From 07d86bec5eeaf19fe33dca99c8ebcbe9a77c3938 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Sun, 26 Mar 2006 14:19:21 +1100 Subject: - djm@cvs.openbsd.org 2006/03/25 00:05:41 [auth-bsdauth.c auth-skey.c auth.c auth2-chall.c channels.c] [clientloop.c deattack.c gss-genr.c kex.c key.c misc.c moduli.c] [monitor.c monitor_wrap.c packet.c scard.c sftp-server.c ssh-agent.c] [ssh-keyscan.c ssh.c sshconnect.c sshconnect2.c sshd.c uuencode.c] [xmalloc.c xmalloc.h] introduce xcalloc() and xasprintf() failure-checked allocations functions and use them throughout openssh xcalloc is particularly important because malloc(nmemb * size) is a dangerous idiom (subject to integer overflow) and it is time for it to die feedback and ok deraadt@ --- sshd.c | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) (limited to 'sshd.c') diff --git a/sshd.c b/sshd.c index bb830161e..28e8c1aa3 100644 --- a/sshd.c +++ b/sshd.c @@ -891,7 +891,7 @@ main(int ac, char **av) { extern char *optarg; extern int optind; - int opt, j, i, fdsetsz, on = 1; + int opt, j, i, on = 1; int sock_in = -1, sock_out = -1, newsock = -1; pid_t pid; socklen_t fromlen; @@ -1110,7 +1110,7 @@ main(int ac, char **av) debug("sshd version %.100s", SSH_RELEASE); /* load private host keys */ - sensitive_data.host_keys = xmalloc(options.num_host_key_files * + sensitive_data.host_keys = xcalloc(options.num_host_key_files, sizeof(Key *)); for (i = 0; i < options.num_host_key_files; i++) sensitive_data.host_keys[i] = NULL; @@ -1212,7 +1212,7 @@ main(int ac, char **av) debug("setgroups() failed: %.200s", strerror(errno)); if (rexec_flag) { - rexec_argv = xmalloc(sizeof(char *) * (rexec_argc + 2)); + rexec_argv = xcalloc(rexec_argc + 2, sizeof(char *)); for (i = 0; i < rexec_argc; i++) { debug("rexec_argv[%d]='%s'", i, saved_argv[i]); rexec_argv[i] = saved_argv[i]; @@ -1391,7 +1391,7 @@ main(int ac, char **av) if (listen_socks[i] > maxfd) maxfd = listen_socks[i]; /* pipes connected to unauthenticated childs */ - startup_pipes = xmalloc(options.max_startups * sizeof(int)); + startup_pipes = xcalloc(options.max_startups, sizeof(int)); for (i = 0; i < options.max_startups; i++) startup_pipes[i] = -1; @@ -1404,9 +1404,8 @@ main(int ac, char **av) sighup_restart(); if (fdset != NULL) xfree(fdset); - fdsetsz = howmany(maxfd+1, NFDBITS) * sizeof(fd_mask); - fdset = (fd_set *)xmalloc(fdsetsz); - memset(fdset, 0, fdsetsz); + fdset = (fd_set *)xcalloc(howmany(maxfd + 1, NFDBITS), + sizeof(fd_mask)); for (i = 0; i < num_listen_socks; i++) FD_SET(listen_socks[i], fdset); @@ -1713,8 +1712,7 @@ main(int ac, char **av) packet_set_nonblocking(); /* allocate authentication context */ - authctxt = xmalloc(sizeof(*authctxt)); - memset(authctxt, 0, sizeof(*authctxt)); + authctxt = xcalloc(1, sizeof(*authctxt)); authctxt->loginmsg = &loginmsg; -- cgit v1.2.3