Use safer allocation macros

Use of these macros, apart from the benefits mentioned in the commit
that adds the macros, has some other good side effects:

-  Consistency in getting the size of the object from sizeof(type),
   instead of a mix of sizeof(type) sometimes and sizeof(*p) other
   times.

-  More readable code: no casts, and no sizeof(), so also shorter lines
   that we don't need to cut.

-  Consistency in using array allocation calls for allocations of arrays
   of objects, even when the object size is 1.

Cc: Valentin V. Bartenev <vbartenev@gmail.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
This commit is contained in:
Alejandro Colomar
2023-02-04 22:41:18 +01:00
committed by Serge Hallyn
parent 6e58c12752
commit efbbcade43
44 changed files with 196 additions and 118 deletions
+3 -2
View File
@@ -15,6 +15,7 @@
#ident "$Id$"
#include "alloc.h"
#include "prototypes.h"
@@ -46,7 +47,7 @@
* through malloc(3). This makes the function thread-safe, and
* also reduces the visibility of the buffer.
*
* - agetpass() doesn't call realloc(3) internally. Some
* - agetpass() doesn't reallocate internally. Some
* implementations of getpass(3), such as glibc, do that, as a
* consequence of calling getline(3). That's a bug in glibc,
* which allows leaking prefixes of passwords in freed memory.
@@ -101,7 +102,7 @@ agetpass(const char *prompt)
* Let's add one more byte, and if the password uses it, it
* means the introduced password was longer than PASS_MAX.
*/
pass = malloc(PASS_MAX + 2);
pass = MALLOCARRAY(PASS_MAX + 2, char);
if (pass == NULL)
return NULL;