Bug 204769 - usr/src/crypto/openssh/digest-libc.c:150: possible bad size ?
Summary: usr/src/crypto/openssh/digest-libc.c:150: possible bad size ?
Status: Closed FIXED
Alias: None
Product: Base System
Classification: Unclassified
Component: misc (show other bugs)
Version: CURRENT
Hardware: Any Any
: --- Affects Some People
Assignee: Dag-Erling Smørgrav
URL:
Keywords: patch
Depends on:
Blocks:
 
Reported: 2015-11-23 16:44 UTC by David Binderman
Modified: 2016-10-03 08:16 UTC (History)
1 user (show)

See Also:
des: mfc-stable10+
des: mfc-stable9+
des: mfc-stable8-

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description David Binderman 2015-11-23 16:44:18 UTC 
[usr/src/crypto/openssh/digest-libc.c:150]: (warning) Size of pointer 'ret' used instead of size of its data.

Source code is

   if (digest == NULL || (ret = calloc(1, sizeof(ret))) == NULL)

Maybe better code

   if (digest == NULL || (ret = calloc(1, sizeof(*ret))) == NULL)
Comment 1 commit-hook freebsd_committer freebsd_triage 2015-12-17 19:36:30 UTC 
A commit references this bug:

Author: des
Date: Thu Dec 17 19:36:25 UTC 2015
New revision: 292408
URL: https://svnweb.freebsd.org/changeset/base/292408

Log:
  Incorrect length in calloc() call, already fixed upstream.

  PR:		204769
  Submitted by:	David Binderman <dcb314@hotmail.com>
  MFC after:	1 week

Changes:
  head/crypto/openssh/digest-libc.c
Comment 2 Dag-Erling Smørgrav freebsd_committer freebsd_triage 2016-10-03 08:16:11 UTC 
This was merged to 10 in r294193 on 2016-01-16 and (very belatedly) to 9 in r306623 today.