Opened 6 years ago

Closed 6 years ago

#12855 closed defect (fixed)

Use calloc and reallocarray instead of malloc(a*b), malloc_zero(a*b), or realloc(p,a*b)

Reported by: nickm Owned by:
Priority: Medium Milestone: Tor: 0.2.6.x-final
Component: Core Tor/Tor Version:
Severity: Keywords: tor-relay
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


It's stupid and error-prone to multiply-then-malloc: you're just begging for an integer overflow. We should add a reallocarray (like OpenBSD uses) and use spatch/coccinelle to replace all our bad allocations.

Child Tickets

Change History (2)

comment:1 Changed 6 years ago by nickm

Status: newneeds_review

That was fast. See branch "use_calloc" in my public repository. I think this is for 0.2.6.

comment:2 Changed 6 years ago by nickm

Resolution: fixed
Status: needs_reviewclosed

Merged after review by Sebastian.

Note: See TracTickets for help on using tickets.