsize = malloc(totalnum * sizeof wsize[0]); 428 wsize = reallocarray(NULL, totalnum, sizeof wsize[0]);
429 wNAF_len = malloc(totalnum * sizeof wNAF_len[0]); 429 wNAF_len = reallocarray(NULL, totalnum, sizeof wNAF_len[0]);
430 wNAF = malloc((totalnum + 1) * sizeof wNAF[0]); /* includes space for 430 /* includes space for pivot */
431 * pivot */ 431 wNAF = reallocarray(NULL, (totalnum + 1), sizeof wNAF[0]);
432 val_sub = malloc(totalnum * sizeof val_sub[0]); 432 val_sub = reallocarray(NULL, totalnum, sizeof val_sub[0]);
433 433
434 if (!wsize || !wNAF_len || !wNAF || !val_sub) { 434 if (!wsize || !wNAF_len || !wNAF || !val_sub) {
435 ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE); 435 ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
@@ -573,7 +573,7 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
573 * to a subarray of 'pre_comp->points' if we already have 573 * to a subarray of 'pre_comp->points' if we already have
574 * precomputation. 574 * precomputation.
575 */ 575 */
576 val = malloc((num_val + 1) * sizeof val[0]); 576 val = reallocarray(NULL, (num_val + 1), sizeof val[0]);
577 if (val == NULL) { 577 if (val == NULL) {
578 ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE); 578 ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
579 goto err; 579 goto err;
@@ -790,7 +790,7 @@ ec_wNAF_precompute_mult(EC_GROUP * group, BN_CTX * ctx)
790 num = pre_points_per_block * numblocks; /* number of points to 790 num = pre_points_per_block * numblocks; /* number of points to
791 * compute and store */ 791 * compute and store */
792 792
793 points = malloc(sizeof(EC_POINT *) * (num + 1)); 793 points = reallocarray(NULL, sizeof(EC_POINT *), (num + 1));
794 if (!points) { 794 if (!points) {
795 ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_MALLOC_FAILURE); 795 ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_MALLOC_FAILURE);
796 goto err; 796 goto err;
diff --git a/src/lib/libcrypto/ec/ecp_nistp224.c b/src/lib/libcrypto/ec/ecp_nistp224.c
index 53aced54d5..6e9b9fac3c 100644
--- a/src/lib/libcrypto/ec/ecp_nistp224.c
+++ b/src/lib/libcrypto/ec/ecp_nistp224.c
@@ -1438,7 +1438,8 @@ ec_GFp_nistp224_points_mul(const EC_GROUP * group, EC_POINT * r,
1438 secrets = calloc(num_points, sizeof(felem_bytearray)); 1438 secrets = calloc(num_points, sizeof(felem_bytearray));
1439 pre_comp = calloc(num_points, 17 * 3 * sizeof(felem)); 1439 pre_comp = calloc(num_points, 17 * 3 * sizeof(felem));
1440 if (mixed) 1440 if (mixed)
1441 tmp_felems = malloc((num_points * 17 + 1) * sizeof(felem)); 1441 tmp_felems = reallocarray(NULL,
1442 (num_points * 17 + 1), sizeof(felem));
1442 if ((secrets == NULL) || (pre_comp == NULL) || (mixed && (tmp_felems == NULL))) { 1443 if ((secrets == NULL) || (pre_comp == NULL) || (mixed && (tmp_felems == NULL))) {
1443 ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_MALLOC_FAILURE); 1444 ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_MALLOC_FAILURE);
1444 goto err; 1445 goto err;
diff --git a/src/lib/libcrypto/ec/ecp_nistp256.c b/src/lib/libcrypto/ec/ecp_nistp256.c
index df80cc2b8a..b2398e106c 100644
--- a/src/lib/libcrypto/ec/ecp_nistp256.c
+++ b/src/lib/libcrypto/ec/ecp_nistp256.c
@@ -1987,8 +1987,11 @@ ec_GFp_nistp256_points_mul(const EC_GROUP * group, EC_POINT * r,
1987 } 1987 }
1988 secrets = calloc(num_points, sizeof(felem_bytearray)); 1988 secrets = calloc(num_points, sizeof(felem_bytearray));
1989 pre_comp = calloc(num_points, 17 * 3 * sizeof(smallfelem)); 1989 pre_comp = calloc(num_points, 17 * 3 * sizeof(smallfelem));
1990 if (mixed) 1990 if (mixed) {
1991 tmp_smallfelems = malloc((num_points * 17 + 1) * sizeof(smallfelem)); 1991 /* XXX should do more int overflow checking */
1992 tmp_smallfelems = reallocarray(NULL,
1993 (num_points * 17 + 1), sizeof(smallfelem));
1994 }
1992 if ((secrets == NULL) || (pre_comp == NULL) || (mixed && (tmp_smallfelems == NULL))) { 1995 if ((secrets == NULL) || (pre_comp == NULL) || (mixed && (tmp_smallfelems == NULL))) {
1993 ECerr(EC_F_EC_GFP_NISTP256_POINTS_MUL, ERR_R_MALLOC_FAILURE); 1996 ECerr(EC_F_EC_GFP_NISTP256_POINTS_MUL, ERR_R_MALLOC_FAILURE);
1994 goto err; 1997 goto err;
diff --git a/src/lib/libcrypto/ec/ecp_nistp521.c b/src/lib/libcrypto/ec/ecp_nistp521.c
index 6792c5b71d..083e017cdc 100644
--- a/src/lib/libcrypto/ec/ecp_nistp521.c
+++ b/src/lib/libcrypto/ec/ecp_nistp521.c
@@ -1874,8 +1874,11 @@ ec_GFp_nistp521_points_mul(const EC_GROUP * group, EC_POINT * r,
1874 } 1874 }
1875 secrets = calloc(num_points, sizeof(felem_bytearray)); 1875 secrets = calloc(num_points, sizeof(felem_bytearray));
1876 pre_comp = calloc(num_points, 17 * 3 * sizeof(felem)); 1876 pre_comp = calloc(num_points, 17 * 3 * sizeof(felem));
1877 if (mixed) 1877 if (mixed) {
1878 tmp_felems = malloc((num_points * 17 + 1) * sizeof(felem)); 1878 /* XXX should do more int overflow checking */
1879 tmp_felems = reallocarray(NULL,
1880 (num_points * 17 + 1), sizeof(felem));
1881 }
1879 if ((secrets == NULL) || (pre_comp == NULL) || (mixed && (tmp_felems == NULL))) { 1882 if ((secrets == NULL) || (pre_comp == NULL) || (mixed && (tmp_felems == NULL))) {
1880 ECerr(EC_F_EC_GFP_NISTP521_POINTS_MUL, ERR_R_MALLOC_FAILURE); 1883 ECerr(EC_F_EC_GFP_NISTP521_POINTS_MUL, ERR_R_MALLOC_FAILURE);
1881 goto err; 1884 goto err;
diff --git a/src/lib/libcrypto/ec/ecp_smpl.c b/src/lib/libcrypto/ec/ecp_smpl.c
index b87410120d..46783a47a8 100644
--- a/src/lib/libcrypto/ec/ecp_smpl.c
+++ b/src/lib/libcrypto/ec/ecp_smpl.c
@@ -1257,7 +1257,7 @@ ec_GFp_simple_points_make_affine(const EC_GROUP * group, size_t num, EC_POINT *
