From 4dce4206f0cafd0811f23aedc04a436aa9d145c1 Mon Sep 17 00:00:00 2001
From: deraadt <>
Date: Sun, 2 Sep 2007 15:19:18 +0000
Subject: use calloc() to avoid malloc(n * m) overflows; checked by djm canacar
 jsg

---
 src/lib/libc/net/getservent.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src/lib/libc/net/getservent.c')

diff --git a/src/lib/libc/net/getservent.c b/src/lib/libc/net/getservent.c
index ab916b8e80..c81a4cf3e2 100644
--- a/src/lib/libc/net/getservent.c
+++ b/src/lib/libc/net/getservent.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: getservent.c,v 1.11 2006/01/17 15:41:52 millert Exp $ */
+/*	$OpenBSD: getservent.c,v 1.12 2007/09/02 15:19:17 deraadt Exp $ */
 /*
  * Copyright (c) 1983, 1993
  *	The Regents of the University of California.  All rights reserved.
@@ -104,7 +104,7 @@ again:
 	se->s_proto = cp;
 	if (sd->aliases == NULL) {
 		sd->maxaliases = 10;
-		sd->aliases = malloc(sd->maxaliases * sizeof(char *));
+		sd->aliases = calloc(sd->maxaliases, sizeof(char *));
 		if (sd->aliases == NULL) {
 			serrno = errno;
 			endservent_r(sd);
-- 
cgit v1.2.3-55-g6feb