[openssl-commits] [openssl] master update

Rich Salz rsalz at openssl.org
Thu Sep 3 20:26:43 UTC 2015


The branch master has been updated
       via  64b25758edca688a30f02c260262150f7ad0bc7d (commit)
      from  fb4844bbc62fb014c115cd8fd2fc4304cba6eb89 (commit)


- Log -----------------------------------------------------------------
commit 64b25758edca688a30f02c260262150f7ad0bc7d
Author: Rich Salz <rsalz at akamai.com>
Date:   Thu Sep 3 09:15:26 2015 -0400

    remove 0 assignments.
    
    After openssl_zalloc, cleanup more "set to 0/NULL" assignments.
    Many are from github feedback.
    
    Reviewed-by: Tim Hudson <tjh at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 apps/s_cb.c                 |  9 +--------
 crypto/asn1/a_object.c      |  7 +------
 crypto/asn1/ameth_lib.c     | 35 ++---------------------------------
 crypto/asn1/asn1_lib.c      |  5 +----
 crypto/asn1/tasn_prn.c      |  8 ++------
 crypto/asn1/x_info.c        | 12 ++----------
 crypto/asn1/x_pkey.c        |  7 -------
 crypto/bio/bf_buff.c        | 10 +++-------
 crypto/bio/bf_nbio.c        |  3 +--
 crypto/bio/bss_dgram.c      |  3 ---
 crypto/bn/bn_ctx.c          |  6 +-----
 crypto/bn/bn_lib.c          |  6 +-----
 crypto/buffer/buffer.c      |  6 +-----
 crypto/comp/c_zlib.c        | 19 ++-----------------
 crypto/conf/conf_mod.c      |  3 +--
 crypto/dh/dh_lib.c          | 15 +--------------
 crypto/dh/dh_pmeth.c        | 12 ++----------
 crypto/dsa/dsa_lib.c        | 15 +--------------
 crypto/ec/ec_key.c          |  8 +-------
 crypto/ec/ec_lib.c          | 16 ++--------------
 crypto/ec/ec_mult.c         |  5 +----
 crypto/ec/ec_pmeth.c        | 11 +----------
 crypto/ecdsa/ecs_lib.c      |  9 +--------
 crypto/engine/eng_dyn.c     | 13 +++----------
 crypto/engine/eng_openssl.c |  7 ++-----
 crypto/evp/bio_b64.c        |  8 +-------
 crypto/evp/bio_enc.c        |  8 ++------
 crypto/evp/bio_ok.c         | 10 +---------
 crypto/evp/pmeth_lib.c      | 30 +-----------------------------
 crypto/hmac/hm_pmeth.c      |  7 ++-----
 crypto/lhash/lhash.c        | 26 +++-----------------------
 crypto/objects/o_names.c    |  6 +-----
 crypto/ocsp/ocsp_ht.c       |  3 +--
 crypto/rsa/rsa_lib.c        | 18 +-----------------
 crypto/rsa/rsa_pmeth.c      | 11 +----------
 crypto/stack/stack.c        |  8 ++------
 crypto/ui/ui_lib.c          |  5 +----
 crypto/x509/x509_lu.c       | 20 ++------------------
 crypto/x509/x_name.c        |  4 +---
 crypto/x509v3/Makefile      | 29 +++++++++++++++--------------
 crypto/x509v3/pcy_data.c    |  7 ++-----
 crypto/x509v3/pcy_node.c    |  4 ++--
 crypto/x509v3/pcy_tree.c    |  6 +-----
 engines/e_capi.c            |  7 +------
 ssl/ssl_conf.c              | 18 +-----------------
 ssl/ssl_lib.c               | 43 +------------------------------------------
 ssl/ssl_sess.c              | 19 +------------------
 47 files changed, 78 insertions(+), 469 deletions(-)

diff --git a/apps/s_cb.c b/apps/s_cb.c
index 07ce997..a1305d3 100644
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -991,14 +991,7 @@ static int ssl_excert_prepend(SSL_EXCERT **pexc)
 {
     SSL_EXCERT *exc = app_malloc(sizeof(*exc), "prepend cert");
 
-    exc->certfile = NULL;
-    exc->keyfile = NULL;
-    exc->chainfile = NULL;
-    exc->cert = NULL;
-    exc->key = NULL;
-    exc->chain = NULL;
-    exc->prev = NULL;
-    exc->build_chain = 0;
+    memset(exc, 0, sizeof(*exc));
 
     exc->next = *pexc;
     *pexc = exc;
diff --git a/crypto/asn1/a_object.c b/crypto/asn1/a_object.c
index ab37fa3..44473dc 100644
--- a/crypto/asn1/a_object.c
+++ b/crypto/asn1/a_object.c
@@ -345,16 +345,11 @@ ASN1_OBJECT *ASN1_OBJECT_new(void)
 {
     ASN1_OBJECT *ret;
 
-    ret = OPENSSL_malloc(sizeof(*ret));
+    ret = OPENSSL_zalloc(sizeof(*ret));
     if (ret == NULL) {
         ASN1err(ASN1_F_ASN1_OBJECT_NEW, ERR_R_MALLOC_FAILURE);
         return (NULL);
     }
-    ret->length = 0;
-    ret->data = NULL;
-    ret->nid = 0;
-    ret->sn = NULL;
-    ret->ln = NULL;
     ret->flags = ASN1_OBJECT_FLAG_DYNAMIC;
     return (ret);
 }
diff --git a/crypto/asn1/ameth_lib.c b/crypto/asn1/ameth_lib.c
index 155de83..feef015 100644
--- a/crypto/asn1/ameth_lib.c
+++ b/crypto/asn1/ameth_lib.c
@@ -296,48 +296,17 @@ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
         ameth->info = BUF_strdup(info);
         if (!ameth->info)
             goto err;
-    } else
-        ameth->info = NULL;
+    }
 
