Use *array() allocation functions where appropriate

This prevents overflow from multiplication.

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/commonio.c

@@ -635,7 +635,7 @@ commonio_sort (struct commonio_db *db, int (*cmp) (const void *, const void *))
 		return 0;
 	}
 
-	entries = malloc (n * sizeof (struct commonio_entry *));
+	entries = mallocarray (n, sizeof (struct commonio_entry *));
 	if (entries == NULL) {
 		return -1;
 	}

lib/groupmem.c

@@ -46,7 +46,7 @@
 	for (i = 0; grent->gr_mem[i]; i++);
 
 	/*@-mustfreeonly@*/
-	gr->gr_mem = (char **) malloc ((i + 1) * sizeof (char *));
+	gr->gr_mem = (char **) mallocarray (i + 1, sizeof (char *));
 	/*@=mustfreeonly@*/
 	if (NULL == gr->gr_mem) {
 		gr_free(gr);

lib/gshadow.c

@@ -117,7 +117,7 @@ void endsgent (void)
 	size_t len = strlen (string) + 1;
 
 	if (len > sgrbuflen) {
-		char *buf = (char *) realloc (sgrbuf, sizeof (char) * len);
+		char *buf = (char *) reallocarray (sgrbuf, len, sizeof (char));
 		if (NULL == buf) {
 			return NULL;
 		}

lib/sgetgrent.c

@@ -44,7 +44,7 @@ static char **list (char *s)
 		   member name, or terminating NULL).  */
 		if (i >= size) {
 			size = i + 100;	/* at least: i + 1 */
-			members = reallocf (members, size * sizeof (char *));
+			members = reallocarrayf (members, size, sizeof(char *));
 			if (!members)
 				return NULL;
 		}

lib/sgroupio.c

@@ -49,7 +49,7 @@
 
 	for (i = 0; NULL != sgent->sg_adm[i]; i++);
 	/*@-mustfreeonly@*/
-	sg->sg_adm = (char **) malloc ((i + 1) * sizeof (char *));
+	sg->sg_adm = (char **) mallocarray (i + 1, sizeof (char *));
 	/*@=mustfreeonly@*/
 	if (NULL == sg->sg_adm) {
 		free (sg->sg_passwd);
@@ -74,7 +74,7 @@
 
 	for (i = 0; NULL != sgent->sg_mem[i]; i++);
 	/*@-mustfreeonly@*/
-	sg->sg_mem = (char **) malloc ((i + 1) * sizeof (char *));
+	sg->sg_mem = (char **) mallocarray (i + 1, sizeof (char *));
 	/*@=mustfreeonly@*/
 	if (NULL == sg->sg_mem) {
 		for (i = 0; NULL != sg->sg_adm[i]; i++) {

lib/subordinateio.c

@@ -319,7 +319,7 @@ static bool append_range(struct subid_range **ranges, const struct subordinate_r
 			return false;
 	} else {
 		struct subid_range *alloced;
-		alloced = realloc(*ranges, (n + 1) * (sizeof(struct subid_range)));
+		alloced = reallocarray(*ranges, n + 1, sizeof(struct subid_range));
 		if (!alloced)
 			return false;
 		*ranges = alloced;
@@ -911,7 +911,7 @@ static int append_uids(uid_t **uids, const char *owner, int n)
 			return n;
 	}
 
-	ret = realloc(*uids, (n + 1) * sizeof(uid_t));
+	ret = reallocarray(*uids, n + 1, sizeof(uid_t));
 	if (!ret) {
 		free(*uids);
 		return -1;

libmisc/addgrps.c

@@ -46,7 +46,7 @@ int add_groups (const char *list)
 
 	i = 16;
 	for (;;) {
-		grouplist = (gid_t *) malloc (i * sizeof (GETGROUPS_T));
+		grouplist = (gid_t *) mallocarray (i, sizeof (GETGROUPS_T));
 		if (NULL == grouplist) {
 			return -1;
 		}
@@ -88,7 +88,7 @@ int add_groups (const char *list)
 			fputs (_("Warning: too many groups\n"), shadow_logfd);
 			break;
 		}
-		tmp = (gid_t *) realloc (grouplist, (size_t)(ngroups + 1) * sizeof (GETGROUPS_T));
+		tmp = (gid_t *) reallocarray (grouplist, (size_t)ngroups + 1, sizeof (GETGROUPS_T));
 		if (NULL == tmp) {
 			free (grouplist);
 			return -1;

libmisc/env.c

@@ -60,7 +60,7 @@ static const char *const noslash[] = {
  */
 void initenv (void)
 {
-	newenvp = (char **) xmalloc (NEWENVP_STEP * sizeof (char *));
+	newenvp = (char **) xmallocarray (NEWENVP_STEP, sizeof (char *));
 	*newenvp = NULL;
 }
 

libmisc/find_new_uid.c

@@ -231,7 +231,7 @@ int find_new_uid(bool sys_user,
 	 */
 
 	/* Create an array to hold all of the discovered UIDs */
-	used_uids = malloc (sizeof (bool) * (uid_max +1));
+	used_uids = mallocarray (uid_max + 1, sizeof (bool));
 	if (NULL == used_uids) {
 		fprintf (log_get_logfd(),
 			 _("%s: failed to allocate memory: %s\n"),

libmisc/list.c

@@ -44,7 +44,7 @@
 	 * old entries, and the new entries as well.
 	 */
 
-	tmp = (char **) xmalloc ((i + 2) * sizeof member);
+	tmp = (char **) xmallocarray (i + 2, sizeof member);
 
