From 5f619d862d249b55cb32e62b349cdccd48d0672a Mon Sep 17 00:00:00 2001 From: "Enrico Weigelt, metux IT consult" Date: Thu, 10 Apr 2025 19:55:13 +0200 Subject: [PATCH] os: use calloc() instead of malloc() Using calloc() instead of malloc() as preventive measure, so there never can be any hidden bugs or leaks due uninitialized memory. The extra cost of using this compiler intrinsic should be practically impossible to measure - in many cases a good compiler can even deduce if certain areas really don't need to be zero'd (because they're written to right after allocation) and create more efficient machine code. The code pathes in question are pretty cold anyways, so it's probably not worth even thinking about potential extra runtime costs. Signed-off-by: Enrico Weigelt, metux IT consult --- os/access.c | 10 +++++----- os/alloc.c | 2 +- os/client.c | 6 +++--- os/connection.c | 3 +-- os/inputthread.c | 2 +- os/io.c | 10 +++------- os/log.c | 5 ++--- os/mitauth.c | 6 ++---- os/strndup.c | 2 +- os/utils.c | 4 ++-- os/xdmauth.c | 8 +++----- os/xdmcp.c | 6 +++--- os/xprintf.c | 2 +- os/xsha1.c | 13 ++++++------- 14 files changed, 34 insertions(+), 45 deletions(-) diff --git a/os/access.c b/os/access.c index 98095a5a1..e81a9a975 100644 --- a/os/access.c +++ b/os/access.c @@ -217,7 +217,7 @@ typedef struct _host { int requested; } HOST; -#define MakeHost(h,l) (h)=malloc(sizeof *(h)+(l));\ +#define MakeHost(h,l) (h)=calloc(1, sizeof *(h)+(l));\ if (h) { \ (h)->addr=(unsigned char *) ((h) + 1);\ (h)->requested = FALSE; \ @@ -590,7 +590,7 @@ DefineSelf(int fd) ErrorF("Getting interface count: %s\n", strerror(errno)); if (len < (ifn.lifn_count * sizeof(struct lifreq))) { len = ifn.lifn_count * sizeof(struct lifreq); - bufptr = malloc(len); + bufptr = calloc(1, len); } #endif @@ -1415,7 +1415,7 @@ GetHosts(void **data, int *pnHosts, int *pLen, BOOL * pEnabled) break; } if (n) { - *data = ptr = malloc(n); + *data = ptr = calloc(1, n); if (!ptr) { return BadAlloc; } @@ -1638,7 +1638,7 @@ siTypeAdd(const char *typeName, siAddrMatchFunc addrMatch, } } - s = malloc(sizeof(struct siType)); + s = calloc(1, sizeof(struct siType)); if (s == NULL) return BadAlloc; @@ -1997,7 +1997,7 @@ static Bool siLocalCredGetId(const char *addr, int len, siLocalCredPrivPtr lcPriv, int *id) { Bool parsedOK = FALSE; - char *addrbuf = malloc(len + 1); + char *addrbuf = calloc(1, len + 1); if (addrbuf == NULL) { return FALSE; diff --git a/os/alloc.c b/os/alloc.c index d808b0fe8..5049957f1 100644 --- a/os/alloc.c +++ b/os/alloc.c @@ -12,7 +12,7 @@ void * XNFalloc(unsigned long amount) { - void *ptr = malloc(amount); + void *ptr = calloc(1, amount); if (!ptr) FatalError("Out of memory"); diff --git a/os/client.c b/os/client.c index bcbaee677..d94f3dad9 100644 --- a/os/client.c +++ b/os/client.c @@ -181,7 +181,7 @@ DetermineClientCmd(pid_t pid, const char **cmdname, const char **cmdargs) size_t len = argmax; int32_t