libselinux: make use of calloc(3)

Use calloc(3) instead of calling malloc(3) plus a call to memset(3) or manual zero'ing. Signed-off-by: Christian Göttsche <cgzones@googlemail.com> Acked-by: James Carter <jwcart2@gmail.com>
SELinuxProject · Dec 4, 2024 · 39174cf · 39174cf
1 parent 2dec158
commit 39174cf
Show file tree

Hide file tree

Showing 11 changed files with 14 additions and 27 deletions.
diff --git a/libselinux/src/fgetfilecon.c b/libselinux/src/fgetfilecon.c
@@ -39,10 +39,9 @@ int fgetfilecon_raw(int fd, char ** context)
 	ssize_t ret;
 
 	size = INITCONTEXTLEN + 1;
-	buf = malloc(size);
+	buf = calloc(1, size);
 	if (!buf)
 		return -1;
-	memset(buf, 0, size);
 
 	ret = fgetxattr_wrapper(fd, XATTR_NAME_SELINUX, buf, size - 1);
 	if (ret < 0 && errno == ERANGE) {

diff --git a/libselinux/src/get_context_list.c b/libselinux/src/get_context_list.c
@@ -481,12 +481,11 @@ int get_ordered_context_list(const char *user,
 	   the "failsafe" context to at least permit root login
 	   for emergency recovery if possible. */
 	freeconary(reachable);
-	reachable = malloc(2 * sizeof(char *));
+	reachable = calloc(2, sizeof(char *));
 	if (!reachable) {
 		rc = -1;
 		goto out;
 	}
-	reachable[0] = reachable[1] = 0;
 	rc = get_failsafe_context(user, &reachable[0]);
 	if (rc < 0) {
 		freeconary(reachable);

diff --git a/libselinux/src/get_initial_context.c b/libselinux/src/get_initial_context.c
@@ -39,12 +39,11 @@ int security_get_initial_context_raw(const char * name, char ** con)
 		return -1;
 
 	size = selinux_page_size;
-	buf = malloc(size);
+	buf = calloc(1, size);
 	if (!buf) {
 		ret = -1;
 		goto out;
 	}
-	memset(buf, 0, size);
 	ret = read(fd, buf, size - 1);
 	if (ret < 0)
 		goto out2;

diff --git a/libselinux/src/getfilecon.c b/libselinux/src/getfilecon.c
@@ -14,10 +14,9 @@ int getfilecon_raw(const char *path, char ** context)
 	ssize_t ret;
 
 	size = INITCONTEXTLEN + 1;
-	buf = malloc(size);
+	buf = calloc(1, size);
 	if (!buf)
 		return -1;
-	memset(buf, 0, size);
 
 	ret = getxattr(path, XATTR_NAME_SELINUX, buf, size - 1);
 	if (ret < 0 && errno == ERANGE) {

diff --git a/libselinux/src/getpeercon.c b/libselinux/src/getpeercon.c
@@ -18,10 +18,9 @@ int getpeercon_raw(int fd, char ** context)
 	ssize_t ret;
 
 	size = INITCONTEXTLEN + 1;
-	buf = malloc(size);
+	buf = calloc(1, size);
 	if (!buf)
 		return -1;
-	memset(buf, 0, size);
 
 	ret = getsockopt(fd, SOL_SOCKET, SO_PEERSEC, buf, &size);
 	if (ret < 0 && errno == ERANGE) {

diff --git a/libselinux/src/label_media.c b/libselinux/src/label_media.c
@@ -134,10 +134,9 @@ static int init(struct selabel_handle *rec, const struct selinux_opt *opts,
 				status = 0;
 				goto finish;
 			}
-			data->spec_arr = malloc(sizeof(spec_t)*data->nspec);
+			data->spec_arr = calloc(data->nspec, sizeof(spec_t));
 			if (data->spec_arr == NULL)
 				goto finish;
-			memset(data->spec_arr, 0, sizeof(spec_t)*data->nspec);
 			maxnspec = data->nspec;
 
 			status = fseek(fp, 0L, SEEK_SET);
@@ -230,10 +229,9 @@ int selabel_media_init(struct selabel_handle *rec,
 {
 	struct saved_data *data;
 
