libsepol: allocate arrays using calloc

It is a better practise to initialize arrays using calloc instead of
malloc, as this enables detecting overflow with multiplying the sizes.

Signed-off-by: Nicolas Iooss <[email protected]>

libsepol/cil/src/cil_binary.c

@@ -592,8 +592,8 @@ static int __cil_typeattr_bitmap_init(policydb_t *pdb)
 	int rc = SEPOL_ERR;
 	uint32_t i;
 
-	pdb->type_attr_map = cil_malloc(pdb->p_types.nprim * sizeof(ebitmap_t));
-	pdb->attr_type_map = cil_malloc(pdb->p_types.nprim * sizeof(ebitmap_t));
+	pdb->type_attr_map = cil_calloc(pdb->p_types.nprim, sizeof(ebitmap_t));
+	pdb->attr_type_map = cil_calloc(pdb->p_types.nprim, sizeof(ebitmap_t));
 
 	for (i = 0; i < pdb->p_types.nprim; i++) {
 		ebitmap_init(&pdb->type_attr_map[i]);
@@ -4083,54 +4083,54 @@ static int __cil_policydb_val_arrays_create(policydb_t *policydb)
 {
 	int rc = SEPOL_ERR;
 
-	policydb->p_common_val_to_name = cil_malloc(sizeof(char *) * policydb->p_commons.nprim);
+	policydb->p_common_val_to_name = cil_calloc(policydb->p_commons.nprim, sizeof(char *));
 	rc = hashtab_map(policydb->p_commons.table, &__cil_common_val_array_insert, policydb);
 	if (rc != SEPOL_OK) {
 		goto exit;
 	}
 
-	policydb->p_class_val_to_name = cil_malloc(sizeof(char *) * policydb->p_classes.nprim);
-	policydb->class_val_to_struct = cil_malloc(sizeof(class_datum_t *) * policydb->p_classes.nprim);
+	policydb->p_class_val_to_name = cil_calloc(policydb->p_classes.nprim, sizeof(char *));
+	policydb->class_val_to_struct = cil_calloc(policydb->p_classes.nprim, sizeof(class_datum_t *));
 	rc = hashtab_map(policydb->p_classes.table, &__cil_class_val_array_insert, policydb);
 	if (rc != SEPOL_OK) {
 		goto exit;
 	}
 
-	policydb->p_role_val_to_name = cil_malloc(sizeof(char *) * policydb->p_roles.nprim);
-	policydb->role_val_to_struct = cil_malloc(sizeof(role_datum_t *) * policydb->p_roles.nprim);
+	policydb->p_role_val_to_name = cil_calloc(policydb->p_roles.nprim, sizeof(char *));
+	policydb->role_val_to_struct = cil_calloc(policydb->p_roles.nprim, sizeof(role_datum_t *));
 	rc = hashtab_map(policydb->p_roles.table, &__cil_role_val_array_insert, policydb);
 	if (rc != SEPOL_OK) {
 		goto exit;
 	}
 
-	policydb->p_type_val_to_name = cil_malloc(sizeof(char *) * policydb->p_types.nprim);
-	policydb->type_val_to_struct = cil_malloc(sizeof(type_datum_t *) * policydb->p_types.nprim);
+	policydb->p_type_val_to_name = cil_calloc(policydb->p_types.nprim, sizeof(char *));
+	policydb->type_val_to_struct = cil_calloc(policydb->p_types.nprim, sizeof(type_datum_t *));
 	rc = hashtab_map(policydb->p_types.table, &__cil_type_val_array_insert, policydb);
 	if (rc != SEPOL_OK) {
 		goto exit;
 	}
 
-	policydb->p_user_val_to_name = cil_malloc(sizeof(char *) * policydb->p_users.nprim);
-	policydb->user_val_to_struct = cil_malloc(sizeof(user_datum_t *) * policydb->p_users.nprim);
+	policydb->p_user_val_to_name = cil_calloc(policydb->p_users.nprim, sizeof(char *));
+	policydb->user_val_to_struct = cil_calloc(policydb->p_users.nprim, sizeof(user_datum_t *));
 	rc = hashtab_map(policydb->p_users.table, &__cil_user_val_array_insert, policydb);
 	if (rc != SEPOL_OK) {
 		goto exit;
 	}
 
