- (dtucker) [auth-pam.c groupaccess.c monitor.c monitor_wrap.c scard-opensc.c

   session.c ssh-rand-helper.c sshd.c openbsd-compat/bsd-cygwin_util.c
   openbsd-compat/setproctitle.c] Convert malloc(foo*bar) -> calloc(foo,bar)
   in Portable-only code; since calloc zeros, remove now-redundant memsets.
   Also add a couple of sanity checks.  With & ok djm@

diff --git a/ChangeLog b/ChangeLog
index 5d355cb1b0a9a82b63002fcc290b46bf6dfb1955..fb97ef12c055f6df731f062b309ceafc484ecbe8 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+20060504
+ - (dtucker) [auth-pam.c groupaccess.c monitor.c monitor_wrap.c scard-opensc.c
+   session.c ssh-rand-helper.c sshd.c openbsd-compat/bsd-cygwin_util.c
+   openbsd-compat/setproctitle.c] Convert malloc(foo*bar) -> calloc(foo,bar)
+   in Portable-only code; since calloc zeros, remove now-redundant memsets.
+   Also add a couple of sanity checks.  With & ok djm@
+
 20060503
  - (dtucker) [packet.c] Remove in_systm.h since it's also in includes.h
    and double including it on IRIX 5.3 causes problems.  From Georg Schwarz,

diff --git a/auth-pam.c b/auth-pam.c
index c12f413e7a3726cd3346e25f43eb21921c63fa71..5ddc8bec31aabaea564d18b24c43139fae50c582 100644 (file)
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -288,7 +288,10 @@ import_environments(Buffer *b)
 
        /* Import environment from subprocess */
        num_env = buffer_get_int(b);
-       sshpam_env = xmalloc((num_env + 1) * sizeof(*sshpam_env));
+       if (num_env > 1024)
+               fatal("%s: received %u environment variables, expected <= 1024",
+                   __func__, num_env);
+       sshpam_env = xcalloc(num_env + 1, sizeof(*sshpam_env));
        debug3("PAM: num env strings %d", num_env);
        for(i = 0; i < num_env; i++)
                sshpam_env[i] = buffer_get_string(b, NULL);
@@ -335,9 +338,8 @@ sshpam_thread_conv(int n, sshpam_const struct pam_message **msg,
        if (n <= 0 || n > PAM_MAX_NUM_MSG)
                return (PAM_CONV_ERR);
 
-       if ((reply = malloc(n * sizeof(*reply))) == NULL)
+       if ((reply = calloc(n, sizeof(*reply))) == NULL)
                return (PAM_CONV_ERR);
-       memset(reply, 0, n * sizeof(*reply));
 
        buffer_init(&buffer);
        for (i = 0; i < n; ++i) {
@@ -533,9 +535,8 @@ sshpam_store_conv(int n, sshpam_const struct pam_message **msg,
        if (n <= 0 || n > PAM_MAX_NUM_MSG)
                return (PAM_CONV_ERR);
 
-       if ((reply = malloc(n * sizeof(*reply))) == NULL)
+       if ((reply = calloc(n, sizeof(*reply))) == NULL)
                return (PAM_CONV_ERR);
-       memset(reply, 0, n * sizeof(*reply));
 
        for (i = 0; i < n; ++i) {
                switch (PAM_MSG_MEMBER(msg, i, msg_style)) {
@@ -935,9 +936,8 @@ sshpam_tty_conv(int n, sshpam_const struct pam_message **msg,
        if (n <= 0 || n > PAM_MAX_NUM_MSG || !isatty(STDIN_FILENO))
                return (PAM_CONV_ERR);
 
-       if ((reply = malloc(n * sizeof(*reply))) == NULL)
+       if ((reply = calloc(n, sizeof(*reply))) == NULL)
                return (PAM_CONV_ERR);
-       memset(reply, 0, n * sizeof(*reply));
 
        for (i = 0; i < n; ++i) {
                switch (PAM_MSG_MEMBER(msg, i, msg_style)) {

diff --git a/groupaccess.c b/groupaccess.c
index 83c573defcf87b696a8df442c987d8d8f496ef00..2a85cb3756af3d5c614eefafd0e0c30987a59fa1 100644 (file)
--- a/groupaccess.c
+++ b/groupaccess.c
@@ -52,8 +52,8 @@ ga_init(const char *user, gid_t base)
        ngroups = MAX(NGROUPS_MAX, sysconf(_SC_NGROUPS_MAX));
 #endif
 
-       groups_bygid = xmalloc(ngroups * sizeof(*groups_bygid));
-       groups_byname = xmalloc(ngroups * sizeof(*groups_byname));
+       groups_bygid = xcalloc(ngroups, sizeof(*groups_bygid));
+       groups_byname = xcalloc(ngroups, sizeof(*groups_byname));
 
        if (getgrouplist(user, base, groups_bygid, &ngroups) == -1)
                logit("getgrouplist: groups list too small");

diff --git a/monitor.c b/monitor.c
index 894523da3c74ea82d79b2769df88c0e791f8c1c3..4b8287d85f48fe9c88d9b15f8d8c933635bb5e08 100644 (file)
--- a/monitor.c
+++ b/monitor.c
@@ -924,7 +924,7 @@ mm_answer_pam_respond(int sock, Buffer *m)
        sshpam_authok = NULL;
        num = buffer_get_int(m);
        if (num > 0) {
-               resp = xmalloc(num * sizeof(char *));
+               resp = xcalloc(num, sizeof(char *));
                for (i = 0; i < num; ++i)
                        resp[i] = buffer_get_string(m, NULL);
                ret = (sshpam_device.respond)(sshpam_ctxt, num, resp);

