Merge pull request #440 from Azure/ttins/bug-5913912

Malloc to Calloc calls for 0 initialize padding bytes
Azure · Mar 18, 2020 · bbfb2b9 · bbfb2b9
2 parents 37ce4d9 + 3847953
commit bbfb2b9
Show file tree

Hide file tree

Showing 26 changed files with 472 additions and 206 deletions.
diff --git a/adapters/condition_win32.c b/adapters/condition_win32.c
@@ -20,12 +20,12 @@ CONDITION;
 COND_HANDLE Condition_Init(void)
 {
     // Codes_SRS_CONDITION_18_002: [ Condition_Init shall create and return a CONDITION_HANDLE ]
-
     CONDITION* cond = (CONDITION*)malloc(sizeof(CONDITION));
 
     // Codes_SRS_CONDITION_18_008: [ Condition_Init shall return NULL if it fails to allocate the CONDITION_HANDLE ]
     if (cond != NULL)
     {
+        (void)memset(cond, 0, sizeof(CONDITION));
         cond->event_handle = CreateEvent(NULL, FALSE, FALSE, NULL);
 
         if (cond->event_handle == NULL)

diff --git a/adapters/socketio_win32.c b/adapters/socketio_win32.c
@@ -111,7 +111,7 @@ static void indicate_error(SOCKET_IO_INSTANCE* socket_io_instance)
 static int add_pending_io(SOCKET_IO_INSTANCE* socket_io_instance, const unsigned char* buffer, size_t size, ON_SEND_COMPLETE on_send_complete, void* callback_context)
 {
     int result;
-    PENDING_SOCKET_IO* pending_socket_io = (PENDING_SOCKET_IO*)malloc(sizeof(PENDING_SOCKET_IO));
+    PENDING_SOCKET_IO* pending_socket_io = (PENDING_SOCKET_IO*)calloc(1, sizeof(PENDING_SOCKET_IO));
     if (pending_socket_io == NULL)
     {
         result = MU_FAILURE;

diff --git a/adapters/srw_lock.c b/adapters/srw_lock.c
@@ -104,7 +104,7 @@ SRW_LOCK_HANDLE srw_lock_create(bool do_statistics, const char* lock_name)
 {
     SRW_LOCK_HANDLE result;
     /*Codes_SRS_SRW_LOCK_02_001: [ srw_lock_create shall allocate memory for SRW_LOCK_HANDLE. ]*/
-    result = malloc(sizeof(SRW_LOCK_HANDLE_DATA));
+    result = calloc(1, sizeof(SRW_LOCK_HANDLE_DATA));
     if (result == NULL)
     {
         /*return as is*/

diff --git a/adapters/tlsio_schannel.c b/adapters/tlsio_schannel.c
@@ -1296,7 +1296,7 @@ int tlsio_schannel_send(CONCRETE_IO_HANDLE tls_io, const void* buffer, size_t si
     if (tls_io_instance->tlsio_state == TLSIO_STATE_RENEGOTIATE)
     {
         /* add to pending list */
-        PENDING_SEND* new_pending_send = (PENDING_SEND*)malloc(sizeof(PENDING_SEND));
+        PENDING_SEND* new_pending_send = (PENDING_SEND*)calloc(1, sizeof(PENDING_SEND));
         if (new_pending_send == NULL)
         {
             LogError("Cannot allocate memory for pending IO");

diff --git a/src/buffer.c b/src/buffer.c
@@ -18,7 +18,7 @@ typedef struct BUFFER_TAG
 /* Codes_SRS_BUFFER_07_001: [BUFFER_new shall allocate a BUFFER_HANDLE that will contain a NULL unsigned char*.] */
 BUFFER_HANDLE BUFFER_new(void)
 {
-    BUFFER* temp = (BUFFER*)malloc(sizeof(BUFFER));
+    BUFFER* temp = (BUFFER*)calloc(1, sizeof(BUFFER));
     /* Codes_SRS_BUFFER_07_002: [BUFFER_new shall return NULL on any error that occurs.] */
     if (temp != NULL)
     {
@@ -64,7 +64,7 @@ BUFFER_HANDLE BUFFER_create(const unsigned char* source, size_t size)
     else
     {
         /*Codes_SRS_BUFFER_02_002: [Otherwise, BUFFER_create shall allocate memory to hold size bytes and shall copy from source size bytes into the newly allocated memory.] */
-        result = (BUFFER*)malloc(sizeof(BUFFER));
+        result = (BUFFER*)calloc(1, sizeof(BUFFER));
         if (result == NULL)
         {
             /*Codes_SRS_BUFFER_02_003: [If allocating memory fails, then BUFFER_create shall return NULL.] */
@@ -94,7 +94,7 @@ BUFFER_HANDLE BUFFER_create(const unsigned char* source, size_t size)
 BUFFER_HANDLE BUFFER_create_with_size(size_t buff_size)
 {
     BUFFER* result;
-    result = (BUFFER*)malloc(sizeof(BUFFER));
+    result = (BUFFER*)calloc(1, sizeof(BUFFER));
     if (result != NULL)
     {
         if (buff_size == 0)
@@ -642,7 +642,7 @@ BUFFER_HANDLE BUFFER_clone(BUFFER_HANDLE handle)
     else
     {
         BUFFER* suppliedBuff = (BUFFER*)handle;
-        BUFFER* b = (BUFFER*)malloc(sizeof(BUFFER));
+        BUFFER* b = (BUFFER*)calloc(1, sizeof(BUFFER));
         if (b != NULL)
         {
             if (BUFFER_safemalloc(b, suppliedBuff->size) != 0)

diff --git a/src/constbuffer.c b/src/constbuffer.c
@@ -33,7 +33,7 @@ static CONSTBUFFER_HANDLE CONSTBUFFER_Create_Internal(const unsigned char* sourc
     CONSTBUFFER_HANDLE result;
     /*Codes_SRS_CONSTBUFFER_02_005: [The non-NULL handle returned by CONSTBUFFER_Create shall have its ref count set to "1".]*/
     /*Codes_SRS_CONSTBUFFER_02_010: [The non-NULL handle returned by CONSTBUFFER_CreateFromBuffer shall have its ref count set to "1".]*/
-    result = (CONSTBUFFER_HANDLE)malloc(sizeof(CONSTBUFFER_HANDLE_DATA) + size);
+    result = (CONSTBUFFER_HANDLE)calloc(1, (sizeof(CONSTBUFFER_HANDLE_DATA) + size));
     if (result == NULL)
     {
         /*Codes_SRS_CONSTBUFFER_02_003: [If creating the copy fails then CONSTBUFFER_Create shall return NULL.]*/
@@ -116,7 +116,7 @@ IMPLEMENT_MOCKABLE_FUNCTION(, CONSTBUFFER_HANDLE, CONSTBUFFER_CreateWithMoveMemo
     }
     else
     {
-        result = (CONSTBUFFER_HANDLE)malloc(sizeof(CONSTBUFFER_HANDLE_DATA));
+        result = (CONSTBUFFER_HANDLE)calloc(1, sizeof(CONSTBUFFER_HANDLE_DATA));
         if (result == NULL)
         {
             /* Codes_SRS_CONSTBUFFER_01_005: [ If any error occurs, CONSTBUFFER_CreateWithMoveMemory shall fail and return NULL. ]*/
@@ -157,7 +157,7 @@ IMPLEMENT_MOCKABLE_FUNCTION(, CONSTBUFFER_HANDLE, CONSTBUFFER_CreateWithCustomFr
     }
     else
     {
-        result = (CONSTBUFFER_HANDLE)malloc(sizeof(CONSTBUFFER_HANDLE_DATA));
+        result = (CONSTBUFFER_HANDLE)calloc(1, sizeof(CONSTBUFFER_HANDLE_DATA));
         if (result == NULL)
         {
             /* Codes_SRS_CONSTBUFFER_01_011: [ If any error occurs, CONSTBUFFER_CreateWithMoveMemory shall fail and return NULL. ]*/
@@ -205,7 +205,7 @@ IMPLEMENT_MOCKABLE_FUNCTION(, CONSTBUFFER_HANDLE, CONSTBUFFER_CreateFromOffsetAn
     else
     {
         /*Codes_SRS_CONSTBUFFER_02_028: [ CONSTBUFFER_CreateFromOffsetAndSize shall allocate memory for a new CONSTBUFFER_HANDLE's content. ]*/
-        result = (CONSTBUFFER_HANDLE)malloc(sizeof(CONSTBUFFER_HANDLE_DATA));
+        result = (CONSTBUFFER_HANDLE)calloc(1, sizeof(CONSTBUFFER_HANDLE_DATA));
         if (result == NULL)
         {
             /*Codes_SRS_CONSTBUFFER_02_032: [ If there are any failures then CONSTBUFFER_CreateFromOffsetAndSize shall fail and return NULL. ]*/

diff --git a/src/gballoc.c b/src/gballoc.c
@@ -94,7 +94,7 @@ void* gballoc_malloc(size_t size)
     }
     else
     {
-        ALLOCATION* allocation = (ALLOCATION*)malloc(sizeof(ALLOCATION));
+        ALLOCATION* allocation = (ALLOCATION*)calloc(1, sizeof(ALLOCATION));
         if (allocation == NULL)
         {
             result = NULL;
@@ -150,7 +150,7 @@ void* gballoc_calloc(size_t nmemb, size_t size)
     }
     else
     {
-        ALLOCATION* allocation = (ALLOCATION*)malloc(sizeof(ALLOCATION));
+        ALLOCATION* allocation = (ALLOCATION*)calloc(1, sizeof(ALLOCATION));
         if (allocation == NULL)
         {
             result = NULL;
@@ -211,7 +211,7 @@ void* gballoc_realloc(void* ptr, size_t size)
         if (ptr == NULL)
         {
             /* Codes_SRS_GBALLOC_01_017: [When ptr is NULL, gballoc_realloc shall call the underlying realloc with ptr being NULL and the realloc result shall be tracked by gballoc.] */
-            allocation = (ALLOCATION*)malloc(sizeof(ALLOCATION));
+            allocation = (ALLOCATION*)calloc(1, sizeof(ALLOCATION));
         }
         else
         {

diff --git a/src/http_proxy_io.c b/src/http_proxy_io.c
@@ -78,7 +78,7 @@ static CONCRETE_IO_HANDLE http_proxy_io_create(void* io_create_parameters)
         else
         {
             /* Codes_SRS_HTTP_PROXY_IO_01_001: [ http_proxy_io_create shall create a new instance of the HTTP proxy IO. ]*/
-            result = (HTTP_PROXY_IO_INSTANCE*)malloc(sizeof(HTTP_PROXY_IO_INSTANCE));
+            result = (HTTP_PROXY_IO_INSTANCE*)calloc(1, sizeof(HTTP_PROXY_IO_INSTANCE));
             if (result == NULL)
             {
                 /* Codes_SRS_HTTP_PROXY_IO_01_051: [ If allocating memory for the new instance fails, http_proxy_io_create shall fail and return NULL. ]*/

diff --git a/src/httpapiex.c b/src/httpapiex.c
@@ -82,7 +82,7 @@ HTTPAPIEX_HANDLE HTTPAPIEX_Create(const char* hostName)
     else
     {
         /*Codes_SRS_HTTPAPIEX_02_005: [If creating the handle fails for any reason, then HTTAPIEX_Create shall return NULL.] */
-        HTTPAPIEX_HANDLE_DATA* handleData = (HTTPAPIEX_HANDLE_DATA*)malloc(sizeof(HTTPAPIEX_HANDLE_DATA));
+        HTTPAPIEX_HANDLE_DATA* handleData = (HTTPAPIEX_HANDLE_DATA*)calloc(1, sizeof(HTTPAPIEX_HANDLE_DATA));
         if (handleData == NULL)
         {
             LogError("malloc failed.");