-	policydb->p_bool_val_to_name = cil_malloc(sizeof(char *) * policydb->p_bools.nprim);
-	policydb->bool_val_to_struct = cil_malloc(sizeof(cond_bool_datum_t *) * policydb->p_bools.nprim);
+	policydb->p_bool_val_to_name = cil_calloc(policydb->p_bools.nprim, sizeof(char *));
+	policydb->bool_val_to_struct = cil_calloc(policydb->p_bools.nprim, sizeof(cond_bool_datum_t *));
 	rc = hashtab_map(policydb->p_bools.table, &__cil_bool_val_array_insert, policydb);
 	if (rc != SEPOL_OK) {
 		goto exit;
 	}
 
-	policydb->p_sens_val_to_name = cil_malloc(sizeof(char *) * policydb->p_levels.nprim);
+	policydb->p_sens_val_to_name = cil_calloc(policydb->p_levels.nprim, sizeof(char *));
 	rc = hashtab_map(policydb->p_levels.table, &__cil_level_val_array_insert, policydb);
 	if (rc != SEPOL_OK) {
 		goto exit;
 	}
 
-	policydb->p_cat_val_to_name = cil_malloc(sizeof(char *) * policydb->p_cats.nprim);
+	policydb->p_cat_val_to_name = cil_calloc(policydb->p_cats.nprim, sizeof(char *));
 	rc = hashtab_map(policydb->p_cats.table, &__cil_cat_val_array_insert, policydb);
 	if (rc != SEPOL_OK) {
 		goto exit;

libsepol/cil/src/cil_post.c

@@ -664,23 +664,23 @@ static int __cil_post_db_array_helper(struct cil_tree_node *node, uint32_t *fini
 	case CIL_TYPE: {
 		struct cil_type *type = node->data;
 		if (db->val_to_type == NULL) {
-			db->val_to_type = cil_malloc(sizeof(*db->val_to_type) * db->num_types);
+			db->val_to_type = cil_calloc(db->num_types, sizeof(*db->val_to_type));
 		}
 		db->val_to_type[type->value] = type;
 		break;
 	}
 	case CIL_ROLE: {
 		struct cil_role *role = node->data;
 		if (db->val_to_role == NULL) {
-			db->val_to_role = cil_malloc(sizeof(*db->val_to_role) * db->num_roles);
+			db->val_to_role = cil_calloc(db->num_roles, sizeof(*db->val_to_role));
 		}
 		db->val_to_role[role->value] = role;
 		break;
 	}
 	case CIL_USER: {
 		struct cil_user *user= node->data;
 		if (db->val_to_user == NULL) {
-			db->val_to_user = cil_malloc(sizeof(*db->val_to_user) * db->num_users);
+			db->val_to_user = cil_calloc(db->num_users, sizeof(*db->val_to_user));
 		}
 		db->val_to_user[user->value] = user;
 		break;
@@ -702,7 +702,7 @@ static int __cil_post_db_array_helper(struct cil_tree_node *node, uint32_t *fini
 		uint32_t count = sort->count;
 		uint32_t i = sort->index;
 		if (sort->array == NULL) {
-			sort->array = cil_malloc(sizeof(*sort->array)*count);
+			sort->array = cil_calloc(count, sizeof(*sort->array));
 		}
 		sort->array[i] = node->data;
 		sort->index++;
@@ -713,8 +713,9 @@ static int __cil_post_db_array_helper(struct cil_tree_node *node, uint32_t *fini
 		uint32_t count = sort->count;
 		uint32_t i = sort->index;
 