     if (pem_str) {
         ameth->pem_str = BUF_strdup(pem_str);
         if (!ameth->pem_str)
             goto err;
-    } else
-        ameth->pem_str = NULL;
-
-    ameth->pub_decode = 0;
-    ameth->pub_encode = 0;
-    ameth->pub_cmp = 0;
-    ameth->pub_print = 0;
-
-    ameth->priv_decode = 0;
-    ameth->priv_encode = 0;
-    ameth->priv_print = 0;
-
-    ameth->old_priv_encode = 0;
-    ameth->old_priv_decode = 0;
-
-    ameth->item_verify = 0;
-    ameth->item_sign = 0;
-
-    ameth->pkey_size = 0;
-    ameth->pkey_bits = 0;
-
-    ameth->param_decode = 0;
-    ameth->param_encode = 0;
-    ameth->param_missing = 0;
-    ameth->param_copy = 0;
-    ameth->param_cmp = 0;
-    ameth->param_print = 0;
-
-    ameth->pkey_free = 0;
-    ameth->pkey_ctrl = 0;
+    }
 
     return ameth;
 
  err:
-
     EVP_PKEY_asn1_free(ameth);
     return NULL;
 
diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c
index 94b5ad5..3b36644 100644
--- a/crypto/asn1/asn1_lib.c
+++ b/crypto/asn1/asn1_lib.c
@@ -348,15 +348,12 @@ ASN1_STRING *ASN1_STRING_type_new(int type)
 {
     ASN1_STRING *ret;
 
-    ret = OPENSSL_malloc(sizeof(*ret));
+    ret = OPENSSL_zalloc(sizeof(*ret));
     if (ret == NULL) {
         ASN1err(ASN1_F_ASN1_STRING_TYPE_NEW, ERR_R_MALLOC_FAILURE);
         return (NULL);
     }
-    ret->length = 0;
     ret->type = type;
-    ret->data = NULL;
-    ret->flags = 0;
     return (ret);
 }
 
diff --git a/crypto/asn1/tasn_prn.c b/crypto/asn1/tasn_prn.c
index 716db8f..5314c61 100644
--- a/crypto/asn1/tasn_prn.c
+++ b/crypto/asn1/tasn_prn.c
@@ -85,16 +85,12 @@ ASN1_PCTX default_pctx = {
 ASN1_PCTX *ASN1_PCTX_new(void)
 {
     ASN1_PCTX *ret;
-    ret = OPENSSL_malloc(sizeof(*ret));
+
+    ret = OPENSSL_zalloc(sizeof(*ret));
     if (ret == NULL) {
         ASN1err(ASN1_F_ASN1_PCTX_NEW, ERR_R_MALLOC_FAILURE);
         return NULL;
     }
-    ret->flags = 0;
-    ret->nm_flags = 0;
-    ret->cert_flags = 0;
-    ret->oid_flags = 0;
-    ret->str_flags = 0;
     return ret;
 }
 
diff --git a/crypto/asn1/x_info.c b/crypto/asn1/x_info.c
index 5be934c..0a75e49 100644
--- a/crypto/asn1/x_info.c
+++ b/crypto/asn1/x_info.c
@@ -64,22 +64,14 @@
 
 X509_INFO *X509_INFO_new(void)
 {
-    X509_INFO *ret = NULL;
+    X509_INFO *ret;
 
-    ret = OPENSSL_malloc(sizeof(*ret));
+    ret = OPENSSL_zalloc(sizeof(*ret));
     if (ret == NULL) {
         ASN1err(ASN1_F_X509_INFO_NEW, ERR_R_MALLOC_FAILURE);
         return (NULL);
     }
-
-    ret->enc_cipher.cipher = NULL;
-    ret->enc_len = 0;
-    ret->enc_data = NULL;
-
     ret->references = 1;
-    ret->x509 = NULL;
-    ret->crl = NULL;
-    ret->x_pkey = NULL;
     return (ret);
 }
 
diff --git a/crypto/asn1/x_pkey.c b/crypto/asn1/x_pkey.c
index 0710419..0665aab 100644
--- a/crypto/asn1/x_pkey.c
+++ b/crypto/asn1/x_pkey.c
@@ -70,17 +70,10 @@ X509_PKEY *X509_PKEY_new(void)
     if (!ret)
         goto err;
 
-    ret->version = 0;
     ret->enc_algor = X509_ALGOR_new();
     ret->enc_pkey = ASN1_OCTET_STRING_new();
     if (!ret->enc_algor || !ret->enc_pkey)
         goto err;
-    ret->dec_pkey = NULL;
-    ret->key_length = 0;
-    ret->key_data = NULL;
-    ret->key_free = 0;
-    ret->cipher.cipher = NULL;
-    memset(ret->cipher.iv, 0, EVP_MAX_IV_LENGTH);
     ret->references = 1;
     return ret;
 err:
diff --git a/crypto/bio/bf_buff.c b/crypto/bio/bf_buff.c
index 4fd8d15..b7a3772 100644
--- a/crypto/bio/bf_buff.c
+++ b/crypto/bio/bf_buff.c
@@ -91,27 +91,23 @@ BIO_METHOD *BIO_f_buffer(void)
 
 static int buffer_new(BIO *bi)
 {
-    BIO_F_BUFFER_CTX *ctx = OPENSSL_malloc(sizeof(*ctx));
+    BIO_F_BUFFER_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx));
 
     if (ctx == NULL)
         return (0);
+    ctx->ibuf_size = DEFAULT_BUFFER_SIZE;
     ctx->ibuf = OPENSSL_malloc(DEFAULT_BUFFER_SIZE);
     if (ctx->ibuf == NULL) {
         OPENSSL_free(ctx);
         return (0);
     }
+    ctx->obuf_size = DEFAULT_BUFFER_SIZE;
     ctx->obuf = OPENSSL_malloc(DEFAULT_BUFFER_SIZE);
     if (ctx->obuf == NULL) {
         OPENSSL_free(ctx->ibuf);
         OPENSSL_free(ctx);
         return (0);
     }
-    ctx->ibuf_size = DEFAULT_BUFFER_SIZE;
-    ctx->obuf_size = DEFAULT_BUFFER_SIZE;
-    ctx->ibuf_len = 0;
-    ctx->ibuf_off = 0;
-    ctx->obuf_len = 0;
-    ctx->obuf_off = 0;
 
     bi->init = 1;
     bi->ptr = (char *)ctx;
diff --git a/crypto/bio/bf_nbio.c b/crypto/bio/bf_nbio.c
index 7980711..2a2e314 100644
--- a/crypto/bio/bf_nbio.c
+++ b/crypto/bio/bf_nbio.c
@@ -102,13 +102,12 @@ static int nbiof_new(BIO *bi)
 {
     NBIO_TEST *nt;
 
