calloc: Use calloc() at most places
This modifies most of the places we do some form of:
X = malloc(Y * Z);
to use calloc(Y, Z) instead.
Among other issues, this fixes:
- allocation of integer overflow in grub_png_decode_image_header()
reported by Chris Coulson,
- allocation of integer overflow in luks_recover_key()
reported by Chris Coulson,
- allocation of integer overflow in grub_lvm_detect()
reported by Chris Coulson.
Fixes: CVE-2020-14308
Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This commit is contained in:
Peter Jones
Daniel Kiper
parent
64e26162eb
commit
f725fa7cb2
87 changed files with 179 additions and 178 deletions
|
|
@ -72,7 +72,7 @@ grub_make_system_path_relative_to_its_root (const char *path)
|
|||
if (dirwindows[0] && dirwindows[1] == ':')
|
||||
offset = 2;
|
||||
}
|
||||
ret = xmalloc (sizeof (ret[0]) * (flen - offset + 2));
|
||||
ret = xcalloc (flen - offset + 2, sizeof (ret[0]));
|
||||
if (dirwindows[offset] != '\\'
|
||||
&& dirwindows[offset] != '/'
|
||||
&& dirwindows[offset])
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue