os: use calloc() instead of malloc()

Using calloc() instead of malloc() as preventive measure, so there never can be any hidden bugs or leaks due uninitialized memory. The extra cost of using this compiler intrinsic should be practically impossible to measure - in many cases a good compiler can even deduce if certain areas really don't need to be zero'd (because they're written to right after allocation) and create more efficient machine code. The code pathes in question are pretty cold anyways, so it's probably not worth even thinking about potential extra runtime costs. Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
2025-04-10 19:55:13 +02:00 · 2025-04-10 19:55:13 +02:00 · 5f619d862d
parent 0127d6ef13
commit 5f619d862d
14 changed files with 34 additions and 45 deletions
--- a/os/access.c
+++ b/os/access.c
@ -217,7 +217,7 @@ typedef struct _host {
    int requested;
 } HOST;

-#define MakeHost(h,l)	(h)=malloc(sizeof *(h)+(l));\
+#define MakeHost(h,l)	(h)=calloc(1, sizeof *(h)+(l));\
 			if (h) { \
 			   (h)->addr=(unsigned char *) ((h) + 1);\
 			   (h)->requested = FALSE; \
@ -590,7 +590,7 @@ DefineSelf(int fd)
        ErrorF("Getting interface count: %s\n", strerror(errno));
    if (len < (ifn.lifn_count * sizeof(struct lifreq))) {
        len = ifn.lifn_count * sizeof(struct lifreq);
-        bufptr = malloc(len);
+        bufptr = calloc(1, len);
    }
 #endif

@ -1415,7 +1415,7 @@ GetHosts(void **data, int *pnHosts, int *pLen, BOOL * pEnabled)
            break;
    }
    if (n) {
-        *data = ptr = malloc(n);
+        *data = ptr = calloc(1, n);
        if (!ptr) {
            return BadAlloc;
        }
@ -1638,7 +1638,7 @@ siTypeAdd(const char *typeName, siAddrMatchFunc addrMatch,
        }
    }

-    s = malloc(sizeof(struct siType));
+    s = calloc(1, sizeof(struct siType));
    if (s == NULL)
        return BadAlloc;

@ -1997,7 +1997,7 @@ static Bool
 siLocalCredGetId(const char *addr, int len, siLocalCredPrivPtr lcPriv, int *id)
 {
    Bool parsedOK = FALSE;
-    char *addrbuf = malloc(len + 1);
+    char *addrbuf = calloc(1, len + 1);

    if (addrbuf == NULL) {
        return FALSE;
--- a/os/alloc.c
+++ b/os/alloc.c
@ -12,7 +12,7 @@
 void *
 XNFalloc(unsigned long amount)
 {
-    void *ptr = malloc(amount);
+    void *ptr = calloc(1, amount);

    if (!ptr)
        FatalError("Out of memory");
--- a/os/client.c
+++ b/os/client.c
@ -181,7 +181,7 @@ DetermineClientCmd(pid_t pid, const char **cmdname, const char **cmdargs)
        size_t len = argmax;
        int32_t argc = -1;

-        char * const procargs = malloc(len);
+        char * const procargs = calloc(1, len);
        if (!procargs) {
            ErrorF("Failed to allocate memory (%lu bytes) for KERN_PROCARGS2 result for pid %d: %s\n", len, pid, strerror(errno));
            return;
@ -278,7 +278,7 @@ DetermineClientCmd(pid_t pid, const char **cmdname, const char **cmdargs)

        /* Read KERN_PROC_ARGS contents. Similar to /proc/pid/cmdline
         * the process name and each argument are separated by NUL byte. */
-        char *const procargs = malloc(len);
+        char *const procargs = calloc(1, len);
        if (sysctl(mib, ARRAY_SIZE(mib), procargs, &len, NULL, 0) != 0) {
            ErrorF("Failed to get KERN_PROC_ARGS for PID %d: %s\n", pid, strerror(errno));
            free(procargs);
@ -383,7 +383,7 @@ DetermineClientCmd(pid_t pid, const char **cmdname, const char **cmdargs)
        char *args = NULL;

        if (argsize > 0)
-            args = malloc(argsize);
+            args = calloc(1, argsize);
        if (args) {
            int i = 0;

--- a/os/connection.c
+++ b/os/connection.c
@ -614,10 +614,9 @@ ClientReady(int fd, int xevents, void *data)
 static ClientPtr
 AllocNewConnection(XtransConnInfo trans_conn, int fd, CARD32 conn_time)
 {
-    OsCommPtr oc;
    ClientPtr client;

-    oc = malloc(sizeof(OsCommRec));
+    OsCommPtr oc = calloc(1, sizeof(OsCommRec));
    if (!oc)
        return NullClient;
    oc->trans_conn = trans_conn;
--- a/os/inputthread.c
+++ b/os/inputthread.c
@ -409,7 +409,7 @@ InputThreadPreInit(void)
     if (pipe(hotplugPipe) < 0)
        FatalError("input-thread: could not create pipe");