-    if ((nt = OPENSSL_malloc(sizeof(*nt))) == NULL)
+    if ((nt = OPENSSL_zalloc(sizeof(*nt))) == NULL)
         return (0);
     nt->lrn = -1;
     nt->lwn = -1;
     bi->ptr = (char *)nt;
     bi->init = 1;
-    bi->flags = 0;
     return (1);
 }
 
diff --git a/crypto/bio/bss_dgram.c b/crypto/bio/bss_dgram.c
index bbb9aca..91474fc 100644
--- a/crypto/bio/bss_dgram.c
+++ b/crypto/bio/bss_dgram.c
@@ -225,10 +225,7 @@ static int dgram_new(BIO *bi)
 
     if (data == NULL)
         return 0;
-    bi->init = 0;
-    bi->num = 0;
     bi->ptr = data;
-    bi->flags = 0;
     return (1);
 }
 
diff --git a/crypto/bn/bn_ctx.c b/crypto/bn/bn_ctx.c
index 660e626..756d404 100644
--- a/crypto/bn/bn_ctx.c
+++ b/crypto/bn/bn_ctx.c
@@ -190,17 +190,13 @@ BN_CTX *BN_CTX_new(void)
 {
     BN_CTX *ret;
 
-    if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL) {
+    if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL) {
         BNerr(BN_F_BN_CTX_NEW, ERR_R_MALLOC_FAILURE);
         return NULL;
     }
     /* Initialise the structure */
     BN_POOL_init(&ret->pool);
     BN_STACK_init(&ret->stack);
-    ret->used = 0;
-    ret->err_stack = 0;
-    ret->too_many = 0;
-    ret->flags = 0;
     return ret;
 }
 
diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c
index 2ca6bea..3b07d7d 100644
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@@ -275,15 +275,11 @@ BIGNUM *BN_new(void)
 {
     BIGNUM *ret;
 
-    if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL) {
+    if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL) {
         BNerr(BN_F_BN_NEW, ERR_R_MALLOC_FAILURE);
         return (NULL);
     }
     ret->flags = BN_FLG_MALLOCED;
-    ret->top = 0;
-    ret->neg = 0;
-    ret->dmax = 0;
-    ret->d = NULL;
     bn_check_top(ret);
     return (ret);
 }
diff --git a/crypto/buffer/buffer.c b/crypto/buffer/buffer.c
index 5ee11f4..705037b 100644
--- a/crypto/buffer/buffer.c
+++ b/crypto/buffer/buffer.c
@@ -81,15 +81,11 @@ BUF_MEM *BUF_MEM_new(void)
 {
     BUF_MEM *ret;
 
-    ret = OPENSSL_malloc(sizeof(*ret));
+    ret = OPENSSL_zalloc(sizeof(*ret));
     if (ret == NULL) {
         BUFerr(BUF_F_BUF_MEM_NEW, ERR_R_MALLOC_FAILURE);
         return (NULL);
     }
-    ret->flags = 0;
-    ret->length = 0;
-    ret->max = 0;
-    ret->data = NULL;
     return (ret);
 }
 
diff --git a/crypto/comp/c_zlib.c b/crypto/comp/c_zlib.c
index 4747511..ea01ba4 100644
--- a/crypto/comp/c_zlib.c
+++ b/crypto/comp/c_zlib.c
@@ -166,7 +166,7 @@ struct zlib_state {
 static int zlib_stateful_init(COMP_CTX *ctx)
 {
     int err;
-    struct zlib_state *state = OPENSSL_malloc(sizeof(*state));
+    struct zlib_state *state = OPENSSL_zalloc(sizeof(*state));
 
     if (state == NULL)
         goto err;
@@ -176,8 +176,6 @@ static int zlib_stateful_init(COMP_CTX *ctx)
     state->istream.opaque = Z_NULL;
     state->istream.next_in = Z_NULL;
     state->istream.next_out = Z_NULL;
-    state->istream.avail_in = 0;
-    state->istream.avail_out = 0;
     err = inflateInit_(&state->istream, ZLIB_VERSION, sizeof(z_stream));
     if (err != Z_OK)
         goto err;
@@ -187,8 +185,6 @@ static int zlib_stateful_init(COMP_CTX *ctx)
     state->ostream.opaque = Z_NULL;
     state->ostream.next_in = Z_NULL;
     state->ostream.next_out = Z_NULL;
-    state->ostream.avail_in = 0;
-    state->ostream.avail_out = 0;
     err = deflateInit_(&state->ostream, Z_DEFAULT_COMPRESSION,
                        ZLIB_VERSION, sizeof(z_stream));
     if (err != Z_OK)
@@ -367,28 +363,17 @@ static int bio_zlib_new(BIO *bi)
         return 0;
     }
 # endif
-    ctx = OPENSSL_malloc(sizeof(*ctx));
+    ctx = OPENSSL_zalloc(sizeof(*ctx));
     if (!ctx) {
         COMPerr(COMP_F_BIO_ZLIB_NEW, ERR_R_MALLOC_FAILURE);
         return 0;
     }
-    ctx->ibuf = NULL;
-    ctx->obuf = NULL;
     ctx->ibufsize = ZLIB_DEFAULT_BUFSIZE;
     ctx->obufsize = ZLIB_DEFAULT_BUFSIZE;
     ctx->zin.zalloc = Z_NULL;
     ctx->zin.zfree = Z_NULL;
-    ctx->zin.next_in = NULL;
-    ctx->zin.avail_in = 0;
-    ctx->zin.next_out = NULL;
-    ctx->zin.avail_out = 0;
     ctx->zout.zalloc = Z_NULL;
     ctx->zout.zfree = Z_NULL;
-    ctx->zout.next_in = NULL;
-    ctx->zout.avail_in = 0;
-    ctx->zout.next_out = NULL;
-    ctx->zout.avail_out = 0;
-    ctx->odone = 0;
     ctx->comp_level = Z_DEFAULT_COMPRESSION;
     bi->init = 1;
     bi->ptr = (char *)ctx;
diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c
index 7fbb4ad..c23a0f6 100644
--- a/crypto/conf/conf_mod.c
+++ b/crypto/conf/conf_mod.c
@@ -281,7 +281,7 @@ static CONF_MODULE *module_add(DSO *dso, const char *name,
         supported_modules = sk_CONF_MODULE_new_null();
     if (supported_modules == NULL)
         return NULL;
-    tmod = OPENSSL_malloc(sizeof(*tmod));
+    tmod = OPENSSL_zalloc(sizeof(*tmod));
     if (tmod == NULL)
         return NULL;
 
@@ -289,7 +289,6 @@ static CONF_MODULE *module_add(DSO *dso, const char *name,
     tmod->name = BUF_strdup(name);
     tmod->init = ifunc;
     tmod->finish = ffunc;
-    tmod->links = 0;
 
     if (!sk_CONF_MODULE_push(supported_modules, tmod)) {
         OPENSSL_free(tmod);
diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c
index 4e087d0..49f82d8 100644
--- a/crypto/dh/dh_lib.c
+++ b/crypto/dh/dh_lib.c
@@ -107,7 +107,7 @@ DH *DH_new(void)
 
 DH *DH_new_method(ENGINE *engine)
 {
-    DH *ret = OPENSSL_malloc(sizeof(*ret));
+    DH *ret = OPENSSL_zalloc(sizeof(*ret));
 
     if (ret == NULL) {
         DHerr(DH_F_DH_NEW_METHOD, ERR_R_MALLOC_FAILURE);
@@ -136,19 +136,6 @@ DH *DH_new_method(ENGINE *engine)
     }
 #endif
 
-    ret->pad = 0;
-    ret->version = 0;
-    ret->p = NULL;
-    ret->g = NULL;
-    ret->length = 0;
-    ret->pub_key = NULL;
-    ret->priv_key = NULL;
-    ret->q = NULL;
-    ret->j = NULL;
-    ret->seed = NULL;
-    ret->seedlen = 0;
-    ret->counter = NULL;
-    ret->method_mont_p = NULL;
     ret->references = 1;
     ret->flags = ret->meth->flags;
     CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
diff --git a/crypto/dh/dh_pmeth.c b/crypto/dh/dh_pmeth.c
index 751428c..ff27221 100644
--- a/crypto/dh/dh_pmeth.c
+++ b/crypto/dh/dh_pmeth.c
@@ -98,22 +98,14 @@ typedef struct {
 static int pkey_dh_init(EVP_PKEY_CTX *ctx)
 {
     DH_PKEY_CTX *dctx;
-    dctx = OPENSSL_malloc(sizeof(*dctx));
+
+    dctx = OPENSSL_zalloc(sizeof(*dctx));
     if (!dctx)
         return 0;
     dctx->prime_len = 1024;
     dctx->subprime_len = -1;
     dctx->generator = 2;
-    dctx->use_dsa = 0;
-    dctx->md = NULL;
-    dctx->rfc5114_param = 0;
-
     dctx->kdf_type = EVP_PKEY_DH_KDF_NONE;
-    dctx->kdf_oid = NULL;
-    dctx->kdf_md = NULL;
-    dctx->kdf_ukm = NULL;
-    dctx->kdf_ukmlen = 0;
-    dctx->kdf_outlen = 0;
 
     ctx->data = dctx;
     ctx->keygen_info = dctx->gentmp;
diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c
index a4a8163..b78a2bf 100644
--- a/crypto/dsa/dsa_lib.c
+++ b/crypto/dsa/dsa_lib.c
@@ -115,7 +115,7 @@ DSA *DSA_new_method(ENGINE *engine)
 {
     DSA *ret;
 
-    ret = OPENSSL_malloc(sizeof(*ret));
+    ret = OPENSSL_zalloc(sizeof(*ret));
     if (ret == NULL) {
         DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
         return (NULL);
@@ -142,19 +142,6 @@ DSA *DSA_new_method(ENGINE *engine)
     }
 #endif
 
-    ret->pad = 0;
-    ret->version = 0;
-    ret->p = NULL;
-    ret->q = NULL;
-    ret->g = NULL;
-
-    ret->pub_key = NULL;
-    ret->priv_key = NULL;
-
-    ret->kinv = NULL;
-    ret->r = NULL;
-    ret->method_mont_p = NULL;
-
     ret->references = 1;
     ret->flags = ret->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW;
     CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c
index a954c8e..2380097 100644
--- a/crypto/ec/ec_key.c
+++ b/crypto/ec/ec_key.c
@@ -67,7 +67,7 @@
 
 EC_KEY *EC_KEY_new(void)
 {
-    EC_KEY *ret = OPENSSL_malloc(sizeof(*ret));
+    EC_KEY *ret = OPENSSL_zalloc(sizeof(*ret));
 
     if (ret == NULL) {
         ECerr(EC_F_EC_KEY_NEW, ERR_R_MALLOC_FAILURE);
@@ -75,14 +75,8 @@ EC_KEY *EC_KEY_new(void)
     }
 
     ret->version = 1;
-    ret->flags = 0;
-    ret->group = NULL;
-    ret->pub_key = NULL;
-    ret->priv_key = NULL;
-    ret->enc_flag = 0;
     ret->conv_form = POINT_CONVERSION_UNCOMPRESSED;
     ret->references = 1;
-    ret->method_data = NULL;
     return (ret);
 }
 
diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c
index cd08a55..793645d 100644
--- a/crypto/ec/ec_lib.c
+++ b/crypto/ec/ec_lib.c
@@ -83,37 +83,25 @@ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth)
         return NULL;
     }
 