1257 */ 1257 */
1258 pow2 <<= 1; 1258 pow2 <<= 1;
1259 1259
1260 heap = malloc(pow2 * sizeof heap[0]); 1260 heap = reallocarray(NULL, pow2, sizeof heap[0]);
1261 if (heap == NULL) 1261 if (heap == NULL)
1262 goto err; 1262 goto err;
1263 1263
diff --git a/src/lib/libcrypto/engine/eng_rsax.c b/src/lib/libcrypto/engine/eng_rsax.c
index 1b15b6f1a3..0f8e1cd498 100644
--- a/src/lib/libcrypto/engine/eng_rsax.c
+++ b/src/lib/libcrypto/engine/eng_rsax.c
@@ -268,7 +268,7 @@ static E_RSAX_MOD_CTX *e_rsax_get_ctx(RSA *rsa, int idx, BIGNUM* m)
268 268
269 hptr = RSA_get_ex_data(rsa, rsax_ex_data_idx); 269 hptr = RSA_get_ex_data(rsa, rsax_ex_data_idx);
270 if (!hptr) { 270 if (!hptr) {
271 hptr = malloc(3*sizeof(E_RSAX_MOD_CTX)); 271 hptr = reallocarray(NULL, 3, sizeof(E_RSAX_MOD_CTX));
272 if (!hptr) return NULL; 272 if (!hptr) return NULL;
273 hptr[2].type = hptr[1].type= hptr[0].type = 0; 273 hptr[2].type = hptr[1].type= hptr[0].type = 0;
274 RSA_set_ex_data(rsa, rsax_ex_data_idx, hptr); 274 RSA_set_ex_data(rsa, rsax_ex_data_idx, hptr);
diff --git a/src/lib/libcrypto/ex_data.c b/src/lib/libcrypto/ex_data.c
index d8d25d320e..5cd01c72d1 100644
--- a/src/lib/libcrypto/ex_data.c
+++ b/src/lib/libcrypto/ex_data.c
@@ -424,7 +424,7 @@ int_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
424 CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA); 424 CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA);
425 mx = sk_CRYPTO_EX_DATA_FUNCS_num(item->meth); 425 mx = sk_CRYPTO_EX_DATA_FUNCS_num(item->meth);
426 if (mx > 0) { 426 if (mx > 0) {
427 storage = malloc(mx * sizeof(CRYPTO_EX_DATA_FUNCS*)); 427 storage = reallocarray(NULL, mx, sizeof(CRYPTO_EX_DATA_FUNCS*));
428 if (!storage) 428 if (!storage)
429 goto skip; 429 goto skip;
430 for (i = 0; i < mx; i++) 430 for (i = 0; i < mx; i++)
@@ -468,7 +468,7 @@ int_dup_ex_data(int class_index, CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from)
468 if (j < mx) 468 if (j < mx)
469 mx = j; 469 mx = j;
470 if (mx > 0) { 470 if (mx > 0) {
471 storage = malloc(mx * sizeof(CRYPTO_EX_DATA_FUNCS*)); 471 storage = reallocarray(NULL, mx, sizeof(CRYPTO_EX_DATA_FUNCS*));
472 if (!storage) 472 if (!storage)
473 goto skip; 473 goto skip;
474 for (i = 0; i < mx; i++) 474 for (i = 0; i < mx; i++)
@@ -505,7 +505,7 @@ int_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
505 CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA); 505 CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA);
506 mx = sk_CRYPTO_EX_DATA_FUNCS_num(item->meth); 506 mx = sk_CRYPTO_EX_DATA_FUNCS_num(item->meth);
507 if (mx > 0) { 507 if (mx > 0) {
508 storage = malloc(mx * sizeof(CRYPTO_EX_DATA_FUNCS*)); 508 storage = reallocarray(NULL, mx, sizeof(CRYPTO_EX_DATA_FUNCS*));
509 if (!storage) 509 if (!storage)
510 goto skip; 510 goto skip;
511 for (i = 0; i < mx; i++) 511 for (i = 0; i < mx; i++)
diff --git a/src/lib/libcrypto/lhash/lhash.c b/src/lib/libcrypto/lhash/lhash.c
index ad24a7726b..e75a43f506 100644
--- a/src/lib/libcrypto/lhash/lhash.c
+++ b/src/lib/libcrypto/lhash/lhash.c
@@ -119,7 +119,7 @@ lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c)
119 119
120 if ((ret = malloc(sizeof(_LHASH))) == NULL) 120 if ((ret = malloc(sizeof(_LHASH))) == NULL)
121 goto err0; 121 goto err0;
122 if ((ret->b = malloc(sizeof(LHASH_NODE *) * MIN_NODES)) == NULL) 122 if ((ret->b = reallocarray(NULL, sizeof(LHASH_NODE *), MIN_NODES)) == NULL)
123 goto err1; 123 goto err1;
124 for (i = 0; i < MIN_NODES; i++) 124 for (i = 0; i < MIN_NODES; i++)
125 ret->b[i] = NULL; 125 ret->b[i] = NULL;
diff --git a/src/lib/libcrypto/objects/o_names.c b/src/lib/libcrypto/objects/o_names.c
index 196d3ab0a7..169b8ae87d 100644
--- a/src/lib/libcrypto/objects/o_names.c
+++ b/src/lib/libcrypto/objects/o_names.c
@@ -292,7 +292,8 @@ OBJ_NAME_do_all_sorted(int type, void (*fn)(const OBJ_NAME *, void *arg),
292 int n; 292 int n;
293 293
294 d.type = type; 294 d.type = type;
295 d.names = malloc(lh_OBJ_NAME_num_items(names_lh)*sizeof *d.names); 295 d.names = reallocarray(NULL, lh_OBJ_NAME_num_items(names_lh),
296 sizeof *d.names);
296 d.n = 0; 297 d.n = 0;
297 OBJ_NAME_do_all(type, do_all_sorted_fn, &d); 298 OBJ_NAME_do_all(type, do_all_sorted_fn, &d);
298 299
diff --git a/src/lib/libcrypto/objects/obj_xref.c b/src/lib/libcrypto/objects/obj_xref.c
index 25aed74ff1..8e9128efc4 100644
--- a/src/lib/libcrypto/objects/obj_xref.c
+++ b/src/lib/libcrypto/objects/obj_xref.c
@@ -164,7 +164,7 @@ OBJ_add_sigid(int signid, int dig_id, int pkey_id)
164 sigx_app = sk_nid_triple_new(sigx_cmp); 164 sigx_app = sk_nid_triple_new(sigx_cmp);
165 if (!sigx_app) 165 if (!sigx_app)
166 return 0; 166 return 0;
167 ntr = malloc(sizeof(int) * 3); 167 ntr = reallocarray(NULL, sizeof(int), 3);
168 if (!ntr) 168 if (!ntr)
169 return 0; 169 return 0;
170 ntr->sign_id = signid; 170 ntr->sign_id = signid;
diff --git a/src/lib/libcrypto/pem/pem_lib.c b/src/lib/libcrypto/pem/pem_lib.c
index 58d2bfbee9..945262f019 100644
--- a/src/lib/libcrypto/pem/pem_lib.c
+++ b/src/lib/libcrypto/pem/pem_lib.c
@@ -605,7 +605,7 @@ PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data,
605 goto err; 605 goto err;
606 } 606 }
607 607
608 buf = malloc(PEM_BUFSIZE * 8); 608 buf = reallocarray(NULL, PEM_BUFSIZE, 8);
609 if (buf == NULL) { 609 if (buf == NULL) {
610 reason = ERR_R_MALLOC_FAILURE; 610 reason = ERR_R_MALLOC_FAILURE;
611 goto err; 611 goto err;
diff --git a/src/lib/libcrypto/pem/pem_seal.c b/src/lib/libcrypto/pem/pem_seal.c
index 92b70157cd..a7b9379223 100644
--- a/src/lib/libcrypto/pem/pem_seal.c
+++ b/src/lib/libcrypto/pem/pem_seal.c
@@ -85,7 +85,7 @@ PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
85 if (j > max) 85 if (j > max)
86 max = j; 86 max = j;
87 } 87 }
88 s = (char *)malloc(max*2); 88 s = (char *)reallocarray(NULL, max, 2);
89 if (s == NULL) { 89 if (s == NULL) {
90 PEMerr(PEM_F_PEM_SEALINIT, ERR_R_MALLOC_FAILURE); 90 PEMerr(PEM_F_PEM_SEALINIT, ERR_R_MALLOC_FAILURE);
91 goto err; 91 goto err;
@@ -159,7 +159,7 @@ PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
159 i = RSA_size(priv->pkey.rsa); 159 i = RSA_size(priv->pkey.rsa);
160 if (i < 100) 160 if (i < 100)
161 i = 100; 161 i = 100;
162 s = (unsigned char *)malloc(i*2); 162 s = reallocarray(NULL, i, 2);
163 if (s == NULL) { 163 if (s == NULL) {
164 PEMerr(PEM_F_PEM_SEALFINAL, ERR_R_MALLOC_FAILURE); 164 PEMerr(PEM_F_PEM_SEALFINAL, ERR_R_MALLOC_FAILURE);
165 goto err; 165 goto err;
diff --git a/src/lib/libcrypto/srp/srp_lib.c b/src/lib/libcrypto/srp/srp_lib.c
index a3a67eda2e..77e2c2c2f2 100644
--- a/src/lib/libcrypto/srp/srp_lib.c
+++ b/src/lib/libcrypto/srp/srp_lib.c
@@ -121,7 +121,7 @@ BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N)
121 121
122 longN= BN_num_bytes(N); 122 longN= BN_num_bytes(N);
123 123
124 if ((cAB = malloc(2*longN)) == NULL) 124 if ((cAB = reallocarray(NULL, 2, longN)) == NULL)
125 return NULL; 125 return NULL;
126 126
127 memset(cAB, 0, longN); 127 memset(cAB, 0, longN);
diff --git a/src/lib/libcrypto/srp/srp_vfy.c b/src/lib/libcrypto/srp/srp_vfy.c
index de7dbe5bbd..6ad80ef992 100644
--- a/src/lib/libcrypto/srp/srp_vfy.c
+++ b/src/lib/libcrypto/srp/srp_vfy.c
@@ -573,7 +573,7 @@ char *SRP_create_verifier(const char *user, const char *pass, char **salt,
573 if(!SRP_create_verifier_BN(user, pass, &s, &v, N_bn, g_bn)) goto err; 573 if(!SRP_create_verifier_BN(user, pass, &s, &v, N_bn, g_bn)) goto err;
574 574
575 BN_bn2bin(v,tmp); 575 BN_bn2bin(v,tmp);
576 if (((vf = malloc(BN_num_bytes(v)*2)) == NULL)) 576 if (((vf = reallocarray(NULL, BN_num_bytes(v), 2)) == NULL))
577 goto err; 577 goto err;
578 t_tob64(vf, tmp, BN_num_bytes(v)); 578 t_tob64(vf, tmp, BN_num_bytes(v));
579 579
@@ -582,7 +582,7 @@ char *SRP_create_verifier(const char *user, const char *pass, char **salt,
582 { 582 {
583 char *tmp_salt; 583 char *tmp_salt;
584 584
585 if ((tmp_salt = malloc(SRP_RANDOM_SALT_LEN * 2)) == NULL) 585 if ((tmp_salt = reallocarray(NULL, SRP_RANDOM_SALT_LEN, 2)) == NULL)
586 { 586 {
587 free(vf); 587 free(vf);
588 goto err; 588 goto err;
diff --git a/src/lib/libcrypto/txt_db/txt_db.c b/src/lib/libcrypto/txt_db/txt_db.c
index a2afa3df23..0f3a7ffbb3 100644
--- a/src/lib/libcrypto/txt_db/txt_db.c
+++ b/src/lib/libcrypto/txt_db/txt_db.c
@@ -94,9 +94,9 @@ TXT_DB_read(BIO *in, int num)
94 ret->qual = NULL; 94 ret->qual = NULL;
95 if ((ret->data = sk_OPENSSL_PSTRING_new_null()) == NULL) 95 if ((ret->data = sk_OPENSSL_PSTRING_new_null()) == NULL)
96 goto err; 96 goto err;
97 if ((ret->index = malloc(sizeof(*ret->index)*num)) == NULL) 97 if ((ret->index = reallocarray(NULL, sizeof(*ret->index), num)) == NULL)
98 goto err; 98 goto err;
99 if ((ret->qual = malloc(sizeof(*(ret->qual))*num)) == NULL) 99 if ((ret->qual = reallocarray(NULL, sizeof(*(ret->qual)), num)) == NULL)
100 goto err; 100 goto err;
101 for (i = 0; i < num; i++) { 101 for (i = 0; i < num; i++) {
102 ret->index[i] = NULL; 102 ret->index[i] = NULL;
diff --git a/src/lib/libcrypto/x509/x509spki.c b/src/lib/libcrypto/x509/x509spki.c
index b5f67b5a97..23172fdb8e 100644
--- a/src/lib/libcrypto/x509/x509spki.c
+++ b/src/lib/libcrypto/x509/x509spki.c
@@ -115,7 +115,7 @@ NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki)
115 int der_len; 115 int der_len;
116 der_len = i2d_NETSCAPE_SPKI(spki, NULL); 116 der_len = i2d_NETSCAPE_SPKI(spki, NULL);
117 der_spki = malloc(der_len); 117 der_spki = malloc(der_len);
118 b64_str = malloc(der_len * 2); 118 b64_str = reallocarray(NULL, der_len, 2);
119 if (!der_spki || !b64_str) { 119 if (!der_spki || !b64_str) {
120 X509err(X509_F_NETSCAPE_SPKI_B64_ENCODE, ERR_R_MALLOC_FAILURE); 120 X509err(X509_F_NETSCAPE_SPKI_B64_ENCODE, ERR_R_MALLOC_FAILURE);
121 free(der_spki); 121 free(der_spki);
diff --git a/src/lib/libcrypto/x509v3/pcy_tree.c b/src/lib/libcrypto/x509v3/pcy_tree.c
index ebc4809371..080a87d674 100644
--- a/src/lib/libcrypto/x509v3/pcy_tree.c
+++ b/src/lib/libcrypto/x509v3/pcy_tree.c
@@ -220,7 +220,7 @@ tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs, unsigned int flags)
220 return 0; 220 return 0;
221 221
222 tree->flags = 0; 222 tree->flags = 0;
223 tree->levels = malloc(sizeof(X509_POLICY_LEVEL) * n); 223 tree->levels = reallocarray(NULL, sizeof(X509_POLICY_LEVEL), n);
224 tree->nlevel = 0; 224 tree->nlevel = 0;
225 tree->extra_data = NULL; 225 tree->extra_data = NULL;
226 tree->auth_policies = NULL; 226 tree->auth_policies = NULL;
diff --git a/src/lib/libssl/src/apps/apps.c b/src/lib/libssl/src/apps/apps.c
index 6d1faab482..a5ffee3e5f 100644
--- a/src/lib/libssl/src/apps/apps.c
+++ b/src/lib/libssl/src/apps/apps.c
@@ -214,7 +214,7 @@ chopup_args(ARGS *arg, char *buf, int *argc, char **argv[])
214 i = 0; 214 i = 0;
215 if (arg->count == 0) { 215 if (arg->count == 0) {
216 arg->count = 20; 216 arg->count = 20;
217 arg->data = (char **)malloc(sizeof(char *) * arg->count); 217 arg->data = reallocarray(NULL, sizeof(char *), arg->count);
218 } 218 }
219 for (i = 0; i < arg->count; i++) 219 for (i = 0; i < arg->count; i++)
220 arg->data[i] = NULL; 220 arg->data[i] = NULL;
@@ -1838,9 +1838,9 @@ parse_name(char *subject, long chtype, int multirdn)