argc = -1; - char * const procargs = malloc(len); + char * const procargs = calloc(1, len); if (!procargs) { ErrorF("Failed to allocate memory (%lu bytes) for KERN_PROCARGS2 result for pid %d: %s\n", len, pid, strerror(errno)); return; @@ -278,7 +278,7 @@ DetermineClientCmd(pid_t pid, const char **cmdname, const char **cmdargs) /* Read KERN_PROC_ARGS contents. Similar to /proc/pid/cmdline * the process name and each argument are separated by NUL byte. */ - char *const procargs = malloc(len); + char *const procargs = calloc(1, len); if (sysctl(mib, ARRAY_SIZE(mib), procargs, &len, NULL, 0) != 0) { ErrorF("Failed to get KERN_PROC_ARGS for PID %d: %s\n", pid, strerror(errno)); free(procargs); @@ -383,7 +383,7 @@ DetermineClientCmd(pid_t pid, const char **cmdname, const char **cmdargs) char *args = NULL; if (argsize > 0) - args = malloc(argsize); + args = calloc(1, argsize); if (args) { int i = 0; diff --git a/os/connection.c b/os/connection.c index d0d7c10c5..c18822ad3 100644 --- a/os/connection.c +++ b/os/connection.c @@ -614,10 +614,9 @@ ClientReady(int fd, int xevents, void *data) static ClientPtr AllocNewConnection(XtransConnInfo trans_conn, int fd, CARD32 conn_time) { - OsCommPtr oc; ClientPtr client; - oc = malloc(sizeof(OsCommRec)); + OsCommPtr oc = calloc(1, sizeof(OsCommRec)); if (!oc) return NullClient; oc->trans_conn = trans_conn; diff --git a/os/inputthread.c b/os/inputthread.c index 623648256..b877c3b2f 100644 --- a/os/inputthread.c +++ b/os/inputthread.c @@ -409,7 +409,7 @@ InputThreadPreInit(void) if (pipe(hotplugPipe) < 0) FatalError("input-thread: could not create pipe"); - inputThreadInfo = malloc(sizeof(InputThreadInfo)); + inputThreadInfo = calloc(1, sizeof(InputThreadInfo)); if (!inputThreadInfo) FatalError("input-thread: could not allocate memory"); diff --git a/os/io.c b/os/io.c index 17fba5602..1ef428d5e 100644 --- a/os/io.c +++ b/os/io.c @@ -972,12 +972,10 @@ FlushClient(ClientPtr who, OsCommPtr oc, const void *__extraBuf, int extraCount) static ConnectionInputPtr AllocateInputBuffer(void) { - ConnectionInputPtr oci; - - oci = malloc(sizeof(ConnectionInput)); + ConnectionInputPtr oci = calloc(1, sizeof(ConnectionInput)); if (!oci) return NULL; - oci->buffer = malloc(BUFSIZE); + oci->buffer = calloc(1, BUFSIZE); if (!oci->buffer) { free(oci); return NULL; @@ -993,9 +991,7 @@ AllocateInputBuffer(void) static ConnectionOutputPtr AllocateOutputBuffer(void) { - ConnectionOutputPtr oco; - - oco = malloc(sizeof(ConnectionOutput)); + ConnectionOutputPtr oco = calloc(1, sizeof(ConnectionOutput)); if (!oco) return NULL; oco->buf = calloc(1, BUFSIZE); diff --git a/os/log.c b/os/log.c index 779615e57..b7dc1aa80 100644 --- a/os/log.c +++ b/os/log.c @@ -82,7 +82,7 @@ OR PERFORMANCE OF THIS SOFTWARE. #include #include #include -#include /* for malloc() */ +#include /* for calloc() */ #include #include #include @@ -773,7 +773,6 @@ AuditPrefix(void) { time_t