calloc: Use calloc() at most places

This modifies most of the places we do some form of:

  X = malloc(Y * Z);

to use calloc(Y, Z) instead.

Among other issues, this fixes:
  - allocation of integer overflow in grub_png_decode_image_header()
    reported by Chris Coulson,
  - allocation of integer overflow in luks_recover_key()
    reported by Chris Coulson,
  - allocation of integer overflow in grub_lvm_detect()
    reported by Chris Coulson.

Fixes: CVE-2020-14308

Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>

grub-core/lib/json/json.c

@@ -53,7 +53,7 @@ grub_json_parse (grub_json_t **out, char *string, grub_size_t string_len)
       goto err;
     }
 
-  json->tokens = grub_malloc (sizeof (jsmntok_t) * jsmn_ret);
+  json->tokens = grub_calloc (jsmn_ret, sizeof (jsmntok_t));
   if (!json->tokens)
     {
       ret = GRUB_ERR_OUT_OF_MEMORY;