diff --git a/src/map.c b/src/map.c
@@ -24,7 +24,7 @@ typedef struct MAP_HANDLE_DATA_TAG
 MAP_HANDLE Map_Create(MAP_FILTER_CALLBACK mapFilterFunc)
 {
     /*Codes_SRS_MAP_02_001: [Map_Create shall create a new, empty map.]*/
-    MAP_HANDLE_DATA* result = (MAP_HANDLE_DATA*)malloc(sizeof(MAP_HANDLE_DATA));
+    MAP_HANDLE_DATA* result = (MAP_HANDLE_DATA*)calloc(1, sizeof(MAP_HANDLE_DATA));
     /*Codes_SRS_MAP_02_002: [If during creation there are any error, then Map_Create shall return NULL.]*/
     if (result != NULL)
     {
@@ -109,7 +109,7 @@ MAP_HANDLE Map_Clone(MAP_HANDLE handle)
     else
     {
         MAP_HANDLE_DATA * handleData = (MAP_HANDLE_DATA *)handle;
-        result = (MAP_HANDLE_DATA*)malloc(sizeof(MAP_HANDLE_DATA));
+        result = (MAP_HANDLE_DATA*)calloc(1, sizeof(MAP_HANDLE_DATA));
         if (result == NULL)
         {
             /*Codes_SRS_MAP_02_047: [If during cloning, any operation fails, then Map_Clone shall return NULL.] */

diff --git a/src/string_tokenizer.c b/src/string_tokenizer.c
@@ -47,7 +47,7 @@ extern STRING_TOKENIZER_HANDLE STRING_TOKENIZER_create_from_char(const char* inp
         result = NULL;
     }
     /* Codes_SRS_STRING_07_002: [STRING_TOKENIZER_create shall allocate a new STRING_TOKENIZER_HANDLE having the content of the STRING_HANDLE copied and current position pointing at the beginning of the string] */
-    else if ((result = (STRING_TOKEN*)malloc(sizeof(STRING_TOKEN))) == NULL)
+    else if ((result = (STRING_TOKEN*)calloc(1, sizeof(STRING_TOKEN))) == NULL)
     {
         LogError("Memory Allocation failed. Cannot allocate STRING_TOKENIZER.");
     }

diff --git a/src/wsio.c b/src/wsio.c
@@ -216,7 +216,7 @@ CONCRETE_IO_HANDLE wsio_create(void* io_create_parameters)
     else
     {
         /* Codes_SRS_WSIO_01_001: [wsio_create shall create an instance of wsio and return a non-NULL handle to it.] */
-        result = (WSIO_INSTANCE*)malloc(sizeof(WSIO_INSTANCE));
+        result = (WSIO_INSTANCE*)calloc(1, sizeof(WSIO_INSTANCE));
         if (result == NULL)
         {
             /* Codes_SRS_WSIO_01_068: [ If allocating memory for the new wsio instance fails then wsio_create shall return NULL. ]*/

diff --git a/tests/azure_base64_ut/azure_base64_ut.c b/tests/azure_base64_ut/azure_base64_ut.c
@@ -20,6 +20,11 @@ static void* my_gballoc_malloc(size_t size)
     return malloc(size);
 }
 
+static void* my_gballoc_calloc(size_t nmemb, size_t size)
+{
+    return calloc(nmemb, size);
+}
+
 static void* my_gballoc_realloc(void* ptr, size_t size)
 {
     return realloc(ptr, size);
@@ -1489,6 +1494,7 @@ TEST_SUITE_INITIALIZE(TestSuiteInitialize)
     umock_c_init(on_umock_c_error);
 
     REGISTER_GLOBAL_MOCK_HOOK(gballoc_malloc, my_gballoc_malloc);
+    REGISTER_GLOBAL_MOCK_HOOK(gballoc_calloc, my_gballoc_calloc);
     REGISTER_GLOBAL_MOCK_HOOK(gballoc_realloc, my_gballoc_realloc);
     REGISTER_GLOBAL_MOCK_HOOK(gballoc_free, my_gballoc_free);
 }

diff --git a/tests/buffer_ut/buffer_ut.c b/tests/buffer_ut/buffer_ut.c
@@ -17,6 +17,9 @@
 static size_t currentmalloc_call = 0;
 static size_t whenShallmalloc_fail = 0;
 
+static size_t currentcalloc_call = 0;
+static size_t whenShallcalloc_fail = 0;
+
 static size_t currentrealloc_call = 0;
 static size_t whenShallrealloc_fail = 0;
 
