calloc: Use calloc() at most places
This modifies most of the places we do some form of:
X = malloc(Y * Z);
to use calloc(Y, Z) instead.
Among other issues, this fixes:
- allocation of integer overflow in grub_png_decode_image_header()
reported by Chris Coulson,
- allocation of integer overflow in luks_recover_key()
reported by Chris Coulson,
- allocation of integer overflow in grub_lvm_detect()
reported by Chris Coulson.
Fixes: CVE-2020-14308
Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This commit is contained in:
Peter Jones
Daniel Kiper
parent
64e26162eb
commit
f725fa7cb2
87 changed files with 179 additions and 178 deletions
|
|
@ -225,8 +225,8 @@ grub_install_register_efi (grub_device_t efidir_grub_dev,
|
|||
grub_util_error ("%s", _("no EFI routines are available when running in BIOS mode"));
|
||||
|
||||
distrib8_len = grub_strlen (efi_distributor);
|
||||
distributor16 = xmalloc ((distrib8_len + 1) * GRUB_MAX_UTF16_PER_UTF8
|
||||
* sizeof (grub_uint16_t));
|
||||
distributor16 = xcalloc (distrib8_len + 1,
|
||||
GRUB_MAX_UTF16_PER_UTF8 * sizeof (grub_uint16_t));
|
||||
distrib16_len = grub_utf8_to_utf16 (distributor16, distrib8_len * GRUB_MAX_UTF16_PER_UTF8,
|
||||
(const grub_uint8_t *) efi_distributor,
|
||||
distrib8_len, 0);
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue