f725fa7cb2
This modifies most of the places we do some form of: X = malloc(Y * Z); to use calloc(Y, Z) instead. Among other issues, this fixes: - allocation of integer overflow in grub_png_decode_image_header() reported by Chris Coulson, - allocation of integer overflow in luks_recover_key() reported by Chris Coulson, - allocation of integer overflow in grub_lvm_detect() reported by Chris Coulson. Fixes: CVE-2020-14308 Signed-off-by: Peter Jones <pjones@redhat.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> |
||
---|---|---|
.. | ||
bitstream.h | ||
compiler.h | ||
cpu.h | ||
debug.c | ||
debug.h | ||
entropy_common.c | ||
error_private.c | ||
error_private.h | ||
fse.h | ||
fse_decompress.c | ||
huf.h | ||
huf_decompress.c | ||
mem.h | ||
module.c | ||
xxhash.c | ||
xxhash.h | ||
zstd.h | ||
zstd_common.c | ||
zstd_decompress.c | ||
zstd_errors.h | ||
zstd_internal.h |