1838 * only become shorter */ 1838 * only become shorter */
1839 char *buf = malloc(buflen); 1839 char *buf = malloc(buflen);
1840 size_t max_ne = buflen / 2 + 1; /* maximum number of name elements */ 1840 size_t max_ne = buflen / 2 + 1; /* maximum number of name elements */
1841 char **ne_types = malloc(max_ne * sizeof(char *)); 1841 char **ne_types = reallocarray(NULL, max_ne, sizeof(char *));
1842 char **ne_values = malloc(max_ne * sizeof(char *)); 1842 char **ne_values = reallocarray(NULL, max_ne, sizeof(char *));
1843 int *mval = malloc(max_ne * sizeof(int)); 1843 int *mval = reallocarray(NULL, max_ne, sizeof(int));
1844 1844
1845 char *sp = subject, *bp = buf; 1845 char *sp = subject, *bp = buf;
1846 int i, ne_num = 0; 1846 int i, ne_num = 0;
diff --git a/src/lib/libssl/src/apps/ca.c b/src/lib/libssl/src/apps/ca.c
index 87b5dd1511..89c4f84613 100644
--- a/src/lib/libssl/src/apps/ca.c
+++ b/src/lib/libssl/src/apps/ca.c
@@ -1974,7 +1974,7 @@ again2:
1974 row[DB_type][0] = 'V'; 1974 row[DB_type][0] = 'V';
1975 row[DB_type][1] = '\0'; 1975 row[DB_type][1] = '\0';
1976 1976
1977 if ((irow = (char **)malloc(sizeof(char *) * (DB_NUMBER + 1))) == 1977 if ((irow = reallocarray(NULL, sizeof(char *), (DB_NUMBER + 1))) ==
1978 NULL) { 1978 NULL) {
1979 BIO_printf(bio_err, "Memory allocation failure\n"); 1979 BIO_printf(bio_err, "Memory allocation failure\n");
1980 goto err; 1980 goto err;
@@ -2238,7 +2238,7 @@ do_revoke(X509 * x509, CA_DB * db, int type, char *value)
2238 row[DB_type][0] = 'V'; 2238 row[DB_type][0] = 'V';
2239 row[DB_type][1] = '\0'; 2239 row[DB_type][1] = '\0';
2240 2240
2241 if ((irow = (char **)malloc(sizeof(char *) * 2241 if ((irow = reallocarray(NULL, sizeof(char *),
2242 (DB_NUMBER + 1))) == NULL) { 2242 (DB_NUMBER + 1))) == NULL) {
2243 BIO_printf(bio_err, "Memory allocation failure\n"); 2243 BIO_printf(bio_err, "Memory allocation failure\n");
2244 goto err; 2244 goto err;
diff --git a/src/lib/libssl/src/apps/ecparam.c b/src/lib/libssl/src/apps/ecparam.c
index 46c23a22d1..29eaf9ba1a 100644
--- a/src/lib/libssl/src/apps/ecparam.c
+++ b/src/lib/libssl/src/apps/ecparam.c
@@ -308,7 +308,7 @@ bad:
308 308
309 crv_len = EC_get_builtin_curves(NULL, 0); 309 crv_len = EC_get_builtin_curves(NULL, 0);
310 310
311 curves = malloc((int) (sizeof(EC_builtin_curve) * crv_len)); 311 curves = reallocarray(NULL, sizeof(EC_builtin_curve), crv_len);
312 312
313 if (curves == NULL) 313 if (curves == NULL)
314 goto end; 314 goto end;
diff --git a/src/lib/libssl/src/apps/rsautl.c b/src/lib/libssl/src/apps/rsautl.c
index 08d28a496b..0e4cae5ffc 100644
--- a/src/lib/libssl/src/apps/rsautl.c
+++ b/src/lib/libssl/src/apps/rsautl.c
@@ -253,7 +253,7 @@ rsautl_main(int argc, char **argv)
253 253
254 keysize = RSA_size(rsa); 254 keysize = RSA_size(rsa);
255 255
256 rsa_in = malloc(keysize * 2); 256 rsa_in = reallocarray(NULL, keysize, 2);
257 rsa_out = malloc(keysize); 257 rsa_out = malloc(keysize);
258 258
259 /* Read the input data */ 259 /* Read the input data */
diff --git a/src/lib/libssl/src/apps/speed.c b/src/lib/libssl/src/apps/speed.c
index d7e212178a..da8c3b3196 100644
--- a/src/lib/libssl/src/apps/speed.c
+++ b/src/lib/libssl/src/apps/speed.c
@@ -2106,7 +2106,7 @@ do_multi(int multi)
2106 int *fds; 2106 int *fds;
2107 static char sep[] = ":"; 2107 static char sep[] = ":";
2108 2108
2109 fds = malloc(multi * sizeof *fds); 2109 fds = reallocarray(NULL, multi, sizeof *fds);
2110 for (n = 0; n < multi; ++n) { 2110 for (n = 0; n < multi; ++n) {
2111 if (pipe(fd) == -1) { 2111 if (pipe(fd) == -1) {
2112 fprintf(stderr, "pipe failure\n"); 2112 fprintf(stderr, "pipe failure\n");
diff --git a/src/lib/libssl/src/crypto/asn1/a_set.c b/src/lib/libssl/src/crypto/asn1/a_set.c
index 3aeb7e54ff..8101f7722d 100644
--- a/src/lib/libssl/src/crypto/asn1/a_set.c
+++ b/src/lib/libssl/src/crypto/asn1/a_set.c
@@ -121,7 +121,7 @@ i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp, i2d_of_void *i2d,
121 121
122 pStart = p; /* Catch the beg of Setblobs*/ 122 pStart = p; /* Catch the beg of Setblobs*/
123 /* In this array we will store the SET blobs */ 123 /* In this array we will store the SET blobs */
124 rgSetBlob = malloc(sk_OPENSSL_BLOCK_num(a) * sizeof(MYBLOB)); 124 rgSetBlob = reallocarray(NULL, sk_OPENSSL_BLOCK_num(a), sizeof(MYBLOB));
125 if (rgSetBlob == NULL) { 125 if (rgSetBlob == NULL) {
126 ASN1err(ASN1_F_I2D_ASN1_SET, ERR_R_MALLOC_FAILURE); 126 ASN1err(ASN1_F_I2D_ASN1_SET, ERR_R_MALLOC_FAILURE);
127 return 0; 127 return 0;
diff --git a/src/lib/libssl/src/crypto/asn1/tasn_enc.c b/src/lib/libssl/src/crypto/asn1/tasn_enc.c
index f5fc8820f6..cfceabe5a9 100644
--- a/src/lib/libssl/src/crypto/asn1/tasn_enc.c
+++ b/src/lib/libssl/src/crypto/asn1/tasn_enc.c
@@ -435,7 +435,7 @@ asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out, int skcontlen,
435 if (sk_ASN1_VALUE_num(sk) < 2) 435 if (sk_ASN1_VALUE_num(sk) < 2)
436 do_sort = 0; 436 do_sort = 0;
437 else { 437 else {
438 derlst = malloc(sk_ASN1_VALUE_num(sk) * 438 derlst = reallocarray(NULL, sk_ASN1_VALUE_num(sk),
439 sizeof(*derlst)); 439 sizeof(*derlst));
440 tmpdat = malloc(skcontlen); 440 tmpdat = malloc(skcontlen);
441 if (!derlst || !tmpdat) { 441 if (!derlst || !tmpdat) {
diff --git a/src/lib/libssl/src/crypto/bn/bn_ctx.c b/src/lib/libssl/src/crypto/bn/bn_ctx.c
index 7407dade50..2368e25183 100644
--- a/src/lib/libssl/src/crypto/bn/bn_ctx.c
+++ b/src/lib/libssl/src/crypto/bn/bn_ctx.c
@@ -349,8 +349,8 @@ BN_STACK_push(BN_STACK *st, unsigned int idx)
349 { 349 {
350 unsigned int newsize = (st->size ? 350 unsigned int newsize = (st->size ?
351 (st->size * 3 / 2) : BN_CTX_START_FRAMES); 351 (st->size * 3 / 2) : BN_CTX_START_FRAMES);
352 unsigned int *newitems = malloc(newsize * 352 unsigned int *newitems = reallocarray(NULL,
353 sizeof(unsigned int)); 353 newsize, sizeof(unsigned int));
354 if (!newitems) 354 if (!newitems)
355 return 0; 355 return 0;
356 if (st->depth) 356 if (st->depth)
diff --git a/src/lib/libssl/src/crypto/bn/bn_gf2m.c b/src/lib/libssl/src/crypto/bn/bn_gf2m.c
index 4000fb8733..4bd50924d3 100644
--- a/src/lib/libssl/src/crypto/bn/bn_gf2m.c
+++ b/src/lib/libssl/src/crypto/bn/bn_gf2m.c
@@ -547,7 +547,7 @@ BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *p,
547 bn_check_top(a); 547 bn_check_top(a);
548 bn_check_top(b); 548 bn_check_top(b);
549 bn_check_top(p); 549 bn_check_top(p);
550 if ((arr = (int *)malloc(sizeof(int) * max)) == NULL) 550 if ((arr = reallocarray(NULL, sizeof(int), max)) == NULL)
551 goto err; 551 goto err;
552 ret = BN_GF2m_poly2arr(p, arr, max); 552 ret = BN_GF2m_poly2arr(p, arr, max);
553 if (!ret || ret > max) { 553 if (!ret || ret > max) {
@@ -609,7 +609,7 @@ BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
609 609
610 bn_check_top(a); 610 bn_check_top(a);
611 bn_check_top(p); 611 bn_check_top(p);
612 if ((arr = (int *)malloc(sizeof(int) * max)) == NULL) 612 if ((arr = reallocarray(NULL, sizeof(int), max)) == NULL)
613 goto err; 613 goto err;
614 ret = BN_GF2m_poly2arr(p, arr, max); 614 ret = BN_GF2m_poly2arr(p, arr, max);
615 if (!ret || ret > max) { 615 if (!ret || ret > max) {
@@ -1037,7 +1037,7 @@ BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *p,
1037 bn_check_top(a); 1037 bn_check_top(a);
1038 bn_check_top(b); 1038 bn_check_top(b);
1039 bn_check_top(p); 1039 bn_check_top(p);
1040 if ((arr = (int *)malloc(sizeof(int) * max)) == NULL) 1040 if ((arr = reallocarray(NULL, sizeof(int), max)) == NULL)
1041 goto err; 1041 goto err;
1042 ret = BN_GF2m_poly2arr(p, arr, max); 1042 ret = BN_GF2m_poly2arr(p, arr, max);
1043 if (!ret || ret > max) { 1043 if (!ret || ret > max) {
@@ -1099,7 +1099,7 @@ BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
1099 int *arr = NULL; 1099 int *arr = NULL;
1100 bn_check_top(a); 1100 bn_check_top(a);
1101 bn_check_top(p); 1101 bn_check_top(p);
1102 if ((arr = (int *)malloc(sizeof(int) * max)) == NULL) 1102 if ((arr = reallocarray(NULL, sizeof(int), max)) == NULL)
1103 goto err; 1103 goto err;
1104 ret = BN_GF2m_poly2arr(p, arr, max); 1104 ret = BN_GF2m_poly2arr(p, arr, max);
1105 if (!ret || ret > max) { 1105 if (!ret || ret > max) {
@@ -1234,7 +1234,7 @@ BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
1234 1234
1235 bn_check_top(a); 1235 bn_check_top(a);
1236 bn_check_top(p); 1236 bn_check_top(p);
1237 if ((arr = (int *)malloc(sizeof(int) * max)) == NULL) 1237 if ((arr = reallocarray(NULL, sizeof(int), max)) == NULL)
1238 goto err; 1238 goto err;
1239 ret = BN_GF2m_poly2arr(p, arr, max); 1239 ret = BN_GF2m_poly2arr(p, arr, max);
1240 if (!ret || ret > max) { 1240 if (!ret || ret > max) {
diff --git a/src/lib/libssl/src/crypto/bn/bn_lib.c b/src/lib/libssl/src/crypto/bn/bn_lib.c
index a3a96662e8..28489f8181 100644
--- a/src/lib/libssl/src/crypto/bn/bn_lib.c
+++ b/src/lib/libssl/src/crypto/bn/bn_lib.c
@@ -245,7 +245,7 @@ BN_new(void)
245{ 245{
246 BIGNUM *ret; 246 BIGNUM *ret;
247 247
248 if ((ret = (BIGNUM *)malloc(sizeof(BIGNUM))) == NULL) { 248 if ((ret = malloc(sizeof(BIGNUM))) == NULL) {
249 BNerr(BN_F_BN_NEW, ERR_R_MALLOC_FAILURE); 249 BNerr(BN_F_BN_NEW, ERR_R_MALLOC_FAILURE);
250 return (NULL); 250 return (NULL);
251 } 251 }
@@ -278,7 +278,7 @@ bn_expand_internal(const BIGNUM *b, int words)
278 BN_R_EXPAND_ON_STATIC_BIGNUM_DATA); 278 BN_R_EXPAND_ON_STATIC_BIGNUM_DATA);
279 return (NULL); 279 return (NULL);
280 } 280 }
281 a = A = (BN_ULONG *)malloc(sizeof(BN_ULONG)*words); 281 a = A = reallocarray(NULL, sizeof(BN_ULONG), words);
282 if (A == NULL) { 282 if (A == NULL) {
283 BNerr(BN_F_BN_EXPAND_INTERNAL, ERR_R_MALLOC_FAILURE); 283 BNerr(BN_F_BN_EXPAND_INTERNAL, ERR_R_MALLOC_FAILURE);
284 return (NULL); 284 return (NULL);
diff --git a/src/lib/libssl/src/crypto/bn/bn_print.c b/src/lib/libssl/src/crypto/bn/bn_print.c
index 3a0fb25369..ea5fa5c3da 100644
--- a/src/lib/libssl/src/crypto/bn/bn_print.c
+++ b/src/lib/libssl/src/crypto/bn/bn_print.c
@@ -116,7 +116,7 @@ BN_bn2dec(const BIGNUM *a)
116 */ 116 */
117 i = BN_num_bits(a) * 3; 117 i = BN_num_bits(a) * 3;
118 num = (i / 10 + i / 1000 + 1) + 1; 118 num = (i / 10 + i / 1000 + 1) + 1;
119 bn_data = (BN_ULONG *)malloc((num / BN_DEC_NUM + 1) * sizeof(BN_ULONG)); 119 bn_data = reallocarray(NULL, num / BN_DEC_NUM + 1, sizeof(BN_ULONG));
120 buf = (char *)malloc(num + 3); 120 buf = (char *)malloc(num + 3);
121 if ((buf == NULL) || (bn_data == NULL)) { 121 if ((buf == NULL) || (bn_data == NULL)) {
122 BNerr(BN_F_BN_BN2DEC, ERR_R_MALLOC_FAILURE); 122 BNerr(BN_F_BN_BN2DEC, ERR_R_MALLOC_FAILURE);
diff --git a/src/lib/libssl/src/crypto/ec/ec_mult.c b/src/lib/libssl/src/crypto/ec/ec_mult.c
index c0525c4940..b3bd34d82d 100644
--- a/src/lib/libssl/src/crypto/ec/ec_mult.c
+++ b/src/lib/libssl/src/crypto/ec/ec_mult.c
@@ -425,11 +425,11 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
425 } 425 }
426 totalnum = num + numblocks; 426 totalnum = num + numblocks;
427 427
428 wsize = malloc(totalnum * sizeof wsize[0]); 428 wsize = reallocarray(NULL, totalnum, sizeof wsize[0]);
429 wNAF_len = malloc(totalnum * sizeof wNAF_len[0]); 429 wNAF_len = reallocarray(NULL, totalnum, sizeof wNAF_len[0]);
430 wNAF = malloc((totalnum + 1) * sizeof wNAF[0]); /* includes space for 430 /* includes space for pivot */
431 * pivot */ 431 wNAF = reallocarray(NULL, (totalnum + 1), sizeof wNAF[0]);
432 val_sub = malloc(totalnum * sizeof val_sub[0]); 432 val_sub = reallocarray(NULL, totalnum, sizeof val_sub[0]);
433 433
434 if (!wsize || !wNAF_len || !wNAF || !val_sub) { 434 if (!wsize || !wNAF_len || !wNAF || !val_sub) {
435 ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE); 435 ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
@@ -573,7 +573,7 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
573 * to a subarray of 'pre_comp->points' if we already have 573 * to a subarray of 'pre_comp->points' if we already have
574 * precomputation. 574 * precomputation.
575 */ 575 */
576 val = malloc((num_val + 1) * sizeof val[0]); 576 val = reallocarray(NULL, (num_val + 1), sizeof val[0]);
577 if (val == NULL) { 577 if (val == NULL) {
578 ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE); 578 ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
579 goto err; 579 goto err;
@@ -790,7 +790,7 @@ ec_wNAF_precompute_mult(EC_GROUP * group, BN_CTX * ctx)
790 num = pre_points_per_block * numblocks; /* number of points to 790 num = pre_points_per_block * numblocks; /* number of points to
791 * compute and store */ 791 * compute and store */
792 792
793 points = malloc(sizeof(EC_POINT *) * (num + 1)); 793 points = reallocarray(NULL, sizeof(EC_POINT *), (num + 1));
794 if (!points) { 794 if (!points) {
795 ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_MALLOC_FAILURE); 795 ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_MALLOC_FAILURE);
796 goto err; 796 goto err;
diff --git a/src/lib/libssl/src/crypto/ec/ecp_nistp224.c b/src/lib/libssl/src/crypto/ec/ecp_nistp224.c
index 53aced54d5..6e9b9fac3c 100644
--- a/src/lib/libssl/src/crypto/ec/ecp_nistp224.c
+++ b/src/lib/libssl/src/crypto/ec/ecp_nistp224.c
@@ -1438,7 +1438,8 @@ ec_GFp_nistp224_points_mul(const EC_GROUP * group, EC_POINT * r,
1438 secrets = calloc(num_points, sizeof(felem_bytearray)); 1438 secrets = calloc(num_points, sizeof(felem_bytearray));
1439 pre_comp = calloc(num_points, 17 * 3 * sizeof(felem)); 1439 pre_comp = calloc(num_points, 17 * 3 * sizeof(felem));
1440 if (mixed) 1440 if (mixed)
1441 tmp_felems = malloc((num_points * 17 + 1) * sizeof(felem)); 1441 tmp_felems = reallocarray(NULL,
1442 (num_points * 17 + 1), sizeof(felem));
1442 if ((secrets == NULL) || (pre_comp == NULL) || (mixed && (tmp_felems == NULL))) { 1443 if ((secrets == NULL) || (pre_comp == NULL) || (mixed && (tmp_felems == NULL))) {
1443 ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_MALLOC_FAILURE); 1444 ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_MALLOC_FAILURE);
1444 goto err; 1445 goto err;
diff --git a/src/lib/libssl/src/crypto/ec/ecp_nistp256.c b/src/lib/libssl/src/crypto/ec/ecp_nistp256.c
index df80cc2b8a..b2398e106c 100644
--- a/src/lib/libssl/src/crypto/ec/ecp_nistp256.c
+++ b/src/lib/libssl/src/crypto/ec/ecp_nistp256.c
@@ -1987,8 +1987,11 @@ ec_GFp_nistp256_points_mul(const EC_GROUP * group, EC_POINT * r,
1987 } 1987 }
1988 secrets = calloc(num_points, sizeof(felem_bytearray)); 1988 secrets = calloc(num_points, sizeof(felem_bytearray));
1989 pre_comp = calloc(num_points, 17 * 3 * sizeof(smallfelem)); 1989 pre_comp = calloc(num_points, 17 * 3 * sizeof(smallfelem));
1990 if (mixed) 1990 if (mixed) {
1991 tmp_smallfelems = malloc((num_points * 17 + 1) * sizeof(smallfelem)); 1991 /* XXX should do more int overflow checking */
1992 tmp_smallfelems = reallocarray(NULL,
1993 (num_points * 17 + 1), sizeof(smallfelem));
1994 }
1992 if ((secrets == NULL) || (pre_comp == NULL) || (mixed && (tmp_smallfelems == NULL))) { 1995 if ((secrets == NULL) || (pre_comp == NULL) || (mixed && (tmp_smallfelems == NULL))) {
1993 ECerr(EC_F_EC_GFP_NISTP256_POINTS_MUL, ERR_R_MALLOC_FAILURE); 1996 ECerr(EC_F_EC_GFP_NISTP256_POINTS_MUL, ERR_R_MALLOC_FAILURE);
1994 goto err; 1997 goto err;
diff --git a/src/lib/libssl/src/crypto/ec/ecp_nistp521.c b/src/lib/libssl/src/crypto/ec/ecp_nistp521.c
index 6792c5b71d..083e017cdc 100644
--- a/src/lib/libssl/src/crypto/ec/ecp_nistp521.c
+++ b/src/lib/libssl/src/crypto/ec/ecp_nistp521.c
@@ -1874,8 +1874,11 @@ ec_GFp_nistp521_points_mul(const EC_GROUP * group, EC_POINT * r,
1874 } 1874 }
1875 secrets = calloc(num_points, sizeof(felem_bytearray)); 1875 secrets = calloc(num_points, sizeof(felem_bytearray));
1876 pre_comp = calloc(num_points, 17 * 3 * sizeof(felem)); 1876 pre_comp = calloc(num_points, 17 * 3 * sizeof(felem));
1877 if (mixed) 1877 if (mixed) {
1878 tmp_felems = malloc((num_points * 17 + 1) * sizeof(felem)); 1878 /* XXX should do more int overflow checking */
1879 tmp_felems = reallocarray(NULL,
1880 (num_points * 17 + 1), sizeof(felem));
1881 }
1879 if ((secrets == NULL) || (pre_comp == NULL) || (mixed && (tmp_felems == NULL))) { 1882 if ((secrets == NULL) || (pre_comp == NULL) || (mixed && (tmp_felems == NULL))) {
1880 ECerr(EC_F_EC_GFP_NISTP521_POINTS_MUL, ERR_R_MALLOC_FAILURE); 1883 ECerr(EC_F_EC_GFP_NISTP521_POINTS_MUL, ERR_R_MALLOC_FAILURE);
1881 goto err; 1884 goto err;
diff --git a/src/lib/libssl/src/crypto/ec/ecp_smpl.c b/src/lib/libssl/src/crypto/ec/ecp_smpl.c
index b87410120d..46783a47a8 100644
--- a/src/lib/libssl/src/crypto/ec/ecp_smpl.c
+++ b/src/lib/libssl/src/crypto/ec/ecp_smpl.c
@@ -1257,7 +1257,7 @@ ec_GFp_simple_points_make_affine(const EC_GROUP * group, size_t num, EC_POINT *
1257 */ 1257 */
1258 pow2 <<= 1; 1258 pow2 <<= 1;
1259 1259
1260 heap = malloc(pow2 * sizeof heap[0]); 1260 heap = reallocarray(NULL, pow2, sizeof heap[0]);
1261 if (heap == NULL) 1261 if (heap == NULL)
1262 goto err; 1262 goto err;
1263 1263
diff --git a/src/lib/libssl/src/crypto/engine/eng_rsax.c b/src/lib/libssl/src/crypto/engine/eng_rsax.c
index 1b15b6f1a3..0f8e1cd498 100644
--- a/src/lib/libssl/src/crypto/engine/eng_rsax.c
+++ b/src/lib/libssl/src/crypto/engine/eng_rsax.c
