> This doesn't fix the problems, only removes markers alerting us > to audit it. > > Memory management in these files is still missing integer overflow > checks, NULL return checks, and is full of crazy abominations [...]
Yes, I saw that but I thought I'd take care of one thing first then send patches to fix other things, but I get your point. > X509_NAME * > parse_name(char *subject, long chtype, int multirdn) > { > size_t buflen = strlen(subject) + 1; /* ... > char *buf = malloc(buflen); > size_t max_ne = buflen / 2 + 1; /* maximum number of name elements */ > char **ne_types = malloc(max_ne * sizeof(char *)); > char **ne_values = malloc(max_ne * sizeof(char *)); > int *mval = malloc(max_ne * sizeof(int)); Beautiful.