Beyond Reformatting: More Code Cleanup(openssl.org)8 points·by dankohn1·11 ปีที่แล้ว·2 commentsopenssl.orgBeyond Reformatting: More Code Cleanuphttps://www.openssl.org/blog/blog/2015/07/28/code-cleanup/2 commentsPost comment[–]bpineau·11 ปีที่แล้วreply"We now do this consistently: a = malloc(n * sizeof(a));"Isn't calloc(3) the safer paradigm (protecting against integer overflows, in case n sizeof > SIZE_MAX) recommanded for this case ? (besides the memory zeroing).[–]stevoski·11 ปีที่แล้วreplyExcellent stuff. Good to know that last year's security problem has lead to some improvements in process.I hope the Open SSL team now do regular code reviews of every change, of every line of code as part of their development process.
Isn't calloc(3) the safer paradigm (protecting against integer overflows, in case n sizeof > SIZE_MAX) recommanded for this case ? (besides the memory zeroing).