@@ -268,7 +268,7 @@ static E_RSAX_MOD_CTX *e_rsax_get_ctx(RSA *rsa, int idx, BIGNUM* m)
268 268
269 hptr = RSA_get_ex_data(rsa, rsax_ex_data_idx); 269 hptr = RSA_get_ex_data(rsa, rsax_ex_data_idx);
270 if (!hptr) { 270 if (!hptr) {
271 hptr = malloc(3*sizeof(E_RSAX_MOD_CTX)); 271 hptr = reallocarray(NULL, 3, sizeof(E_RSAX_MOD_CTX));
272 if (!hptr) return NULL; 272 if (!hptr) return NULL;
273 hptr[2].type = hptr[1].type= hptr[0].type = 0; 273 hptr[2].type = hptr[1].type= hptr[0].type = 0;
274 RSA_set_ex_data(rsa, rsax_ex_data_idx, hptr); 274 RSA_set_ex_data(rsa, rsax_ex_data_idx, hptr);
diff --git a/src/lib/libssl/src/crypto/ex_data.c b/src/lib/libssl/src/crypto/ex_data.c
index d8d25d320e..5cd01c72d1 100644
--- a/src/lib/libssl/src/crypto/ex_data.c
+++ b/src/lib/libssl/src/crypto/ex_data.c
@@ -424,7 +424,7 @@ int_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
424 CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA); 424 CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA);
425 mx = sk_CRYPTO_EX_DATA_FUNCS_num(item->meth); 425 mx = sk_CRYPTO_EX_DATA_FUNCS_num(item->meth);
426 if (mx > 0) { 426 if (mx > 0) {
427 storage = malloc(mx * sizeof(CRYPTO_EX_DATA_FUNCS*)); 427 storage = reallocarray(NULL, mx, sizeof(CRYPTO_EX_DATA_FUNCS*));
428 if (!storage) 428 if (!storage)
429 goto skip; 429 goto skip;
430 for (i = 0; i < mx; i++) 430 for (i = 0; i < mx; i++)
@@ -468,7 +468,7 @@ int_dup_ex_data(int class_index, CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from)
468 if (j < mx) 468 if (j < mx)
469 mx = j; 469 mx = j;
470 if (mx > 0) { 470 if (mx > 0) {
471 storage = malloc(mx * sizeof(CRYPTO_EX_DATA_FUNCS*)); 471 storage = reallocarray(NULL, mx, sizeof(CRYPTO_EX_DATA_FUNCS*));
472 if (!storage) 472 if (!storage)
473 goto skip; 473 goto skip;
474 for (i = 0; i < mx; i++) 474 for (i = 0; i < mx; i++)
@@ -505,7 +505,7 @@ int_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
505 CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA); 505 CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA);
506 mx = sk_CRYPTO_EX_DATA_FUNCS_num(item->meth); 506 mx = sk_CRYPTO_EX_DATA_FUNCS_num(item->meth);
507 if (mx > 0) { 507 if (mx > 0) {
508 storage = malloc(mx * sizeof(CRYPTO_EX_DATA_FUNCS*)); 508 storage = reallocarray(NULL, mx, sizeof(CRYPTO_EX_DATA_FUNCS*));
509 if (!storage) 509 if (!storage)
510 goto skip; 510 goto skip;
511 for (i = 0; i < mx; i++) 511 for (i = 0; i < mx; i++)
diff --git a/src/lib/libssl/src/crypto/lhash/lhash.c b/src/lib/libssl/src/crypto/lhash/lhash.c
index ad24a7726b..e75a43f506 100644
--- a/src/lib/libssl/src/crypto/lhash/lhash.c
+++ b/src/lib/libssl/src/crypto/lhash/lhash.c
@@ -119,7 +119,7 @@ lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c)
119 119
120 if ((ret = malloc(sizeof(_LHASH))) == NULL) 120 if ((ret = malloc(sizeof(_LHASH))) == NULL)
121 goto err0; 121 goto err0;
122 if ((ret->b = malloc(sizeof(LHASH_NODE *) * MIN_NODES)) == NULL) 122 if ((ret->b = reallocarray(NULL, sizeof(LHASH_NODE *), MIN_NODES)) == NULL)
123 goto err1; 123 goto err1;
124 for (i = 0; i < MIN_NODES; i++) 124 for (i = 0; i < MIN_NODES; i++)
125 ret->b[i] = NULL; 125 ret->b[i] = NULL;
diff --git a/src/lib/libssl/src/crypto/objects/o_names.c b/src/lib/libssl/src/crypto/objects/o_names.c
index 196d3ab0a7..169b8ae87d 100644
--- a/src/lib/libssl/src/crypto/objects/o_names.c
+++ b/src/lib/libssl/src/crypto/objects/o_names.c
@@ -292,7 +292,8 @@ OBJ_NAME_do_all_sorted(int type, void (*fn)(const OBJ_NAME *, void *arg),
292 int n; 292 int n;
293 293
294 d.type = type; 294 d.type = type;
295 d.names = malloc(lh_OBJ_NAME_num_items(names_lh)*sizeof *d.names); 295 d.names = reallocarray(NULL, lh_OBJ_NAME_num_items(names_lh),
296 sizeof *d.names);
296 d.n = 0; 297 d.n = 0;
297 OBJ_NAME_do_all(type, do_all_sorted_fn, &d); 298 OBJ_NAME_do_all(type, do_all_sorted_fn, &d);
298 299
diff --git a/src/lib/libssl/src/crypto/objects/obj_xref.c b/src/lib/libssl/src/crypto/objects/obj_xref.c
index 25aed74ff1..8e9128efc4 100644
--- a/src/lib/libssl/src/crypto/objects/obj_xref.c
+++ b/src/lib/libssl/src/crypto/objects/obj_xref.c
@@ -164,7 +164,7 @@ OBJ_add_sigid(int signid, int dig_id, int pkey_id)
164 sigx_app = sk_nid_triple_new(sigx_cmp); 164 sigx_app = sk_nid_triple_new(sigx_cmp);
165 if (!sigx_app) 165 if (!sigx_app)
166 return 0; 166 return 0;
167 ntr = malloc(sizeof(int) * 3); 167 ntr = reallocarray(NULL, sizeof(int), 3);
168 if (!ntr) 168 if (!ntr)
169 return 0; 169 return 0;
170 ntr->sign_id = signid; 170 ntr->sign_id = signid;
diff --git a/src/lib/libssl/src/crypto/pem/pem_lib.c b/src/lib/libssl/src/crypto/pem/pem_lib.c
index 58d2bfbee9..945262f019 100644
--- a/src/lib/libssl/src/crypto/pem/pem_lib.c
+++ b/src/lib/libssl/src/crypto/pem/pem_lib.c
@@ -605,7 +605,7 @@ PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data,
605 goto err; 605 goto err;
606 } 606 }
607 607
608 buf = malloc(PEM_BUFSIZE * 8); 608 buf = reallocarray(NULL, PEM_BUFSIZE, 8);
609 if (buf == NULL) { 609 if (buf == NULL) {
610 reason = ERR_R_MALLOC_FAILURE; 610 reason = ERR_R_MALLOC_FAILURE;
611 goto err; 611 goto err;
diff --git a/src/lib/libssl/src/crypto/pem/pem_seal.c b/src/lib/libssl/src/crypto/pem/pem_seal.c