-    ret = OPENSSL_malloc(sizeof(*ret));
+    ret = OPENSSL_zalloc(sizeof(*ret));
     if (ret == NULL) {
         ECerr(EC_F_EC_GROUP_NEW, ERR_R_MALLOC_FAILURE);
         return NULL;
     }
 
     ret->meth = meth;
-
-    ret->extra_data = NULL;
-    ret->mont_data = NULL;
-
-    ret->generator = NULL;
     ret->order = BN_new();
-    ret->cofactor = NULL;
     if (!ret->order)
         goto err;
     ret->cofactor = BN_new();
     if (!ret->cofactor)
         goto err;
-
-    ret->curve_name = 0;
     ret->asn1_flag = OPENSSL_EC_NAMED_CURVE;
     ret->asn1_form = POINT_CONVERSION_UNCOMPRESSED;
-
-    ret->seed = NULL;
-    ret->seed_len = 0;
-
     if (!meth->group_init(ret))
         goto err;
-
     return ret;
+
  err:
     BN_free(ret->order);
     BN_free(ret->cofactor);
diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c
index 09f042e..a3d9885 100644
--- a/crypto/ec/ec_mult.c
+++ b/crypto/ec/ec_mult.c
@@ -100,17 +100,14 @@ static EC_PRE_COMP *ec_pre_comp_new(const EC_GROUP *group)
     if (!group)
         return NULL;
 
-    ret = OPENSSL_malloc(sizeof(*ret));
+    ret = OPENSSL_zalloc(sizeof(*ret));
     if (!ret) {
         ECerr(EC_F_EC_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
         return ret;
     }
     ret->group = group;
     ret->blocksize = 8;         /* default */
-    ret->numblocks = 0;
     ret->w = 4;                 /* default */
-    ret->points = NULL;
-    ret->num = 0;
     ret->references = 1;
     return ret;
 }
diff --git a/crypto/ec/ec_pmeth.c b/crypto/ec/ec_pmeth.c
index 5ca8ed9..aa1fa9f 100644
--- a/crypto/ec/ec_pmeth.c
+++ b/crypto/ec/ec_pmeth.c
@@ -92,22 +92,13 @@ static int pkey_ec_init(EVP_PKEY_CTX *ctx)
 {
     EC_PKEY_CTX *dctx;
 
-    dctx = OPENSSL_malloc(sizeof(*dctx));
+    dctx = OPENSSL_zalloc(sizeof(*dctx));
     if (!dctx)
         return 0;
-    dctx->gen_group = NULL;
-    dctx->md = NULL;
 
     dctx->cofactor_mode = -1;
-    dctx->co_key = NULL;
     dctx->kdf_type = EVP_PKEY_ECDH_KDF_NONE;
-    dctx->kdf_md = NULL;
-    dctx->kdf_outlen = 0;
-    dctx->kdf_ukm = NULL;
-    dctx->kdf_ukmlen = 0;
-
     ctx->data = dctx;
-
     return 1;
 }
 
diff --git a/crypto/ecdsa/ecs_lib.c b/crypto/ecdsa/ecs_lib.c
index 0db3534..f3007e5 100644
--- a/crypto/ecdsa/ecs_lib.c
+++ b/crypto/ecdsa/ecs_lib.c
@@ -251,7 +251,7 @@ ECDSA_METHOD *ECDSA_METHOD_new(ECDSA_METHOD *ecdsa_meth)
 {
     ECDSA_METHOD *ret;
 
-    ret = OPENSSL_malloc(sizeof(*ret));
+    ret = OPENSSL_zalloc(sizeof(*ret));
     if (ret == NULL) {
         ECDSAerr(ECDSA_F_ECDSA_METHOD_NEW, ERR_R_MALLOC_FAILURE);
         return NULL;
@@ -259,13 +259,6 @@ ECDSA_METHOD *ECDSA_METHOD_new(ECDSA_METHOD *ecdsa_meth)
 
     if (ecdsa_meth)
         *ret = *ecdsa_meth;
-    else {
-        ret->ecdsa_sign_setup = 0;
-        ret->ecdsa_do_sign = 0;
-        ret->ecdsa_do_verify = 0;
-        ret->name = NULL;
-        ret->flags = 0;
-    }
     ret->flags |= ECDSA_METHOD_FLAG_ALLOCATED;
     return ret;
 }
diff --git a/crypto/engine/eng_dyn.c b/crypto/engine/eng_dyn.c
index 777f440..100b050 100644
--- a/crypto/engine/eng_dyn.c
+++ b/crypto/engine/eng_dyn.c
@@ -208,22 +208,15 @@ static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx)
         ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX, ERR_R_MALLOC_FAILURE);
         return 0;
     }
-    c->dynamic_dso = NULL;
-    c->v_check = NULL;
-    c->bind_engine = NULL;
-    c->DYNAMIC_LIBNAME = NULL;
-    c->no_vcheck = 0;
-    c->engine_id = NULL;
-    c->list_add_value = 0;
-    c->DYNAMIC_F1 = "v_check";
-    c->DYNAMIC_F2 = "bind_engine";
-    c->dir_load = 1;
     c->dirs = sk_OPENSSL_STRING_new_null();
     if (!c->dirs) {
         ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX, ERR_R_MALLOC_FAILURE);
         OPENSSL_free(c);
         return 0;
     }
+    c->DYNAMIC_F1 = "v_check";
+    c->DYNAMIC_F2 = "bind_engine";
+    c->dir_load = 1;
     CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
     if ((*ctx = (dynamic_data_ctx *)ENGINE_get_ex_data(e,
                                                        dynamic_ex_data_idx))
diff --git a/crypto/engine/eng_openssl.c b/crypto/engine/eng_openssl.c
index eaf0618..4bc9b2e 100644
--- a/crypto/engine/eng_openssl.c
+++ b/crypto/engine/eng_openssl.c
@@ -425,13 +425,10 @@ typedef struct {
 static int ossl_hmac_init(EVP_PKEY_CTX *ctx)
 {
     OSSL_HMAC_PKEY_CTX *hctx;
-    hctx = OPENSSL_malloc(sizeof(*hctx));
+
+    hctx = OPENSSL_zalloc(sizeof(*hctx));
     if (!hctx)
         return 0;
-    hctx->md = NULL;
-    hctx->ktmp.data = NULL;
-    hctx->ktmp.length = 0;
-    hctx->ktmp.flags = 0;
     hctx->ktmp.type = V_ASN1_OCTET_STRING;
     HMAC_CTX_init(&hctx->ctx);
     EVP_PKEY_CTX_set_data(ctx, hctx);
diff --git a/crypto/evp/bio_b64.c b/crypto/evp/bio_b64.c
index dcb9695..00febc7 100644
--- a/crypto/evp/bio_b64.c
+++ b/crypto/evp/bio_b64.c
@@ -115,18 +115,12 @@ static int b64_new(BIO *bi)
 {
     BIO_B64_CTX *ctx;
 
-    ctx = OPENSSL_malloc(sizeof(*ctx));
+    ctx = OPENSSL_zalloc(sizeof(*ctx));
     if (ctx == NULL)
         return (0);
 
-    ctx->buf_len = 0;
-    ctx->tmp_len = 0;
-    ctx->tmp_nl = 0;
-    ctx->buf_off = 0;
     ctx->cont = 1;
     ctx->start = 1;
-    ctx->encode = 0;
-
     bi->init = 1;
     bi->ptr = (char *)ctx;
     bi->flags = 0;
diff --git a/crypto/evp/bio_enc.c b/crypto/evp/bio_enc.c
index bf74a0a..2e6ce33 100644
--- a/crypto/evp/bio_enc.c
+++ b/crypto/evp/bio_enc.c
@@ -112,17 +112,13 @@ static int enc_new(BIO *bi)
 {
     BIO_ENC_CTX *ctx;
 
-    ctx = OPENSSL_malloc(sizeof(*ctx));
+    ctx = OPENSSL_zalloc(sizeof(*ctx));
     if (ctx == NULL)
         return (0);
-    EVP_CIPHER_CTX_init(&ctx->cipher);
 
-    ctx->buf_len = 0;
-    ctx->buf_off = 0;
+    EVP_CIPHER_CTX_init(&ctx->cipher);
     ctx->cont = 1;
-    ctx->finished = 0;
     ctx->ok = 1;
-
     bi->init = 0;
     bi->ptr = (char *)ctx;
     bi->flags = 0;
diff --git a/crypto/evp/bio_ok.c b/crypto/evp/bio_ok.c
index 9fdf6bc..8658f88 100644
--- a/crypto/evp/bio_ok.c
+++ b/crypto/evp/bio_ok.c
@@ -176,21 +176,13 @@ static int ok_new(BIO *bi)
 {
     BIO_OK_CTX *ctx;
 
-    ctx = OPENSSL_malloc(sizeof(*ctx));
+    ctx = OPENSSL_zalloc(sizeof(*ctx));
     if (ctx == NULL)
         return (0);
 
-    ctx->buf_len = 0;
-    ctx->buf_off = 0;
-    ctx->buf_len_save = 0;
-    ctx->buf_off_save = 0;
     ctx->cont = 1;
-    ctx->finished = 0;
-    ctx->blockout = 0;
     ctx->sigio = 1;
-
     EVP_MD_CTX_init(&ctx->md);
-
     bi->init = 0;
     bi->ptr = (char *)ctx;
     bi->flags = 0;
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index f317471..a2d8382 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -165,7 +165,7 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id)
         return NULL;
     }
 
-    ret = OPENSSL_malloc(sizeof(*ret));
+    ret = OPENSSL_zalloc(sizeof(*ret));
     if (!ret) {
 #ifndef OPENSSL_NO_ENGINE
         if (e)
@@ -178,8 +178,6 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id)
     ret->pmeth = pmeth;
     ret->operation = EVP_PKEY_OP_UNDEFINED;
     ret->pkey = pkey;
-    ret->peerkey = NULL;
-    ret->pkey_gencb = 0;
     if (pkey)
         CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
     ret->data = NULL;
@@ -204,32 +202,6 @@ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags)
 
     pmeth->pkey_id = id;
     pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC;
-    pmeth->init = 0;
-    pmeth->copy = 0;
-    pmeth->cleanup = 0;
-    pmeth->paramgen_init = 0;
-    pmeth->paramgen = 0;
-    pmeth->keygen_init = 0;
-    pmeth->keygen = 0;
-    pmeth->sign_init = 0;
-    pmeth->sign = 0;
-    pmeth->verify_init = 0;
-    pmeth->verify = 0;
-    pmeth->verify_recover_init = 0;
-    pmeth->verify_recover = 0;
-    pmeth->signctx_init = 0;
-    pmeth->signctx = 0;
-    pmeth->verifyctx_init = 0;
-    pmeth->verifyctx = 0;
-    pmeth->encrypt_init = 0;
-    pmeth->encrypt = 0;
-    pmeth->decrypt_init = 0;
-    pmeth->decrypt = 0;
-    pmeth->derive_init = 0;
-    pmeth->derive = 0;
-    pmeth->ctrl = 0;
-    pmeth->ctrl_str = 0;
-
     return pmeth;
 }
 
diff --git a/crypto/hmac/hm_pmeth.c b/crypto/hmac/hm_pmeth.c
index fcccb58..ff9dbe3 100644
--- a/crypto/hmac/hm_pmeth.c
+++ b/crypto/hmac/hm_pmeth.c
@@ -75,13 +75,10 @@ typedef struct {
 static int pkey_hmac_init(EVP_PKEY_CTX *ctx)
 {
     HMAC_PKEY_CTX *hctx;
-    hctx = OPENSSL_malloc(sizeof(*hctx));
+
+    hctx = OPENSSL_zalloc(sizeof(*hctx));
     if (!hctx)
         return 0;
-    hctx->md = NULL;
-    hctx->ktmp.data = NULL;
-    hctx->ktmp.length = 0;
-    hctx->ktmp.flags = 0;
     hctx->ktmp.type = V_ASN1_OCTET_STRING;
     HMAC_CTX_init(&hctx->ctx);
 
diff --git a/crypto/lhash/lhash.c b/crypto/lhash/lhash.c
index 0c9ce8f..4018b60 100644
--- a/crypto/lhash/lhash.c
+++ b/crypto/lhash/lhash.c
@@ -113,40 +113,20 @@ static LHASH_NODE **getrn(_LHASH *lh, const void *data, unsigned long *rhash);
 _LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c)
 {
     _LHASH *ret;
-    int i;
 
-    if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL)
+    if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL)
         goto err0;
-    if ((ret->b = OPENSSL_malloc(sizeof(*ret->b) * MIN_NODES)) == NULL)
+    if ((ret->b = OPENSSL_zalloc(sizeof(*ret->b) * MIN_NODES)) == NULL)
         goto err1;
-    for (i = 0; i < MIN_NODES; i++)
-        ret->b[i] = NULL;
     ret->comp = ((c == NULL) ? (LHASH_COMP_FN_TYPE)strcmp : c);
     ret->hash = ((h == NULL) ? (LHASH_HASH_FN_TYPE)lh_strhash : h);
     ret->num_nodes = MIN_NODES / 2;
     ret->num_alloc_nodes = MIN_NODES;
-    ret->p = 0;
     ret->pmax = MIN_NODES / 2;
     ret->up_load = UP_LOAD;
     ret->down_load = DOWN_LOAD;
-    ret->num_items = 0;
-
-    ret->num_expands = 0;
-    ret->num_expand_reallocs = 0;
-    ret->num_contracts = 0;
-    ret->num_contract_reallocs = 0;
-    ret->num_hash_calls = 0;
-    ret->num_comp_calls = 0;
-    ret->num_insert = 0;
-    ret->num_replace = 0;
-    ret->num_delete = 0;
-    ret->num_no_delete = 0;
-    ret->num_retrieve = 0;
-    ret->num_retrieve_miss = 0;
-    ret->num_hash_comps = 0;
-
-    ret->error = 0;
     return (ret);
+
  err1:
     OPENSSL_free(ret);
  err0:
diff --git a/crypto/objects/o_names.c b/crypto/objects/o_names.c
index d861b6d..7a24ad0 100644
--- a/crypto/objects/o_names.c
+++ b/crypto/objects/o_names.c
@@ -83,7 +83,7 @@ int OBJ_NAME_new_index(unsigned long (*hash_func) (const char *),
     names_type_num++;
     for (i = sk_NAME_FUNCS_num(name_funcs_stack); i < names_type_num; i++) {
         MemCheck_off();
-        name_funcs = OPENSSL_malloc(sizeof(*name_funcs));
+        name_funcs = OPENSSL_zalloc(sizeof(*name_funcs));
         MemCheck_on();
         if (!name_funcs) {
             OBJerr(OBJ_F_OBJ_NAME_NEW_INDEX, ERR_R_MALLOC_FAILURE);
@@ -91,10 +91,6 @@ int OBJ_NAME_new_index(unsigned long (*hash_func) (const char *),
         }
         name_funcs->hash_func = lh_strhash;
         name_funcs->cmp_func = OPENSSL_strcmp;
-        name_funcs->free_func = 0; /* NULL is often declared to * ((void
-                                    * *)0), which according * to Compaq C is
-                                    * not really * compatible with a function
-                                    * * pointer.  -- Richard Levitte */
         MemCheck_off();
         sk_NAME_FUNCS_push(name_funcs_stack, name_funcs);
         MemCheck_on();
diff --git a/crypto/ocsp/ocsp_ht.c b/crypto/ocsp/ocsp_ht.c
index 582ef9c..2c92ee7 100644
--- a/crypto/ocsp/ocsp_ht.c
+++ b/crypto/ocsp/ocsp_ht.c
@@ -113,7 +113,7 @@ static int parse_http_line1(char *line);
 
 OCSP_REQ_CTX *OCSP_REQ_CTX_new(BIO *io, int maxline)
 {
-    OCSP_REQ_CTX *rctx = OPENSSL_malloc(sizeof(*rctx));
+    OCSP_REQ_CTX *rctx = OPENSSL_zalloc(sizeof(*rctx));
 
     if (!rctx)
         return NULL;
@@ -121,7 +121,6 @@ OCSP_REQ_CTX *OCSP_REQ_CTX_new(BIO *io, int maxline)
     rctx->max_resp_len = OCSP_MAX_RESP_LENGTH;
     rctx->mem = BIO_new(BIO_s_mem());
     rctx->io = io;
-    rctx->asn1_len = 0;
     if (maxline > 0)
         rctx->iobuflen = maxline;
     else
diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c
index f62fd73..c64dad4 100644
--- a/crypto/rsa/rsa_lib.c
+++ b/crypto/rsa/rsa_lib.c
@@ -125,7 +125,7 @@ RSA *RSA_new_method(ENGINE *engine)
 {
     RSA *ret;
 
-    ret = OPENSSL_malloc(sizeof(*ret));
+    ret = OPENSSL_zalloc(sizeof(*ret));
     if (ret == NULL) {
         RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
         return NULL;
@@ -153,23 +153,7 @@ RSA *RSA_new_method(ENGINE *engine)
     }
 #endif
 
-    ret->pad = 0;
-    ret->version = 0;
-    ret->n = NULL;
-    ret->e = NULL;
-    ret->d = NULL;
-    ret->p = NULL;
-    ret->q = NULL;
-    ret->dmp1 = NULL;
-    ret->dmq1 = NULL;
-    ret->iqmp = NULL;
     ret->references = 1;
-    ret->_method_mod_n = NULL;
-    ret->_method_mod_p = NULL;
-    ret->_method_mod_q = NULL;
-    ret->blinding = NULL;
-    ret->mt_blinding = NULL;
-    ret->bignum_data = NULL;
     ret->flags = ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW;
     if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) {
 #ifndef OPENSSL_NO_ENGINE
diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c
index ac83de3..dd7b7dd 100644
--- a/crypto/rsa/rsa_pmeth.c
+++ b/crypto/rsa/rsa_pmeth.c
@@ -97,21 +97,12 @@ typedef struct {
 static int pkey_rsa_init(EVP_PKEY_CTX *ctx)
 {
     RSA_PKEY_CTX *rctx;
-    rctx = OPENSSL_malloc(sizeof(*rctx));
+    rctx = OPENSSL_zalloc(sizeof(*rctx));
     if (!rctx)
         return 0;
     rctx->nbits = 1024;
-    rctx->pub_exp = NULL;
     rctx->pad_mode = RSA_PKCS1_PADDING;
-    rctx->md = NULL;
-    rctx->mgf1md = NULL;
-    rctx->tbuf = NULL;
-
     rctx->saltlen = -2;
-
-    rctx->oaep_label = NULL;
-    rctx->oaep_labellen = 0;
-
     ctx->data = rctx;
     ctx->keygen_info = rctx->gentmp;
     ctx->keygen_info_count = 2;
diff --git a/crypto/stack/stack.c b/crypto/stack/stack.c
index c7643db..e9d80a7 100644
--- a/crypto/stack/stack.c
+++ b/crypto/stack/stack.c
@@ -150,19 +150,15 @@ _STACK *sk_new_null(void)
 _STACK *sk_new(int (*c) (const void *, const void *))
 {
     _STACK *ret;
-    int i;
 
