Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / d8093e49bf06813a8c97cbc90810f4863388af77^! / . / auth-pam.c
commitd8093e49bf06813a8c97cbc90810f4863388af77[log] [tgz]
authorDarren Tucker <dtucker@zip.com.au>Thu May 04 16:24:34 2006 +1000
committerDarren Tucker <dtucker@zip.com.au>Thu May 04 16:24:34 2006 +1000
tree186c431180b5e63c14733c5d92a5cdb988426fca
parent596d33801f6d703c1e45c74df6f6d6fe7ee085bb [diff] [blame]
 - (dtucker) [auth-pam.c groupaccess.c monitor.c monitor_wrap.c scard-opensc.c
   session.c ssh-rand-helper.c sshd.c openbsd-compat/bsd-cygwin_util.c
   openbsd-compat/setproctitle.c] Convert malloc(foo*bar) -> calloc(foo,bar)
   in Portable-only code; since calloc zeros, remove now-redundant memsets.
   Also add a couple of sanity checks.  With & ok djm@

diff --git a/auth-pam.c b/auth-pam.c
index c12f413..5ddc8be 100644
--- a/auth-pam.c
+++ b/auth-pam.c

@@ -288,7 +288,10 @@
 
 	/* Import environment from subprocess */
 	num_env = buffer_get_int(b);
-	sshpam_env = xmalloc((num_env + 1) * sizeof(*sshpam_env));
+	if (num_env > 1024)
+		fatal("%s: received %u environment variables, expected <= 1024",
+		    __func__, num_env);
+	sshpam_env = xcalloc(num_env + 1, sizeof(*sshpam_env));
 	debug3("PAM: num env strings %d", num_env);
 	for(i = 0; i < num_env; i++)
 		sshpam_env[i] = buffer_get_string(b, NULL);
@@ -335,9 +338,8 @@
 	if (n <= 0 || n > PAM_MAX_NUM_MSG)
 		return (PAM_CONV_ERR);
 
-	if ((reply = malloc(n * sizeof(*reply))) == NULL)
+	if ((reply = calloc(n, sizeof(*reply))) == NULL)
 		return (PAM_CONV_ERR);
-	memset(reply, 0, n * sizeof(*reply));
 
 	buffer_init(&buffer);
 	for (i = 0; i < n; ++i) {
@@ -533,9 +535,8 @@
 	if (n <= 0 || n > PAM_MAX_NUM_MSG)
 		return (PAM_CONV_ERR);
 
-	if ((reply = malloc(n * sizeof(*reply))) == NULL)
+	if ((reply = calloc(n, sizeof(*reply))) == NULL)
 		return (PAM_CONV_ERR);
-	memset(reply, 0, n * sizeof(*reply));
 
 	for (i = 0; i < n; ++i) {
 		switch (PAM_MSG_MEMBER(msg, i, msg_style)) {
@@ -935,9 +936,8 @@
 	if (n <= 0 || n > PAM_MAX_NUM_MSG || !isatty(STDIN_FILENO))
 		return (PAM_CONV_ERR);
 
-	if ((reply = malloc(n * sizeof(*reply))) == NULL)
+	if ((reply = calloc(n, sizeof(*reply))) == NULL)
 		return (PAM_CONV_ERR);
-	memset(reply, 0, n * sizeof(*reply));
 
 	for (i = 0; i < n; ++i) {
 		switch (PAM_MSG_MEMBER(msg, i, msg_style)) {