-		if (!sort->array)
-			sort->array = cil_malloc(sizeof(*sort->array) * count);
+		if (sort->array == NULL) {
+			sort->array = cil_calloc(count, sizeof(*sort->array));
+		}
 		sort->array[i] = node->data;
 		sort->index++;
 		break;
@@ -724,7 +725,7 @@ static int __cil_post_db_array_helper(struct cil_tree_node *node, uint32_t *fini
 		uint32_t count = sort->count;
 		uint32_t i = sort->index;
 		if (sort->array == NULL) {
-			sort->array = cil_malloc(sizeof(*sort->array)*count);
+			sort->array = cil_calloc(count, sizeof(*sort->array));
 		}
 		sort->array[i] = node->data;
 		sort->index++;
@@ -735,7 +736,7 @@ static int __cil_post_db_array_helper(struct cil_tree_node *node, uint32_t *fini
 		uint32_t count = sort->count;
 		uint32_t i = sort->index;
 		if (sort->array == NULL) {
-			sort->array = cil_malloc(sizeof(*sort->array)*count);
+			sort->array = cil_calloc(count, sizeof(*sort->array));
 		}
 		sort->array[i] = node->data;
 		sort->index++;
@@ -746,7 +747,7 @@ static int __cil_post_db_array_helper(struct cil_tree_node *node, uint32_t *fini
 		uint32_t count = sort->count;
 		uint32_t i = sort->index;
 		if (sort->array == NULL) {
-		sort->array = cil_malloc(sizeof(*sort->array)*count);
+		sort->array = cil_calloc(count, sizeof(*sort->array));
 		}
 		sort->array[i] = node->data;
 		sort->index++;
@@ -757,7 +758,7 @@ static int __cil_post_db_array_helper(struct cil_tree_node *node, uint32_t *fini
 		uint32_t count = sort->count;
 		uint32_t i = sort->index;
 		if (sort->array == NULL) {
-			sort->array = cil_malloc(sizeof(*sort->array)*count);
+			sort->array = cil_calloc(count, sizeof(*sort->array));
 		}
 		sort->array[i] = node->data;
 		sort->index++;
@@ -768,8 +769,9 @@ static int __cil_post_db_array_helper(struct cil_tree_node *node, uint32_t *fini
 		uint32_t count = sort->count;
 		uint32_t i = sort->index;
 
-		if (!sort->array)
-			sort->array = cil_malloc(sizeof(*sort->array) * count);
+		if (sort->array == NULL) {
+			sort->array = cil_calloc(count, sizeof(*sort->array));
+		}
 		sort->array[i] = node->data;
 		sort->index++;
 		break;
@@ -779,7 +781,7 @@ static int __cil_post_db_array_helper(struct cil_tree_node *node, uint32_t *fini
 		uint32_t count = sort->count;
 		uint32_t i = sort->index;
 		if (sort->array == NULL) {
-			sort->array = cil_malloc(sizeof(*sort->array)*count);
+			sort->array = cil_calloc(count, sizeof(*sort->array));
 		}
 		sort->array[i] = node->data;
 		sort->index++;
@@ -790,7 +792,7 @@ static int __cil_post_db_array_helper(struct cil_tree_node *node, uint32_t *fini
 		uint32_t count = sort->count;
 		uint32_t i = sort->index;
 		if (sort->array == NULL) {
-			sort->array = cil_malloc(sizeof(*sort->array)*count);
+			sort->array = cil_calloc(count, sizeof(*sort->array));
 		}
 		sort->array[i] = node->data;
 		sort->index++;
@@ -801,7 +803,7 @@ static int __cil_post_db_array_helper(struct cil_tree_node *node, uint32_t *fini
 		uint32_t count = sort->count;
 		uint32_t i = sort->index;
 		if (sort->array == NULL) {
-			sort->array = cil_malloc(sizeof(*sort->array)*count);
+			sort->array = cil_calloc(count, sizeof(*sort->array));
 		}
 		sort->array[i] = node->data;
 		sort->index++;
@@ -812,7 +814,7 @@ static int __cil_post_db_array_helper(struct cil_tree_node *node, uint32_t *fini
 		uint32_t count = sort->count;
 		uint32_t i = sort->index;
 		if (sort->array == NULL) {
-			sort->array = cil_malloc(sizeof(*sort->array)*count);
+			sort->array = cil_calloc(count, sizeof(*sort->array));
 		}
 		sort->array[i] = node->data;
 		sort->index++;
@@ -823,7 +825,7 @@ static int __cil_post_db_array_helper(struct cil_tree_node *node, uint32_t *fini
 		uint32_t count = sort->count;
 		uint32_t i = sort->index;
 		if (sort->array == NULL) {
-			sort->array = cil_malloc(sizeof(*sort->array)*count);
+			sort->array = cil_calloc(count, sizeof(*sort->array));
 		}
 		sort->array[i] = node->data;
 		sort->index++;
@@ -834,7 +836,7 @@ static int __cil_post_db_array_helper(struct cil_tree_node *node, uint32_t *fini
 		uint32_t count = sort->count;
 		uint32_t i = sort->index;
 		if (sort->array == NULL) {
-			sort->array = cil_malloc(sizeof(*sort->array)*count);
+			sort->array = cil_calloc(count, sizeof(*sort->array));
 		}
 		sort->array[i] = node->data;
 		sort->index++;

libsepol/cil/src/cil_stack.c

@@ -40,7 +40,7 @@
 void cil_stack_init(struct cil_stack **stack)
 {
 	struct cil_stack *new_stack = cil_malloc(sizeof(*new_stack));
-	new_stack->stack = cil_malloc(sizeof(*(new_stack->stack)) * CIL_STACK_INIT_SIZE);
+	new_stack->stack = cil_calloc(CIL_STACK_INIT_SIZE, sizeof(*(new_stack->stack)));
 	new_stack->size = CIL_STACK_INIT_SIZE;
 	new_stack->pos = -1;
 	*stack = new_stack;

libsepol/src/conditional.c

@@ -523,8 +523,8 @@ int cond_init_bool_indexes(policydb_t * p)
 {
 	if (p->bool_val_to_struct)
 		free(p->bool_val_to_struct);
-	p->bool_val_to_struct = (cond_bool_datum_t **)
-	    malloc(p->p_bools.nprim * sizeof(cond_bool_datum_t *));
+	p->bool_val_to_struct =
+	    calloc(p->p_bools.nprim, sizeof(cond_bool_datum_t *));
 	if (!p->bool_val_to_struct)
 		return -1;
 	return 0;

libsepol/src/expand.c

@@ -3170,9 +3170,9 @@ int expand_module(sepol_handle_t * handle,
 		goto cleanup;
 
 	/* Build the type<->attribute maps and remove attributes. */
-	state.out->attr_type_map = malloc(state.out->p_types.nprim *
+	state.out->attr_type_map = calloc(state.out->p_types.nprim,
 					  sizeof(ebitmap_t));
-	state.out->type_attr_map = malloc(state.out->p_types.nprim *
+	state.out->type_attr_map = calloc(state.out->p_types.nprim,
 					  sizeof(ebitmap_t));
 	if (!state.out->attr_type_map || !state.out->type_attr_map) {
 		ERR(handle, "Out of memory!");

libsepol/src/hashtab.c

@@ -52,7 +52,7 @@ hashtab_t hashtab_create(unsigned int (*hash_value) (hashtab_t h,
 	p->nel = 0;
 	p->hash_value = hash_value;
 	p->keycmp = keycmp;
-	p->htable = (hashtab_ptr_t *) malloc(sizeof(hashtab_ptr_t) * size);
+	p->htable = (hashtab_ptr_t *) calloc(size, sizeof(hashtab_ptr_t));
 	if (p->htable == NULL) {
 		free(p);
 		return NULL;

libsepol/src/link.c

@@ -1679,7 +1679,7 @@ static int copy_scope_index(scope_index_t * src, scope_index_t * dest,
 	}
 
 	/* next copy the enabled permissions data  */
-	if ((dest->class_perms_map = malloc(largest_mapped_class_value *
+	if ((dest->class_perms_map = calloc(largest_mapped_class_value,
 					    sizeof(*dest->class_perms_map))) ==
 	    NULL) {
 		goto cleanup;

libsepol/src/module.c

@@ -406,14 +406,14 @@ static int module_package_read_offsets(sepol_module_package_t * mod,
 		goto err;
 	}
 
-	off = (size_t *) malloc((nsec + 1) * sizeof(size_t));
+	off = calloc((nsec + 1), sizeof(size_t));
 	if (!off) {
 		ERR(file->handle, "out of memory");
 		goto err;
 	}
 
 	free(buf);
-	buf = malloc(sizeof(uint32_t) * nsec);
+	buf = calloc(nsec, sizeof(uint32_t));
 	if (!buf) {
 		ERR(file->handle, "out of memory");
 		goto err;

libsepol/src/module_to_cil.c

@@ -430,7 +430,7 @@ static int stack_init(struct stack **stack)
 		goto exit;
 	}
 
-	s->stack = malloc(sizeof(*s->stack) * STACK_SIZE);
+	s->stack = calloc(STACK_SIZE, sizeof(*s->stack));
 	if (s->stack == NULL) {
 		goto exit;
 	}
@@ -1008,7 +1008,7 @@ static int ebitmap_to_names(struct ebitmap *map, char **vals_to_names, char ***n
 		goto exit;
 	}
 