tm; char *autime, *s; - char *tmpBuf; int len; time(&tm); @@ -781,7 +780,7 @@ AuditPrefix(void) if ((s = strchr(autime, '\n'))) *s = '\0'; len = strlen(AUDIT_PREFIX) + strlen(autime) + 10 + 1; - tmpBuf = malloc(len); + char *tmpBuf = calloc(1, len); if (!tmpBuf) return NULL; snprintf(tmpBuf, len, AUDIT_PREFIX, autime, (unsigned long) getpid()); diff --git a/os/mitauth.c b/os/mitauth.c index 4383ac7ae..625080d6b 100644 --- a/os/mitauth.c +++ b/os/mitauth.c @@ -49,12 +49,10 @@ static struct auth { int MitAddCookie(unsigned short data_length, const char *data, XID id) { - struct auth *new; - - new = malloc(sizeof(struct auth)); + struct auth *new = calloc(1, sizeof(struct auth)); if (!new) return 0; - new->data = malloc((unsigned) data_length); + new->data = calloc(1, (unsigned) data_length); if (!new->data) { free(new); return 0; diff --git a/os/strndup.c b/os/strndup.c index 4606ab413..de76d2e5c 100644 --- a/os/strndup.c +++ b/os/strndup.c @@ -43,7 +43,7 @@ strndup(const char *str, size_t n) for (len = 0; len < n && str[len]; len++) continue; - if ((copy = malloc(len + 1)) == NULL) + if ((copy = calloc(1, len + 1)) == NULL) return (NULL); memcpy(copy, str, len); copy[len] = '\0'; diff --git a/os/utils.c b/os/utils.c index 5be17d264..56d1a5a58 100644 --- a/os/utils.c +++ b/os/utils.c @@ -96,7 +96,7 @@ __stdcall unsigned long GetTickCount(void); #include #include /* for isspace */ #include -#include /* for malloc() */ +#include /* for calloc() */ #if defined(TCPCONN) #ifndef WIN32 @@ -1030,7 +1030,7 @@ Popen(const char *command, const char *type) if ((*type != 'r' && *type != 'w') || type[1]) return NULL; - if ((cur = malloc(sizeof(struct pid))) == NULL) + if ((cur = calloc(1, sizeof(struct pid))) == NULL) return NULL; if (pipe(pdes) < 0) { diff --git a/os/xdmauth.c b/os/xdmauth.c index 3a676e188..833c72155 100644 --- a/os/xdmauth.c +++ b/os/xdmauth.c @@ -256,7 +256,7 @@ XdmAuthorizationValidate(unsigned char *plain, int length, *reason = "Bad XDM authorization key length"; return NULL; } - client = malloc(sizeof(XdmClientAuthRec)); + client = calloc(1, sizeof(XdmClientAuthRec)); if (!client) return NULL; XdmClientAuthDecode(plain, client); @@ -322,7 +322,6 @@ XdmAuthorizationValidate(unsigned char *plain, int length, int XdmAddCookie(unsigned short data_length, const char *data, XID id) { - XdmAuthorizationPtr new; unsigned char *rho_bits, *key_bits; switch (data_length) { @@ -354,7 +353,7 @@ XdmAddCookie(unsigned short data_length, const char *data, XID id) /* the first octet of the key must be zero */ if (key_bits[0] != '\0') return 0; - new = malloc(sizeof(XdmAuthorizationRec)); + XdmAuthorizationPtr new = calloc(1, sizeof(XdmAuthorizationRec)); if (!new) return 0; new->next = xdmAuth; @@ -371,12 +370,11 @@ XdmCheckCookie(unsigned short cookie_length, const char *cookie, { XdmAuthorizationPtr auth; XdmClientAuthPtr client; - unsigned char *plain; /* Auth packets must be