CVSROOT: /cvs Module name: src Changes by: dera...@cvs.openbsd.org 2014/05/29 15:07:43
Modified files: lib/libssl/src/apps: apps.c ca.c ecparam.c rsautl.c speed.c lib/libssl/src/crypto: ex_data.c lib/libssl/src/crypto/asn1: a_set.c tasn_enc.c lib/libssl/src/crypto/bn: bn_ctx.c bn_gf2m.c bn_lib.c bn_print.c lib/libssl/src/crypto/ec: ec_mult.c ecp_nistp224.c ecp_nistp256.c ecp_nistp521.c ecp_smpl.c lib/libssl/src/crypto/engine: eng_rsax.c lib/libssl/src/crypto/lhash: lhash.c lib/libssl/src/crypto/objects: o_names.c obj_xref.c lib/libssl/src/crypto/pem: pem_lib.c pem_seal.c lib/libssl/src/crypto/srp: srp_lib.c srp_vfy.c lib/libssl/src/crypto/txt_db: txt_db.c lib/libssl/src/crypto/x509: x509spki.c lib/libssl/src/crypto/x509v3: pcy_tree.c Log message: convert 53 malloc(a*b) to reallocarray(NULL, a, b). that is 53 potential integer overflows easily changed into an allocation return of NULL, with errno nicely set if need be. checks for an allocations returning NULL are commonplace, or if the object is dereferenced (quite normal) will result in a nice fault which can be detected & repaired properly. ok tedu