disk: Prevent overflows when allocating memory for arrays

Use grub_calloc() when allocating memory for arrays to ensure proper
overflow checks are in place.

Signed-off-by: Alec Brown <alec.r.brown@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>

diff --git a/grub-core/disk/cryptodisk.c b/grub-core/disk/cryptodisk.c
index 431db2fae0aa73638ae018aa78eec4fe50e2250d..7a785a49cc86222fa4a2772d63c84c18545b7ccd 100644 (file)
--- a/grub-core/disk/cryptodisk.c
+++ b/grub-core/disk/cryptodisk.c
@@ -1532,7 +1532,7 @@ grub_cmd_cryptomount (grub_extcmd_context_t ctxt, int argc, char **args)
 
   if (state[OPTION_PROTECTOR].set) /* key protector(s) */
     {
-      cargs.key_cache = grub_zalloc (state[OPTION_PROTECTOR].set * sizeof (*cargs.key_cache));
+      cargs.key_cache = grub_calloc (state[OPTION_PROTECTOR].set, sizeof (*cargs.key_cache));
       if (cargs.key_cache == NULL)
        return grub_error (GRUB_ERR_OUT_OF_MEMORY,
                           "no memory for key protector key cache");

diff --git a/grub-core/disk/lvm.c b/grub-core/disk/lvm.c
index 0c32c95f912ad3c13a944422944744f073faac45..b53c3b75e2bfca9e0836ea39dacea177802f2c00 100644 (file)
--- a/grub-core/disk/lvm.c
+++ b/grub-core/disk/lvm.c
@@ -671,8 +671,7 @@ grub_lvm_detect (grub_disk_t disk,
                          goto lvs_segment_fail;
                        }
 
-                     seg->nodes = grub_zalloc (sizeof (seg->nodes[0])
-                                               * seg->node_count);
+                     seg->nodes = grub_calloc (seg->node_count, sizeof (seg->nodes[0]));
 
                      p = grub_strstr (p, "mirrors = [");
                      if (p == NULL)
@@ -760,8 +759,7 @@ grub_lvm_detect (grub_disk_t disk,
                            }
                        }
 
-                     seg->nodes = grub_zalloc (sizeof (seg->nodes[0])
-                                               * seg->node_count);
+                     seg->nodes = grub_calloc (seg->node_count, sizeof (seg->nodes[0]));
 
                      p = grub_strstr (p, "raids = [");
                      if (p == NULL)