diff --git a/monitor_wrap.c b/monitor_wrap.c
index 8cfc8cc08f79769b1ed0dbed2d91d0ee61b895cc..332652895cb98111b7e08c61fbe1239a37333b00 100644 (file)
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -776,8 +776,11 @@ mm_sshpam_query(void *ctx, char **name, char **info,
        *name = buffer_get_string(&m, NULL);
        *info = buffer_get_string(&m, NULL);
        *num = buffer_get_int(&m);
-       *prompts = xmalloc((*num + 1) * sizeof(char *));
-       *echo_on = xmalloc((*num + 1) * sizeof(u_int));
+       if (*num > PAM_MAX_NUM_MSG)
+               fatal("%s: recieved %u PAM messages, expected <= %u",
+                   __func__, *num, PAM_MAX_NUM_MSG);
+       *prompts = xcalloc((*num + 1), sizeof(char *));
+       *echo_on = xcalloc((*num + 1), sizeof(u_int));
        for (i = 0; i < *num; ++i) {
                (*prompts)[i] = buffer_get_string(&m, NULL);
                (*echo_on)[i] = buffer_get_int(&m);

diff --git a/openbsd-compat/bsd-cygwin_util.c b/openbsd-compat/bsd-cygwin_util.c
index 8f3acee2634b156973089248936aed4695e8e88d..b408dde2db6b9b8d38a2caceed61c45620dca9d2 100644 (file)
--- a/openbsd-compat/bsd-cygwin_util.c
+++ b/openbsd-compat/bsd-cygwin_util.c
@@ -268,7 +268,7 @@ fetch_windows_environment(void)
        char **e, **p;
        unsigned int i, idx = 0;
 
-       p = xmalloc((WENV_SIZ + 1) * sizeof(char *));
+       p = xcalloc(WENV_SIZ + 1, sizeof(char *));
        for (e = environ; *e != NULL; ++e) {
                for (i = 0; i < WENV_SIZ; ++i) {
                        if (!strncmp(*e, wenv_arr[i].name, wenv_arr[i].namelen))

diff --git a/openbsd-compat/setproctitle.c b/openbsd-compat/setproctitle.c
index 6e2b19bb4f584c50069196db7a6b4d0066b5d4ca..95b662e4d8f4d878abc556b47734c45639f5a986 100644 (file)
--- a/openbsd-compat/setproctitle.c
+++ b/openbsd-compat/setproctitle.c
@@ -80,7 +80,7 @@ compat_init_setproctitle(int argc, char *argv[])
        /* Fail if we can't allocate room for the new environment */
        for (i = 0; envp[i] != NULL; i++)
                ;
-       if ((environ = malloc(sizeof(*environ) * (i + 1))) == NULL) {
+       if ((environ = calloc(i + 1, sizeof(*environ))) == NULL) {
                environ = envp; /* put it back */
                return;
        }

diff --git a/scard-opensc.c b/scard-opensc.c
index dd2c28df250c13cd4b5f9a8c145341d010ef9f2e..7a496dff8c6883ef80bb999236fb499ed692b770 100644 (file)
--- a/scard-opensc.c
+++ b/scard-opensc.c
@@ -455,7 +455,9 @@ sc_get_keys(const char *id, const char *pin)
                }
                key_count = r;
        }
-       keys = xmalloc(sizeof(Key *) * (key_count*2+1));
+       if (key_count > 1024)
+               fatal("Too many keys (%u), expected <= 1024", key_count);
+       keys = xcalloc(key_count * 2 + 1, sizeof(Key *));
        for (i = 0; i < key_count; i++) {
                sc_pkcs15_object_t *tmp_obj = NULL;
                cert_id = ((sc_pkcs15_cert_info_t *)(certs[i]->data))->id;

diff --git a/session.c b/session.c
index caf750ab4f4df840900144158c4ba5ae949fb7c8..87e7ee6e310208a62629ae85c61f402ad625092c 100644 (file)
--- a/session.c
+++ b/session.c
@@ -984,7 +984,7 @@ do_setup_env(Session *s, const char *shell)
 
        /* Initialize the environment. */
        envsize = 100;
-       env = xmalloc(envsize * sizeof(char *));
+       env = xcalloc(envsize, sizeof(char *));
        env[0] = NULL;
 
 #ifdef HAVE_CYGWIN

diff --git a/ssh-rand-helper.c b/ssh-rand-helper.c
index 662f70080c81d21177a957a04e84ebe846379d87..3a4a165fa399708450a1e6e67288194d5dcc04c6 100644 (file)
--- a/ssh-rand-helper.c
+++ b/ssh-rand-helper.c
@@ -674,8 +674,7 @@ prng_read_commands(char *cmdfilename)
        }
 
        num_cmds = 64;
-       entcmd = xmalloc(num_cmds * sizeof(entropy_cmd_t));
-       memset(entcmd, '\0', num_cmds * sizeof(entropy_cmd_t));
+       entcmd = xcalloc(num_cmds, sizeof(entropy_cmd_t));
 
        /* Read in file */
        cur_cmd = linenum = 0;

diff --git a/sshd.c b/sshd.c
index a206db2452a70a7d349d0fd41fe752b0adb4d51a..e707cf65495866b7a9b2cb8442b36527d93f5e54 100644 (file)
--- a/sshd.c
+++ b/sshd.c
@@ -921,7 +921,7 @@ main(int ac, char **av)
        /* Save argv. Duplicate so setproctitle emulation doesn't clobber it */
        saved_argc = ac;
        rexec_argc = ac;
-       saved_argv = xmalloc(sizeof(*saved_argv) * (ac + 1));
+       saved_argv = xcalloc(ac + 1, sizeof(*saved_argv));
        for (i = 0; i < ac; i++)
                saved_argv[i] = xstrdup(av[i]);
        saved_argv[i] = NULL;