all: Refactor malloc+memset to use calloc

When a zeroed out allocation is required, use calloc() rather than
malloc() followed by an explicit memset(). The result will be the
same, but using calloc() everywhere increases consistency in the
codebase and avoids the risk of subtle bugs when code is injected
between malloc and memset by accident.

Closes https://github.com/curl/curl/pull/2497

3 files changed, 6 insertions, 18 deletions

diff --git a/lib/vauth/krb5_sspi.c b/lib/vauth/krb5_sspi.c
index 1b4cef486..196b157d6 100644
--- a/lib/vauth/krb5_sspi.c
+++ b/lib/vauth/krb5_sspi.c
@@ -150,12 +150,10 @@ CURLcode Curl_auth_create_gssapi_user_message(struct Curl_easy *data,
       krb5->p_identity = NULL;
 
     /* Allocate our credentials handle */
-    krb5->credentials = malloc(sizeof(CredHandle));
+    krb5->credentials = calloc(1, sizeof(CredHandle));
     if(!krb5->credentials)
       return CURLE_OUT_OF_MEMORY;
 
-    memset(krb5->credentials, 0, sizeof(CredHandle));
-
     /* Acquire our credentials handle */
     status = s_pSecFn->AcquireCredentialsHandle(NULL,
                                                 (TCHAR *)
@@ -167,11 +165,9 @@ CURLcode Curl_auth_create_gssapi_user_message(struct Curl_easy *data,
       return CURLE_LOGIN_DENIED;
 
     /* Allocate our new context handle */
-    krb5->context = malloc(sizeof(CtxtHandle));
+    krb5->context = calloc(1, sizeof(CtxtHandle));
     if(!krb5->context)
       return CURLE_OUT_OF_MEMORY;
-
-    memset(krb5->context, 0, sizeof(CtxtHandle));
   }
 
   if(chlg64 && *chlg64) {
diff --git a/lib/vauth/ntlm_sspi.c b/lib/vauth/ntlm_sspi.c
index e748ce3b6..921524618 100644
--- a/lib/vauth/ntlm_sspi.c
+++ b/lib/vauth/ntlm_sspi.c
@@ -125,12 +125,10 @@ CURLcode Curl_auth_create_ntlm_type1_message(struct Curl_easy *data,
     ntlm->p_identity = NULL;
 
   /* Allocate our credentials handle */
-  ntlm->credentials = malloc(sizeof(CredHandle));
+  ntlm->credentials = calloc(1, sizeof(CredHandle));
   if(!ntlm->credentials)
     return CURLE_OUT_OF_MEMORY;
 
-  memset(ntlm->credentials, 0, sizeof(CredHandle));
-
   /* Acquire our credentials handle */
   status = s_pSecFn->AcquireCredentialsHandle(NULL,
                                               (TCHAR *) TEXT(SP_NAME_NTLM),
@@ -141,12 +139,10 @@ CURLcode Curl_auth_create_ntlm_type1_message(struct Curl_easy *data,
     return CURLE_LOGIN_DENIED;
 
   /* Allocate our new context handle */
-  ntlm->context = malloc(sizeof(CtxtHandle));
+  ntlm->context = calloc(1, sizeof(CtxtHandle));
   if(!ntlm->context)
     return CURLE_OUT_OF_MEMORY;
 
-  memset(ntlm->context, 0, sizeof(CtxtHandle));
-
   /* Setup the type-1 "output" security buffer */
   type_1_desc.ulVersion = SECBUFFER_VERSION;
   type_1_desc.cBuffers  = 1;
diff --git a/lib/vauth/spnego_sspi.c b/lib/vauth/spnego_sspi.c
index a6797cdaf..c8ecacff6 100644
--- a/lib/vauth/spnego_sspi.c
+++ b/lib/vauth/spnego_sspi.c
@@ -153,12 +153,10 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
       nego->p_identity = NULL;
 
     /* Allocate our credentials handle */
-    nego->credentials = malloc(sizeof(CredHandle));
+    nego->credentials = calloc(1, sizeof(CredHandle));
     if(!nego->credentials)
       return CURLE_OUT_OF_MEMORY;
 
-    memset(nego->credentials, 0, sizeof(CredHandle));
-
     /* Acquire our credentials handle */
     nego->status =
       s_pSecFn->AcquireCredentialsHandle(NULL,
@@ -170,11 +168,9 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
       return CURLE_LOGIN_DENIED;
 
     /* Allocate our new context handle */
-    nego->context = malloc(sizeof(CtxtHandle));
+    nego->context = calloc(1, sizeof(CtxtHandle));
     if(!nego->context)
       return CURLE_OUT_OF_MEMORY;
-
-    memset(nego->context, 0, sizeof(CtxtHandle));
   }
 
   if(chlg64 && *chlg64) {