-    inputThreadInfo = malloc(sizeof(InputThreadInfo));
+    inputThreadInfo = calloc(1, sizeof(InputThreadInfo));
    if (!inputThreadInfo)
        FatalError("input-thread: could not allocate memory");

--- a/os/io.c
+++ b/os/io.c
@ -972,12 +972,10 @@ FlushClient(ClientPtr who, OsCommPtr oc, const void *__extraBuf, int extraCount)
 static ConnectionInputPtr
 AllocateInputBuffer(void)
 {
-    ConnectionInputPtr oci;
-
-    oci = malloc(sizeof(ConnectionInput));
+    ConnectionInputPtr oci = calloc(1, sizeof(ConnectionInput));
    if (!oci)
        return NULL;
-    oci->buffer = malloc(BUFSIZE);
+    oci->buffer = calloc(1, BUFSIZE);
    if (!oci->buffer) {
        free(oci);
        return NULL;
@ -993,9 +991,7 @@ AllocateInputBuffer(void)
 static ConnectionOutputPtr
 AllocateOutputBuffer(void)
 {
-    ConnectionOutputPtr oco;
-
-    oco = malloc(sizeof(ConnectionOutput));
+    ConnectionOutputPtr oco = calloc(1, sizeof(ConnectionOutput));
    if (!oco)
        return NULL;
    oco->buf = calloc(1, BUFSIZE);
--- a/os/log.c
+++ b/os/log.c
@ -82,7 +82,7 @@ OR PERFORMANCE OF THIS SOFTWARE.
 #include <errno.h>
 #include <stdio.h>
 #include <stdarg.h>
-#include <stdlib.h>             /* for malloc() */
+#include <stdlib.h>             /* for calloc() */
 #include <sys/stat.h>
 #include <time.h>
 #include <X11/Xfuncproto.h>
@ -773,7 +773,6 @@ AuditPrefix(void)
 {
    time_t tm;
    char *autime, *s;
-    char *tmpBuf;
    int len;

    time(&tm);
@ -781,7 +780,7 @@ AuditPrefix(void)
    if ((s = strchr(autime, '\n')))
        *s = '\0';
    len = strlen(AUDIT_PREFIX) + strlen(autime) + 10 + 1;
-    tmpBuf = malloc(len);
+    char *tmpBuf = calloc(1, len);
    if (!tmpBuf)
        return NULL;
    snprintf(tmpBuf, len, AUDIT_PREFIX, autime, (unsigned long) getpid());
--- a/os/mitauth.c
+++ b/os/mitauth.c
@ -49,12 +49,10 @@ static struct auth {
 int
 MitAddCookie(unsigned short data_length, const char *data, XID id)
 {
-    struct auth *new;
-
-    new = malloc(sizeof(struct auth));
+    struct auth *new = calloc(1, sizeof(struct auth));
    if (!new)
        return 0;
-    new->data = malloc((unsigned) data_length);
+    new->data = calloc(1, (unsigned) data_length);
    if (!new->data) {
        free(new);
        return 0;
--- a/os/strndup.c
+++ b/os/strndup.c
@ -43,7 +43,7 @@ strndup(const char *str, size_t n)
    for (len = 0; len < n && str[len]; len++)
        continue;

-    if ((copy = malloc(len + 1)) == NULL)
+    if ((copy = calloc(1, len + 1)) == NULL)
        return (NULL);
    memcpy(copy, str, len);
    copy[len] = '\0';
--- a/os/utils.c
+++ b/os/utils.c
@ -96,7 +96,7 @@ __stdcall unsigned long GetTickCount(void);
 #include <sys/stat.h>
 #include <ctype.h>              /* for isspace */
 #include <stdarg.h>
-#include <stdlib.h>             /* for malloc() */
+#include <stdlib.h>             /* for calloc() */

 #if defined(TCPCONN)
 #ifndef WIN32
@ -1030,7 +1030,7 @@ Popen(const char *command, const char *type)
    if ((*type != 'r' && *type != 'w') || type[1])
        return NULL;

-    if ((cur = malloc(sizeof(struct pid))) == NULL)
+    if ((cur = calloc(1, sizeof(struct pid))) == NULL)
        return NULL;

    if (pipe(pdes) < 0) {
--- a/os/xdmauth.c
+++ b/os/xdmauth.c
@ -256,7 +256,7 @@ XdmAuthorizationValidate(unsigned char *plain, int length,
            *reason = "Bad XDM authorization key length";
        return NULL;
    }
-    client = malloc(sizeof(XdmClientAuthRec));
+    client = calloc(1, sizeof(XdmClientAuthRec));
    if (!client)
        return NULL;
    XdmClientAuthDecode(plain, client);
@ -322,7 +322,6 @@ XdmAuthorizationValidate(unsigned char *plain, int length,
 int
 XdmAddCookie(unsigned short data_length, const char *data, XID id)
 {
-    XdmAuthorizationPtr new;
    unsigned char *rho_bits, *key_bits;

    switch (data_length) {
@ -354,7 +353,7 @@ XdmAddCookie(unsigned short data_length, const char *data, XID id)
    /* the first octet of the key must be zero */
    if (key_bits[0] != '\0')
        return 0;
-    new = malloc(sizeof(XdmAuthorizationRec));
+    XdmAuthorizationPtr new = calloc(1, sizeof(XdmAuthorizationRec));
    if (!new)
        return 0;
    new->next = xdmAuth;
@ -371,12 +370,11 @@ XdmCheckCookie(unsigned short cookie_length, const char *cookie,
 {
    XdmAuthorizationPtr auth;
    XdmClientAuthPtr client;
-    unsigned char *plain;