-	name_arr = malloc(sizeof(*name_arr) * num);
+	name_arr = calloc(num, sizeof(*name_arr));
 	if (name_arr == NULL) {
 		log_err("Out of memory");
 		rc = -1;

libsepol/src/optimize.c

@@ -42,7 +42,7 @@ static int type_vec_init(struct type_vec *v)
 {
 	v->capacity = TYPE_VEC_INIT_SIZE;
 	v->count = 0;
-	v->types = malloc(v->capacity * sizeof(*v->types));
+	v->types = calloc(v->capacity, sizeof(*v->types));
 	if (!v->types)
 		return -1;
 	return 0;
@@ -93,7 +93,7 @@ static struct type_vec *build_type_map(const policydb_t *p)
 {
 	unsigned int i, k;
 	ebitmap_node_t *n;
-	struct type_vec *map = malloc(p->p_types.nprim * sizeof(*map));
+	struct type_vec *map = calloc(p->p_types.nprim, sizeof(*map));
 	if (!map)
 		return NULL;
 

libsepol/src/policydb.c

@@ -4111,7 +4111,7 @@ static int scope_read(policydb_t * p, int symnum, struct policy_file *fp)
 		goto cleanup;
 	}
 	if ((scope->decl_ids =
-	     malloc(scope->decl_ids_len * sizeof(uint32_t))) == NULL) {
+	     calloc(scope->decl_ids_len, sizeof(uint32_t))) == NULL) {
 		goto cleanup;
 	}
 	rc = next_entry(scope->decl_ids, fp, sizeof(uint32_t) * scope->decl_ids_len);
@@ -4500,8 +4500,8 @@ int policydb_read(policydb_t * p, struct policy_file *fp, unsigned verbose)
 	}
 
 	if (policy_type == POLICY_KERN) {
-		p->type_attr_map = malloc(p->p_types.nprim * sizeof(ebitmap_t));
-		p->attr_type_map = malloc(p->p_types.nprim * sizeof(ebitmap_t));
+		p->type_attr_map = calloc(p->p_types.nprim, sizeof(ebitmap_t));
+		p->attr_type_map = calloc(p->p_types.nprim, sizeof(ebitmap_t));
 		if (!p->type_attr_map || !p->attr_type_map)
 			goto bad;
 		for (i = 0; i < p->p_types.nprim; i++) {

libsepol/src/services.c

@@ -712,7 +712,7 @@ static int constraint_expr_eval_reason(context_struct_t *scontext,
 	 * Generate the same number of answer buffer entries as expression
 	 * buffers (as there will never be more).
 	 */
-	answer_list = malloc(expr_count * sizeof(*answer_list));
+	answer_list = calloc(expr_count, sizeof(*answer_list));
 	if (!answer_list) {
 		ERR(NULL, "failed to allocate answer stack");
 		rc = -ENOMEM;
@@ -2166,7 +2166,7 @@ int sepol_get_user_sids(sepol_security_id_t fromsid,
 	}
 	usercon.user = user->s.value;
 
-	mysids = malloc(maxnel * sizeof(sepol_security_id_t));
+	mysids = calloc(maxnel, sizeof(sepol_security_id_t));
 	if (!mysids) {
 		rc = -ENOMEM;
 		goto out;
@@ -2202,7 +2202,7 @@ int sepol_get_user_sids(sepol_security_id_t fromsid,
 			} else {
 				maxnel += SIDS_NEL;
 				mysids2 =
-				    malloc(maxnel *
+				    calloc(maxnel,
 					   sizeof(sepol_security_id_t));
 
 				if (!mysids2) {

libsepol/src/sidtab.c

@@ -27,7 +27,7 @@ int sepol_sidtab_init(sidtab_t * s)
 {
 	int i;
 
-	s->htable = malloc(sizeof(sidtab_ptr_t) * SIDTAB_SIZE);
+	s->htable = calloc(SIDTAB_SIZE, sizeof(sidtab_ptr_t));
 	if (!s->htable)
 		return -ENOMEM;
 	for (i = 0; i < SIDTAB_SIZE; i++)

libsepol/src/user_record.c

@@ -264,8 +264,7 @@ int sepol_user_get_roles(sepol_handle_t * handle,
 {
 
 	unsigned int i;
-	const char **tmp_roles =
-	    (const char **)malloc(sizeof(char *) * user->num_roles);
+	const char **tmp_roles = calloc(user->num_roles, sizeof(char *));
 	if (!tmp_roles)
 		goto omem;