a multiple of 8 bytes long */ if (cookie_length & 7) return (XID) -1; - plain = malloc(cookie_length); + unsigned char *plain = calloc(1, cookie_length); if (!plain) return (XID) -1; for (auth = xdmAuth; auth; auth = auth->next) { diff --git a/os/xdmcp.c b/os/xdmcp.c index 822d458af..7a4e54ddf 100644 --- a/os/xdmcp.c +++ b/os/xdmcp.c @@ -398,7 +398,7 @@ XdmcpRegisterAuthentication(const char *name, XdmcpReallocARRAYofARRAY8(&AuthenticationDatas, AuthenticationDatas.length + 1) && (newFuncs = - malloc((AuthenticationNames.length + + calloc(1, (AuthenticationNames.length + 1) * sizeof(AuthenticationFuncsRec))))) { XdmcpDisposeARRAY8(&AuthenticationName); XdmcpDisposeARRAY8(&AuthenticationData); @@ -502,7 +502,7 @@ XdmcpRegisterConnection(int type, const char *address, int addrlen) } if (ConnectionAddresses.length + 1 == 256) return; - newAddress = malloc(addrlen * sizeof(CARD8)); + newAddress = calloc(addrlen, sizeof(CARD8)); if (!newAddress) return; if (!XdmcpReallocARRAY16(&ConnectionTypes, ConnectionTypes.length + 1)) { @@ -541,7 +541,7 @@ XdmcpRegisterAuthorization(const char *name, int namelen) ARRAY8 authName; int i; - authName.data = malloc(namelen * sizeof(CARD8)); + authName.data = calloc(namelen, sizeof(CARD8)); if (!authName.data) return; if (!XdmcpReallocARRAYofARRAY8 diff --git a/os/xprintf.c b/os/xprintf.c index 9e93ac9b2..ab9f193e7 100644 --- a/os/xprintf.c +++ b/os/xprintf.c @@ -103,7 +103,7 @@ Xvasprintf(char **ret, const char *_X_RESTRICT_KYWD format, va_list va) size = vsnprintf(NULL, 0, format, va2); va_end(va2); - *ret = malloc(size + 1); + *ret = calloc(1, size + 1); if (*ret == NULL) return -1; diff --git a/os/xsha1.c b/os/xsha1.c index a1a2448af..825667b9d 100644 --- a/os/xsha1.c +++ b/os/xsha1.c @@ -45,8 +45,7 @@ void * x_sha1_init(void) { - SHA1_CTX *ctx = malloc(sizeof(*ctx)); - + SHA1_CTX *ctx = calloc(1, sizeof(SHA1_CTX)); if (!ctx) return NULL; SHA1Init(ctx); @@ -79,7 +78,7 @@ x_sha1_final(void *ctx, unsigned char result[20]) void * x_sha1_init(void) { - CC_SHA1_CTX *ctx = malloc(sizeof(*ctx)); + CC_SHA1_CTX *ctx = calloc(1, sizeof(CC_SHA1_CTX)); if (!ctx) return NULL; @@ -117,7 +116,7 @@ static HCRYPTPROV hProv; void * x_sha1_init(void) { - HCRYPTHASH *ctx = malloc(sizeof(*ctx)); + HCRYPTHASH *ctx = calloc(1, sizeof(HCRYPTHASH)); if (!ctx) return NULL; @@ -155,7 +154,7 @@ x_sha1_final(void *ctx, unsigned char result[20]) void * x_sha1_init(void) { - struct sha1_ctx *ctx = malloc(sizeof(*ctx)); + struct sha1_ctx *ctx = calloc(1, sizeof(struct sha1_ctx )); if (!ctx) return NULL; @@ -229,7 +228,7 @@ x_sha1_final(void *ctx, unsigned char result[20]) void * x_sha1_init(void) { - sha1_ctx *ctx = malloc(sizeof(*ctx)); + sha1_ctx *ctx = calloc(1, sizeof(sha1_ctx)); if (!ctx) return NULL; @@ -261,7 +260,7 @@ void * x_sha1_init(void) { int ret; - SHA_CTX *ctx = malloc(sizeof(*ctx)); + SHA_CTX *ctx = calloc(1, sizeof(SHA_CTX)); if (!ctx) return NULL;