-	data = (struct saved_data *)malloc(sizeof(*data));
+	data = (struct saved_data *)calloc(1, sizeof(*data));
 	if (!data)
 		return -1;
-	memset(data, 0, sizeof(*data));
 
 	rec->data = data;
 	rec->func_close = &close;

diff --git a/libselinux/src/label_x.c b/libselinux/src/label_x.c
@@ -161,10 +161,9 @@ static int init(struct selabel_handle *rec, const struct selinux_opt *opts,
 				status = 0;
 				goto finish;
 			}
-			data->spec_arr = malloc(sizeof(spec_t)*data->nspec);
+			data->spec_arr = calloc(data->nspec, sizeof(spec_t));
 			if (data->spec_arr == NULL)
 				goto finish;
-			memset(data->spec_arr, 0, sizeof(spec_t)*data->nspec);
 			maxnspec = data->nspec;
 
 			status = fseek(fp, 0L, SEEK_SET);
@@ -255,10 +254,9 @@ int selabel_x_init(struct selabel_handle *rec, const struct selinux_opt *opts,
 {
 	struct saved_data *data;
 
-	data = (struct saved_data *)malloc(sizeof(*data));
+	data = (struct saved_data *)calloc(1, sizeof(*data));
 	if (!data)
 		return -1;
-	memset(data, 0, sizeof(*data));
 
 	rec->data = data;
 	rec->func_close = &close;

diff --git a/libselinux/src/lgetfilecon.c b/libselinux/src/lgetfilecon.c
@@ -14,10 +14,9 @@ int lgetfilecon_raw(const char *path, char ** context)
 	ssize_t ret;
 
 	size = INITCONTEXTLEN + 1;
-	buf = malloc(size);
+	buf = calloc(1, size);
 	if (!buf)
 		return -1;
-	memset(buf, 0, size);
 
 	ret = lgetxattr(path, XATTR_NAME_SELINUX, buf, size - 1);
 	if (ret < 0 && errno == ERANGE) {

diff --git a/libselinux/src/matchpathcon.c b/libselinux/src/matchpathcon.c
@@ -202,10 +202,9 @@ int matchpathcon_filespec_add(ino_t ino, int specind, const char *file)
 	struct stat sb;
 
 	if (!fl_head) {
-		fl_head = malloc(sizeof(file_spec_t) * HASH_BUCKETS);
+		fl_head = calloc(HASH_BUCKETS, sizeof(file_spec_t));
 		if (!fl_head)
 			goto oom;
-		memset(fl_head, 0, sizeof(file_spec_t) * HASH_BUCKETS);
 	}
 
 	h = (ino + (ino >> HASH_BITS)) & HASH_MASK;

diff --git a/libselinux/src/procattr.c b/libselinux/src/procattr.c
@@ -139,12 +139,11 @@ static int getprocattrcon_raw(char **context, pid_t pid, const char *attr,
 		return -1;
 
 	size = selinux_page_size;
-	buf = malloc(size);
+	buf = calloc(1, size);
 	if (!buf) {
 		ret = -1;
 		goto out;
 	}
-	memset(buf, 0, size);
 
 	do {
 		ret = read(fd, buf, size - 1);

diff --git a/libselinux/src/setrans_client.c b/libselinux/src/setrans_client.c
@@ -173,11 +173,10 @@ receive_response(int fd, uint32_t function, char **outdata, int32_t * ret_val)
 		return -1;
 	}
 
-	data = malloc(data_size);
+	/* coveriety doesn't realize that data will be initialized in readv */
+	data = calloc(1, data_size);
 	if (!data)
 		return -1;
-	/* coveriety doesn't realize that data will be initialized in readv */
-	memset(data, 0, data_size);
 
 	resp_data.iov_base = data;
 	resp_data.iov_len = data_size;