 	/*
 	 * Copy the original list to the new list, then append the
@@ -98,7 +98,7 @@
 	 * old entries.
 	 */
 
-	tmp = (char **) xmalloc ((j + 1) * sizeof member);
+	tmp = (char **) xmallocarray (j + 1, sizeof member);
 
 	/*
 	 * Copy the original list except the deleted members to the
@@ -133,7 +133,7 @@
 
 	for (i = 0; NULL != list[i]; i++);
 
-	tmp = (char **) xmalloc ((i + 1) * sizeof (char *));
+	tmp = (char **) xmallocarray (i + 1, sizeof (char *));
 
 	i = 0;
 	while (NULL != *list) {
@@ -210,7 +210,7 @@ bool is_on_list (char *const *list, const char *member)
 	 * Allocate the array we're going to store the pointers into.
 	 */
 
-	array = (char **) xmalloc (sizeof (char *) * i);
+	array = (char **) xmallocarray (i, sizeof (char *));
 
 	/*
 	 * Empty list is special - 0 members, not 1 empty member.  --marekm

src/gpasswd.c

@@ -834,7 +834,7 @@ static void get_group (struct group *gr)
 
 			sg->sg_mem = dup_list (gr->gr_mem);
 
-			sg->sg_adm = (char **) xmalloc (sizeof (char *) * 2);
+			sg->sg_adm = (char **) xmallocarray (2, sizeof (char *));
 #ifdef FIRST_MEMBER_IS_ADMIN
 			if (sg->sg_mem[0]) {
 				sg->sg_adm[0] = xstrdup (sg->sg_mem[0]);

src/groups.c

@@ -88,7 +88,7 @@ int main (int argc, char **argv)
 	GETGROUPS_T *groups;
 
 	sys_ngroups = sysconf (_SC_NGROUPS_MAX);
-	groups = (GETGROUPS_T *) malloc (sizeof (GETGROUPS_T) * sys_ngroups);
+	groups = (GETGROUPS_T *) mallocarray (sys_ngroups, sizeof (GETGROUPS_T));
 
 	(void) setlocale (LC_ALL, "");
 	(void) bindtextdomain (PACKAGE, LOCALEDIR);

src/id.c

@@ -63,7 +63,7 @@ static void usage (void)
 	 * work if the system library is recompiled.
 	 */
 	sys_ngroups = sysconf (_SC_NGROUPS_MAX);
-	groups = (GETGROUPS_T *) malloc (sizeof (GETGROUPS_T) * sys_ngroups);
+	groups = (GETGROUPS_T *) mallocarray (sys_ngroups, sizeof (GETGROUPS_T));
 
 	/*
 	 * See if the -a flag has been given to print out the concurrent

src/newgrp.c

@@ -531,7 +531,7 @@ int main (int argc, char **argv)
 	/* don't use getgroups(0, 0) - it doesn't work on some systems */
 	i = 16;
 	for (;;) {
-		grouplist = (GETGROUPS_T *) xmalloc (i * sizeof (GETGROUPS_T));
+		grouplist = (GETGROUPS_T *) xmallocarray (i, sizeof (GETGROUPS_T));
 		ngroups = getgroups (i, grouplist);
 		if (i > ngroups && !(ngroups == -1 && errno == EINVAL)) {
 			break;

src/newusers.c

@@ -1200,9 +1200,9 @@ int main (int argc, char **argv)
 #ifdef USE_PAM
 		/* keep the list of user/password for later update by PAM */
 		nusers++;
-		lines     = reallocf (lines,     sizeof (lines[0])     * nusers);
-		usernames = reallocf (usernames, sizeof (usernames[0]) * nusers);
-		passwords = reallocf (passwords, sizeof (passwords[0]) * nusers);
+		lines     = reallocf (lines,     nusers, sizeof (lines[0]));
+		usernames = reallocf (usernames, nusers, sizeof (usernames[0]));
+		passwords = reallocf (passwords, nusers, sizeof (passwords[0]));
 		if (lines == NULL || usernames == NULL || passwords == NULL) {
 			fprintf (stderr,
 			         _("%s: line %d: %s\n"),

src/su.c

@@ -238,7 +238,7 @@ static void execve_shell (const char *shellname,
 		while (NULL != args[n_args]) {
 			n_args++;
 		}
-		targs = (char **) xmalloc ((n_args + 3) * sizeof (args[0]));
+		targs = (char **) xmallocarray (n_args + 3, sizeof (args[0]));
 		targs[0] = "sh";
 		targs[1] = "-";
 		targs[2] = xstrdup (shellname);

src/useradd.c

@@ -2539,7 +2539,7 @@ int main (int argc, char **argv)
 #endif
 
 	sys_ngroups = sysconf (_SC_NGROUPS_MAX);
-	user_groups = (char **) xmalloc ((1 + sys_ngroups) * sizeof (char *));
+	user_groups = (char **) xmallocarray (1 + sys_ngroups, sizeof (char *));
 	/*
 	 * Initialize the list to be empty
 	 */

src/usermod.c

@@ -2150,7 +2150,7 @@ int main (int argc, char **argv)
 #endif
 
 	sys_ngroups = sysconf (_SC_NGROUPS_MAX);
-	user_groups = (char **) malloc (sizeof (char *) * (1 + sys_ngroups));
+	user_groups = (char **) mallocarray (sys_ngroups + 1, sizeof (char *));
 	user_groups[0] = NULL;
 
 	is_shadow_pwd = spw_file_present ();