calloc: Use calloc() at most places

This modifies most of the places we do some form of:

  X = malloc(Y * Z);

to use calloc(Y, Z) instead.

Among other issues, this fixes:
  - allocation of integer overflow in grub_png_decode_image_header()
    reported by Chris Coulson,
  - allocation of integer overflow in luks_recover_key()
    reported by Chris Coulson,
  - allocation of integer overflow in grub_lvm_detect()
    reported by Chris Coulson.

Fixes: CVE-2020-14308

Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>

grub-core/commands/efi/lsefisystab.c

@@ -73,7 +73,8 @@ grub_cmd_lsefisystab (struct grub_command *cmd __attribute__ ((unused)),
     grub_printf ("Vendor: ");
     
     for (vendor_utf16 = st->firmware_vendor; *vendor_utf16; vendor_utf16++);
-    vendor = grub_malloc (4 * (vendor_utf16 - st->firmware_vendor) + 1);
+    /* Allocate extra 3 bytes to simplify math. */
+    vendor = grub_calloc (4, vendor_utf16 - st->firmware_vendor + 1);
     if (!vendor)
       return grub_errno;
     *grub_utf16_to_utf8 ((grub_uint8_t *) vendor, st->firmware_vendor,