Eric Blake <ebl...@redhat.com> writes: > On 09/14/2015 05:03 AM, Markus Armbruster wrote: >> g_new(T, n) is neater than g_malloc(sizeof(T) * n). It's also safer, >> for two reasons. One, it catches multiplication overflowing size_t. >> Two, it returns T * rather than void *, which lets the compiler catch >> more type errors. >> >> This commit only touches allocations with size arguments of the form >> sizeof(T). Same Coccinelle semantic patch as in commit b45c03f. >> >> Signed-off-by: Markus Armbruster <arm...@redhat.com> >> --- >> ui/console.c | 2 +- >> ui/curses.c | 2 +- >> ui/input-legacy.c | 4 ++-- >> ui/keymaps.c | 2 +- >> ui/sdl.c | 2 +- >> ui/vnc-jobs.c | 6 +++--- >> ui/vnc.c | 6 +++--- >> 7 files changed, 12 insertions(+), 12 deletions(-) > > Reviewed-by: Eric Blake <ebl...@redhat.com> > >> >> diff --git a/ui/console.c b/ui/console.c >> index 75fc492..6edda1e 100644 >> --- a/ui/console.c >> +++ b/ui/console.c >> @@ -449,7 +449,7 @@ static void text_console_resize(QemuConsole *s) >> if (s->width < w1) >> w1 = s->width; >> >> - cells = g_malloc(s->width * s->total_height * sizeof(TextCell)); >> + cells = g_new(TextCell, s->width * s->total_height); > > Hopefully s->width * s->total_height can't overflow.
Two billion is a helluva lot of character cells :) >> @@ -3025,7 +3025,7 @@ static void vnc_connect(VncDisplay *vd, int csock, >> >> vs->lossy_rect = g_malloc0(VNC_STAT_ROWS * sizeof (*vs->lossy_rect)); >> for (i = 0; i < VNC_STAT_ROWS; ++i) { >> - vs->lossy_rect[i] = g_malloc0(VNC_STAT_COLS * sizeof (uint8_t)); >> + vs->lossy_rect[i] = g_new0(uint8_t, VNC_STAT_COLS); > > sizeof(uint8_t) == 1, according to POSIX. This could be further > simplified to g_malloc0(VNC_STAT_COLS). But if someone wants to do that > simplification, it should be a separate patch. g_new0(uint8_t, VNC_STAT_COLS) returns uint8_t *. g_malloc0(VNC_STAT_COLS) returns void *. Transforming the former to the latter loses a bit of type checking.