From 3d662abca6b2a7f5bc9108b036434d61fcdb6e53 Mon Sep 17 00:00:00 2001
From: deraadt <>
Date: Thu, 29 May 2014 21:07:43 +0000
Subject: convert 53 malloc(a*b) to reallocarray(NULL, a, b).  that is 53
 potential integer overflows easily changed into an allocation return of NULL,
 with errno nicely set if need be.  checks for an allocations returning NULL
 are commonplace, or if the object is dereferenced (quite normal) will result
 in a nice fault which can be detected & repaired properly. ok tedu

---
 src/lib/libcrypto/x509v3/pcy_tree.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/lib/libcrypto/x509v3/pcy_tree.c')

diff --git a/src/lib/libcrypto/x509v3/pcy_tree.c b/src/lib/libcrypto/x509v3/pcy_tree.c
index ebc4809371..080a87d674 100644
--- a/src/lib/libcrypto/x509v3/pcy_tree.c
+++ b/src/lib/libcrypto/x509v3/pcy_tree.c
@@ -220,7 +220,7 @@ tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs, unsigned int flags)
 		return 0;
 
 	tree->flags = 0;
-	tree->levels = malloc(sizeof(X509_POLICY_LEVEL) * n);
+	tree->levels = reallocarray(NULL, sizeof(X509_POLICY_LEVEL), n);
 	tree->nlevel = 0;
 	tree->extra_data = NULL;
 	tree->auth_policies = NULL;
-- 
cgit v1.2.3-55-g6feb