calloc: Use calloc() at most places (65dfa117) · Commits · PureOS / Core Packages / Grub

Commit 65dfa117 authored 4 years ago by Peter Jones Committed by Colin Watson 4 years ago

calloc: Use calloc() at most places


This modifies most of the places we do some form of:

  X = malloc(Y * Z);

to use calloc(Y, Z) instead.

Among other issues, this fixes:
  - allocation of integer overflow in grub_png_decode_image_header()
    reported by Chris Coulson,
  - allocation of integer overflow in luks_recover_key()
    reported by Chris Coulson,
  - allocation of integer overflow in grub_lvm_detect()
    reported by Chris Coulson.

Fixes: CVE-2020-14308

Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>

Patch-Name: safe-alloc-3.patch

parent f80ca28e

No related branches found

No related tags found

No related merge requests found

Hide whitespace changes

Inline Side-by-side

Showing with 50 additions and 44 deletions

Please register or to comment

Admin message

Admin message

calloc: Use calloc() at most places