@@ -42,6 +45,28 @@ void* my_gballoc_malloc(size_t size)
     return result;
 }
 
+void* my_gballoc_calloc(size_t nmemb, size_t size)
+{
+    void* result;
+    currentcalloc_call++;
+    if (whenShallcalloc_fail > 0)
+    {
+        if (currentcalloc_call == whenShallcalloc_fail)
+        {
+            result = NULL;
+        }
+        else
+        {
+            result = calloc(nmemb, size);
+        }
+    }
+    else
+    {
+        result = calloc(nmemb, size);
+    }
+    return result;
+}
+
 void* my_gballoc_realloc(void* ptr, size_t size)
 {
     void* result;
@@ -104,6 +129,7 @@ BEGIN_TEST_SUITE(Buffer_UnitTests)
         umock_c_init(on_umock_c_error);
 
         REGISTER_GLOBAL_MOCK_HOOK(gballoc_malloc, my_gballoc_malloc);
+        REGISTER_GLOBAL_MOCK_HOOK(gballoc_calloc, my_gballoc_calloc);
         REGISTER_GLOBAL_MOCK_HOOK(gballoc_realloc, my_gballoc_realloc);
         REGISTER_GLOBAL_MOCK_HOOK(gballoc_free, my_gballoc_free);
     }
@@ -127,6 +153,9 @@ BEGIN_TEST_SUITE(Buffer_UnitTests)
         currentmalloc_call = 0;
         whenShallmalloc_fail = 0;
 
+        currentcalloc_call = 0;
+        whenShallcalloc_fail = 0;
+
         currentrealloc_call = 0;
         whenShallrealloc_fail = 0;
     }
@@ -141,8 +170,8 @@ BEGIN_TEST_SUITE(Buffer_UnitTests)
     {
         ///arrange
         BUFFER_HANDLE g_hBuffer;
-        STRICT_EXPECTED_CALL(gballoc_malloc(IGNORED_NUM_ARG))
-            .IgnoreArgument(1);
+        STRICT_EXPECTED_CALL(gballoc_calloc(IGNORED_NUM_ARG, IGNORED_NUM_ARG))
+            .IgnoreAllArguments();
 
         ///act
         g_hBuffer = BUFFER_new();
@@ -314,8 +343,8 @@ BEGIN_TEST_SUITE(Buffer_UnitTests)
         int nResult;
         BUFFER_HANDLE g_hBuffer;
 
-        STRICT_EXPECTED_CALL(gballoc_malloc(IGNORED_NUM_ARG))
-            .IgnoreArgument(1);
+        STRICT_EXPECTED_CALL(gballoc_calloc(IGNORED_NUM_ARG, IGNORED_NUM_ARG))
+            .IgnoreAllArguments();
 
         STRICT_EXPECTED_CALL(gballoc_realloc(IGNORED_PTR_ARG, ALLOCATION_SIZE))
             .IgnoreArgument(1);
@@ -1409,7 +1438,7 @@ BEGIN_TEST_SUITE(Buffer_UnitTests)
         (void)BUFFER_build(g_hBuffer, BUFFER_TEST_VALUE, ALLOCATION_SIZE);
         umock_c_reset_all_calls();
 
-        STRICT_EXPECTED_CALL(gballoc_malloc(IGNORED_NUM_ARG));
+        STRICT_EXPECTED_CALL(gballoc_calloc(IGNORED_NUM_ARG, IGNORED_NUM_ARG)).IgnoreAllArguments();
         STRICT_EXPECTED_CALL(gballoc_malloc(ALLOCATION_SIZE));
 
         ///act
@@ -1461,8 +1490,8 @@ BEGIN_TEST_SUITE(Buffer_UnitTests)
         size_t howBig;
         char c = '3';
 
-        STRICT_EXPECTED_CALL(gballoc_malloc(IGNORED_NUM_ARG))
-            .IgnoreArgument(1);
+        STRICT_EXPECTED_CALL(gballoc_calloc(IGNORED_NUM_ARG, IGNORED_NUM_ARG))
+            .IgnoreAllArguments();
 
         STRICT_EXPECTED_CALL(gballoc_malloc(1));
 
@@ -1492,7 +1521,8 @@ BEGIN_TEST_SUITE(Buffer_UnitTests)
         const unsigned char* data;
         char c = '3';
 