    /* Auth packets must be a multiple of 8 bytes long */
    if (cookie_length & 7)
        return (XID) -1;
-    plain = malloc(cookie_length);
+    unsigned char *plain = calloc(1, cookie_length);
    if (!plain)
        return (XID) -1;
    for (auth = xdmAuth; auth; auth = auth->next) {
--- a/os/xdmcp.c
+++ b/os/xdmcp.c
@ -398,7 +398,7 @@ XdmcpRegisterAuthentication(const char *name,
          XdmcpReallocARRAYofARRAY8(&AuthenticationDatas,
                                    AuthenticationDatas.length + 1) &&
          (newFuncs =
-           malloc((AuthenticationNames.length +
+           calloc(1, (AuthenticationNames.length +
                   1) * sizeof(AuthenticationFuncsRec))))) {
        XdmcpDisposeARRAY8(&AuthenticationName);
        XdmcpDisposeARRAY8(&AuthenticationData);
@ -502,7 +502,7 @@ XdmcpRegisterConnection(int type, const char *address, int addrlen)
    }
    if (ConnectionAddresses.length + 1 == 256)
        return;
-    newAddress = malloc(addrlen * sizeof(CARD8));
+    newAddress = calloc(addrlen, sizeof(CARD8));
    if (!newAddress)
        return;
    if (!XdmcpReallocARRAY16(&ConnectionTypes, ConnectionTypes.length + 1)) {
@ -541,7 +541,7 @@ XdmcpRegisterAuthorization(const char *name, int namelen)
    ARRAY8 authName;
    int i;

-    authName.data = malloc(namelen * sizeof(CARD8));
+    authName.data = calloc(namelen, sizeof(CARD8));
    if (!authName.data)
        return;
    if (!XdmcpReallocARRAYofARRAY8
--- a/os/xprintf.c
+++ b/os/xprintf.c
@ -103,7 +103,7 @@ Xvasprintf(char **ret, const char *_X_RESTRICT_KYWD format, va_list va)
    size = vsnprintf(NULL, 0, format, va2);
    va_end(va2);

-    *ret = malloc(size + 1);
+    *ret = calloc(1, size + 1);
    if (*ret == NULL)
        return -1;

--- a/os/xsha1.c
+++ b/os/xsha1.c
@ -45,8 +45,7 @@
 void *
 x_sha1_init(void)
 {
-    SHA1_CTX *ctx = malloc(sizeof(*ctx));
-
+    SHA1_CTX *ctx = calloc(1, sizeof(SHA1_CTX));
    if (!ctx)
        return NULL;
    SHA1Init(ctx);
@ -79,7 +78,7 @@ x_sha1_final(void *ctx, unsigned char result[20])
 void *
 x_sha1_init(void)
 {
-    CC_SHA1_CTX *ctx = malloc(sizeof(*ctx));
+    CC_SHA1_CTX *ctx = calloc(1, sizeof(CC_SHA1_CTX));

    if (!ctx)
        return NULL;
@ -117,7 +116,7 @@ static HCRYPTPROV hProv;
 void *
 x_sha1_init(void)
 {
-    HCRYPTHASH *ctx = malloc(sizeof(*ctx));
+    HCRYPTHASH *ctx = calloc(1, sizeof(HCRYPTHASH));

    if (!ctx)
        return NULL;
@ -155,7 +154,7 @@ x_sha1_final(void *ctx, unsigned char result[20])
 void *
 x_sha1_init(void)
 {
-    struct sha1_ctx *ctx = malloc(sizeof(*ctx));
+    struct sha1_ctx *ctx = calloc(1, sizeof(struct sha1_ctx ));

    if (!ctx)
        return NULL;
@ -229,7 +228,7 @@ x_sha1_final(void *ctx, unsigned char result[20])
 void *
 x_sha1_init(void)
 {
-    sha1_ctx *ctx = malloc(sizeof(*ctx));
+    sha1_ctx *ctx = calloc(1, sizeof(sha1_ctx));

    if (!ctx)
        return NULL;
@ -261,7 +260,7 @@ void *
 x_sha1_init(void)
 {
    int ret;
-    SHA_CTX *ctx = malloc(sizeof(*ctx));
+    SHA_CTX *ctx = calloc(1, sizeof(SHA_CTX));

    if (!ctx)
        return NULL;