On Mon, Aug 18, 2014 at 06:10:41PM +0200, Markus Armbruster wrote: > g_new(T, n) is safer than g_malloc(sizeof(*v) * n) for two reasons. > One, it catches multiplication overflowing size_t. Two, it returns > T * rather than void *, which lets the compiler catch more type > errors. > > Perhaps a conversion to g_malloc_n() would be neater in places, but > that's merely four years old, and we can't use such newfangled stuff. > > This commit only touches allocations with size arguments of the form > sizeof(T), plus two that use 4 instead of sizeof(uint32_t). We can > make the others safe by converting to g_malloc_n() when it becomes > available to us in a couple of years. > > Signed-off-by: Markus Armbruster <arm...@redhat.com> > --- > block/bochs.c | 2 +- > block/parallels.c | 2 +- > block/qcow2-cache.c | 2 +- > block/qed-check.c | 3 +-- > block/rbd.c | 2 +- > block/sheepdog.c | 2 +- > hw/block/nvme.c | 8 ++++---- > qemu-io-cmds.c | 10 +++++----- > 8 files changed, 15 insertions(+), 16 deletions(-) >
[...] Reviewed-by: Jeff Cody <jc...@redhat.com>
