From 3d662abca6b2a7f5bc9108b036434d61fcdb6e53 Mon Sep 17 00:00:00 2001
From: deraadt <>
Date: Thu, 29 May 2014 21:07:43 +0000
Subject: convert 53 malloc(a*b) to reallocarray(NULL, a, b).  that is 53
 potential integer overflows easily changed into an allocation return of NULL,
 with errno nicely set if need be.  checks for an allocations returning NULL
 are commonplace, or if the object is dereferenced (quite normal) will result
 in a nice fault which can be detected & repaired properly. ok tedu

---
 src/lib/libcrypto/engine/eng_rsax.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/lib/libcrypto/engine')

diff --git a/src/lib/libcrypto/engine/eng_rsax.c b/src/lib/libcrypto/engine/eng_rsax.c
index 1b15b6f1a3..0f8e1cd498 100644
--- a/src/lib/libcrypto/engine/eng_rsax.c
+++ b/src/lib/libcrypto/engine/eng_rsax.c
@@ -268,7 +268,7 @@ static E_RSAX_MOD_CTX *e_rsax_get_ctx(RSA *rsa, int idx, BIGNUM* m)
 
 	hptr = RSA_get_ex_data(rsa, rsax_ex_data_idx);
 	if (!hptr) {
-	    hptr = malloc(3*sizeof(E_RSAX_MOD_CTX));
+	    hptr = reallocarray(NULL, 3, sizeof(E_RSAX_MOD_CTX));
 	    if (!hptr) return NULL;
             hptr[2].type = hptr[1].type= hptr[0].type = 0;
 	    RSA_set_ex_data(rsa, rsax_ex_data_idx, hptr);
-- 
cgit v1.2.3-55-g6feb