f725fa7cb2
This modifies most of the places we do some form of: X = malloc(Y * Z); to use calloc(Y, Z) instead. Among other issues, this fixes: - allocation of integer overflow in grub_png_decode_image_header() reported by Chris Coulson, - allocation of integer overflow in luks_recover_key() reported by Chris Coulson, - allocation of integer overflow in grub_lvm_detect() reported by Chris Coulson. Fixes: CVE-2020-14308 Signed-off-by: Peter Jones <pjones@redhat.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> |
||
---|---|---|
.. | ||
drivers | ||
arp.c | ||
bootp.c | ||
dns.c | ||
ethernet.c | ||
http.c | ||
icmp.c | ||
icmp6.c | ||
ip.c | ||
net.c | ||
netbuff.c | ||
tcp.c | ||
tftp.c | ||
udp.c |