-        STRICT_EXPECTED_CALL(gballoc_malloc(IGNORED_NUM_ARG));
+        STRICT_EXPECTED_CALL(gballoc_calloc(IGNORED_NUM_ARG, IGNORED_NUM_ARG))
+            .IgnoreAllArguments();
 
         STRICT_EXPECTED_CALL(gballoc_malloc(1));
 
@@ -1518,12 +1548,11 @@ BEGIN_TEST_SUITE(Buffer_UnitTests)
         char c = '3';
         BUFFER_HANDLE res;
 
-        STRICT_EXPECTED_CALL(gballoc_malloc(IGNORED_NUM_ARG));
+        whenShallmalloc_fail = 1;
+        STRICT_EXPECTED_CALL(gballoc_calloc(IGNORED_NUM_ARG, IGNORED_NUM_ARG));
         STRICT_EXPECTED_CALL(gballoc_malloc(1));
         STRICT_EXPECTED_CALL(gballoc_free(IGNORED_PTR_ARG));
 
-        whenShallmalloc_fail = 2;
-
         ///act
         res = BUFFER_create((const unsigned char*)&c, 1);
 
@@ -1542,9 +1571,9 @@ BEGIN_TEST_SUITE(Buffer_UnitTests)
         char c = '3';
         BUFFER_HANDLE res;
 
-        whenShallmalloc_fail = 1;
-        STRICT_EXPECTED_CALL(gballoc_malloc(IGNORED_NUM_ARG))
-            .IgnoreArgument(1);
+        whenShallcalloc_fail = 1;
+        STRICT_EXPECTED_CALL(gballoc_calloc(IGNORED_NUM_ARG, IGNORED_NUM_ARG))
+            .IgnoreAllArguments();
 
         ///act
         res = BUFFER_create((const unsigned char*)&c, 1);
@@ -1566,7 +1595,8 @@ BEGIN_TEST_SUITE(Buffer_UnitTests)
         BUFFER_HANDLE res;
         size_t alloc_size = 32;
 
-        STRICT_EXPECTED_CALL(gballoc_malloc(IGNORED_NUM_ARG));
+        STRICT_EXPECTED_CALL(gballoc_calloc(IGNORED_NUM_ARG, IGNORED_NUM_ARG))
+            .IgnoreAllArguments();
         STRICT_EXPECTED_CALL(gballoc_malloc(alloc_size));
 
         //act
@@ -1588,7 +1618,8 @@ BEGIN_TEST_SUITE(Buffer_UnitTests)
         BUFFER_HANDLE res;
         size_t alloc_size = 0;
 
-        STRICT_EXPECTED_CALL(gballoc_malloc(IGNORED_NUM_ARG));
+        STRICT_EXPECTED_CALL(gballoc_calloc(IGNORED_NUM_ARG, IGNORED_NUM_ARG))
+            .IgnoreAllArguments();
 
         //act
         res = BUFFER_create_with_size(alloc_size);
@@ -1609,7 +1640,9 @@ BEGIN_TEST_SUITE(Buffer_UnitTests)
         BUFFER_HANDLE res;
         size_t alloc_size = 32;
 
-        STRICT_EXPECTED_CALL(gballoc_malloc(IGNORED_NUM_ARG)).SetReturn(NULL);
+        STRICT_EXPECTED_CALL(gballoc_calloc(IGNORED_NUM_ARG, IGNORED_NUM_ARG))
+            .IgnoreAllArguments()
+            .SetReturn(NULL);
 
         //act
         res = BUFFER_create_with_size(alloc_size);
@@ -1628,7 +1661,8 @@ BEGIN_TEST_SUITE(Buffer_UnitTests)
         BUFFER_HANDLE res;
         size_t alloc_size = 32;
 
-        STRICT_EXPECTED_CALL(gballoc_malloc(IGNORED_NUM_ARG));
+        STRICT_EXPECTED_CALL(gballoc_calloc(IGNORED_NUM_ARG, IGNORED_NUM_ARG))
+            .IgnoreAllArguments();
         STRICT_EXPECTED_CALL(gballoc_malloc(alloc_size)).SetReturn(NULL);
         STRICT_EXPECTED_CALL(gballoc_free(IGNORED_PTR_ARG));