index 92b70157cd..a7b9379223 100644
--- a/src/lib/libssl/src/crypto/pem/pem_seal.c
+++ b/src/lib/libssl/src/crypto/pem/pem_seal.c
@@ -85,7 +85,7 @@ PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
85 if (j > max) 85 if (j > max)
86 max = j; 86 max = j;
87 } 87 }
88 s = (char *)malloc(max*2); 88 s = (char *)reallocarray(NULL, max, 2);
89 if (s == NULL) { 89 if (s == NULL) {
90 PEMerr(PEM_F_PEM_SEALINIT, ERR_R_MALLOC_FAILURE); 90 PEMerr(PEM_F_PEM_SEALINIT, ERR_R_MALLOC_FAILURE);
91 goto err; 91 goto err;
@@ -159,7 +159,7 @@ PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
159 i = RSA_size(priv->pkey.rsa); 159 i = RSA_size(priv->pkey.rsa);
160 if (i < 100) 160 if (i < 100)
161 i = 100; 161 i = 100;
162 s = (unsigned char *)malloc(i*2); 162 s = reallocarray(NULL, i, 2);
163 if (s == NULL) { 163 if (s == NULL) {
164 PEMerr(PEM_F_PEM_SEALFINAL, ERR_R_MALLOC_FAILURE); 164 PEMerr(PEM_F_PEM_SEALFINAL, ERR_R_MALLOC_FAILURE);
165 goto err; 165 goto err;
diff --git a/src/lib/libssl/src/crypto/srp/srp_lib.c b/src/lib/libssl/src/crypto/srp/srp_lib.c
index a3a67eda2e..77e2c2c2f2 100644
--- a/src/lib/libssl/src/crypto/srp/srp_lib.c
+++ b/src/lib/libssl/src/crypto/srp/srp_lib.c
@@ -121,7 +121,7 @@ BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N)
121 121
122 longN= BN_num_bytes(N); 122 longN= BN_num_bytes(N);
123 123
124 if ((cAB = malloc(2*longN)) == NULL) 124 if ((cAB = reallocarray(NULL, 2, longN)) == NULL)
125 return NULL; 125 return NULL;
126 126
127 memset(cAB, 0, longN); 127 memset(cAB, 0, longN);
diff --git a/src/lib/libssl/src/crypto/srp/srp_vfy.c b/src/lib/libssl/src/crypto/srp/srp_vfy.c
index de7dbe5bbd..6ad80ef992 100644
--- a/src/lib/libssl/src/crypto/srp/srp_vfy.c
+++ b/src/lib/libssl/src/crypto/srp/srp_vfy.c
@@ -573,7 +573,7 @@ char *SRP_create_verifier(const char *user, const char *pass, char **salt,
573 if(!SRP_create_verifier_BN(user, pass, &s, &v, N_bn, g_bn)) goto err; 573 if(!SRP_create_verifier_BN(user, pass, &s, &v, N_bn, g_bn)) goto err;
574 574
575 BN_bn2bin(v,tmp); 575 BN_bn2bin(v,tmp);
576 if (((vf = malloc(BN_num_bytes(v)*2)) == NULL)) 576 if (((vf = reallocarray(NULL, BN_num_bytes(v), 2)) == NULL))
577 goto err; 577 goto err;
578 t_tob64(vf, tmp, BN_num_bytes(v)); 578 t_tob64(vf, tmp, BN_num_bytes(v));
579 579
@@ -582,7 +582,7 @@ char *SRP_create_verifier(const char *user, const char *pass, char **salt,
582 { 582 {
583 char *tmp_salt; 583 char *tmp_salt;
584 584
585 if ((tmp_salt = malloc(SRP_RANDOM_SALT_LEN * 2)) == NULL) 585 if ((tmp_salt = reallocarray(NULL, SRP_RANDOM_SALT_LEN, 2)) == NULL)
586 { 586 {
587 free(vf); 587 free(vf);
588 goto err; 588 goto err;
diff --git a/src/lib/libssl/src/crypto/txt_db/txt_db.c b/src/lib/libssl/src/crypto/txt_db/txt_db.c
index a2afa3df23..0f3a7ffbb3 100644
--- a/src/lib/libssl/src/crypto/txt_db/txt_db.c
+++ b/src/lib/libssl/src/crypto/txt_db/txt_db.c
@@ -94,9 +94,9 @@ TXT_DB_read(BIO *in, int num)
94 ret->qual = NULL; 94 ret->qual = NULL;
95 if ((ret->data = sk_OPENSSL_PSTRING_new_null()) == NULL) 95 if ((ret->data = sk_OPENSSL_PSTRING_new_null()) == NULL)
96 goto err; 96 goto err;
97 if ((ret->index = malloc(sizeof(*ret->index)*num)) == NULL) 97 if ((ret->index = reallocarray(NULL, sizeof(*ret->index), num)) == NULL)
98 goto err; 98 goto err;
99 if ((ret->qual = malloc(sizeof(*(ret->qual))*num)) == NULL) 99 if ((ret->qual = reallocarray(NULL, sizeof(*(ret->qual)), num)) == NULL)
100 goto err; 100 goto err;
101 for (i = 0; i < num; i++) { 101 for (i = 0; i < num; i++) {
102 ret->index[i] = NULL; 102 ret->index[i] = NULL;
diff --git a/src/lib/libssl/src/crypto/x509/x509spki.c b/src/lib/libssl/src/crypto/x509/x509spki.c
index b5f67b5a97..23172fdb8e 100644
--- a/src/lib/libssl/src/crypto/x509/x509spki.c
+++ b/src/lib/libssl/src/crypto/x509/x509spki.c
@@ -115,7 +115,7 @@ NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki)
115 int der_len; 115 int der_len;
116 der_len = i2d_NETSCAPE_SPKI(spki, NULL); 116 der_len = i2d_NETSCAPE_SPKI(spki, NULL);
117 der_spki = malloc(der_len); 117 der_spki = malloc(der_len);
118 b64_str = malloc(der_len * 2); 118 b64_str = reallocarray(NULL, der_len, 2);
119 if (!der_spki || !b64_str) { 119 if (!der_spki || !b64_str) {
120 X509err(X509_F_NETSCAPE_SPKI_B64_ENCODE, ERR_R_MALLOC_FAILURE); 120 X509err(X509_F_NETSCAPE_SPKI_B64_ENCODE, ERR_R_MALLOC_FAILURE);
121 free(der_spki); 121 free(der_spki);
diff --git a/src/lib/libssl/src/crypto/x509v3/pcy_tree.c b/src/lib/libssl/src/crypto/x509v3/pcy_tree.c
index ebc4809371..080a87d674 100644
--- a/src/lib/libssl/src/crypto/x509v3/pcy_tree.c
+++ b/src/lib/libssl/src/crypto/x509v3/pcy_tree.c
@@ -220,7 +220,7 @@ tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs, unsigned int flags)
220 return 0; 220 return 0;
221 221
222 tree->flags = 0; 222 tree->flags = 0;
223 tree->levels = malloc(sizeof(X509_POLICY_LEVEL) * n); 223 tree->levels = reallocarray(NULL, sizeof(X509_POLICY_LEVEL), n);
224 tree->nlevel = 0; 224 tree->nlevel = 0;
225 tree->extra_data = NULL; 225 tree->extra_data = NULL;
226 tree->auth_policies = NULL; 226 tree->auth_policies = NULL;
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-25 11:09:58 +0000