-    if ((ret = OPENSSL_malloc(sizeof(_STACK))) == NULL)
+    if ((ret = OPENSSL_zalloc(sizeof(_STACK))) == NULL)
         goto err;
     if ((ret->data = OPENSSL_malloc(sizeof(*ret->data) * MIN_NODES)) == NULL)
         goto err;
-    for (i = 0; i < MIN_NODES; i++)
-        ret->data[i] = NULL;
     ret->comp = c;
     ret->num_alloc = MIN_NODES;
-    ret->num = 0;
-    ret->sorted = 0;
     return (ret);
+
  err:
     OPENSSL_free(ret);
     return (NULL);
diff --git a/crypto/ui/ui_lib.c b/crypto/ui/ui_lib.c
index 654d74f..6837bd6 100644
--- a/crypto/ui/ui_lib.c
+++ b/crypto/ui/ui_lib.c
@@ -74,7 +74,7 @@ UI *UI_new(void)
 
 UI *UI_new_method(const UI_METHOD *method)
 {
-    UI *ret = OPENSSL_malloc(sizeof(*ret));
+    UI *ret = OPENSSL_zalloc(sizeof(*ret));
 
     if (ret == NULL) {
         UIerr(UI_F_UI_NEW_METHOD, ERR_R_MALLOC_FAILURE);
@@ -85,9 +85,6 @@ UI *UI_new_method(const UI_METHOD *method)
     else
         ret->meth = method;
 
-    ret->strings = NULL;
-    ret->user_data = NULL;
-    ret->flags = 0;
     CRYPTO_new_ex_data(CRYPTO_EX_INDEX_UI, ret, &ret->ex_data);
     return ret;
 }
diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c
index 2bd8de6..c53f1e5 100644
--- a/crypto/x509/x509_lu.c
+++ b/crypto/x509/x509_lu.c
@@ -68,15 +68,11 @@ X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method)
 {
     X509_LOOKUP *ret;
 
-    ret = OPENSSL_malloc(sizeof(*ret));
+    ret = OPENSSL_zalloc(sizeof(*ret));
     if (ret == NULL)
         return NULL;
 
-    ret->init = 0;
-    ret->skip = 0;
     ret->method = method;
-    ret->method_data = NULL;
-    ret->store_ctx = NULL;
     if ((method->new_item != NULL) && !method->new_item(ret)) {
         OPENSSL_free(ret);
         return NULL;
@@ -185,27 +181,15 @@ X509_STORE *X509_STORE_new(void)
 {
     X509_STORE *ret;
 
-    if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL)
+    if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL)
         return NULL;
     ret->objs = sk_X509_OBJECT_new(x509_object_cmp);
     ret->cache = 1;
     ret->get_cert_methods = sk_X509_LOOKUP_new_null();
-    ret->verify = 0;
-    ret->verify_cb = 0;
 
     if ((ret->param = X509_VERIFY_PARAM_new()) == NULL)
         return NULL;
 
-    ret->get_issuer = 0;
-    ret->check_issued = 0;
-    ret->check_revocation = 0;
-    ret->get_crl = 0;
-    ret->check_crl = 0;
-    ret->cert_crl = 0;
-    ret->lookup_certs = 0;
-    ret->lookup_crls = 0;
-    ret->cleanup = 0;
-
     if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data)) {
         sk_X509_OBJECT_free(ret->objs);
         OPENSSL_free(ret);
diff --git a/crypto/x509/x_name.c b/crypto/x509/x_name.c
index f8fd337..9bf1523 100644
--- a/crypto/x509/x_name.c
+++ b/crypto/x509/x_name.c
@@ -133,7 +133,7 @@ IMPLEMENT_ASN1_DUP_FUNCTION(X509_NAME)
 
 static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it)
 {
-    X509_NAME *ret = OPENSSL_malloc(sizeof(*ret));
+    X509_NAME *ret = OPENSSL_zalloc(sizeof(*ret));
 
     if (!ret)
         goto memerr;
@@ -141,8 +141,6 @@ static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it)
         goto memerr;
     if ((ret->bytes = BUF_MEM_new()) == NULL)
         goto memerr;
-    ret->canon_enc = NULL;
-    ret->canon_enclen = 0;
     ret->modified = 1;
     *val = (ASN1_VALUE *)ret;
     return 1;
diff --git a/crypto/x509v3/Makefile b/crypto/x509v3/Makefile
index 516e7ad..5c47467 100644
--- a/crypto/x509v3/Makefile
+++ b/crypto/x509v3/Makefile
@@ -505,20 +505,21 @@ v3_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 v3_prn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 v3_prn.o: ../../include/openssl/x509v3.h ../include/internal/cryptlib.h
 v3_prn.o: v3_prn.c
-v3_purp.o: ../../e_os.h ../../include/openssl/asn1.h
-v3_purp.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
-v3_purp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3_purp.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-v3_purp.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
-v3_purp.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_purp.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-v3_purp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-v3_purp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-v3_purp.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-v3_purp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-v3_purp.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-v3_purp.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-v3_purp.o: ../include/internal/cryptlib.h v3_purp.c
+v3_purp.o: ../../e_os.h ../../include/internal/numbers.h
+v3_purp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+v3_purp.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_purp.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_purp.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+v3_purp.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+v3_purp.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_purp.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_purp.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_purp.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_purp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_purp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_purp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_purp.o: ../../include/openssl/x509v3.h ../include/internal/cryptlib.h
+v3_purp.o: v3_purp.c
 v3_scts.o: ../../e_os.h ../../include/openssl/asn1.h
 v3_scts.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
 v3_scts.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
diff --git a/crypto/x509v3/pcy_data.c b/crypto/x509v3/pcy_data.c
index c29641f..bb2760a 100644
--- a/crypto/x509v3/pcy_data.c
+++ b/crypto/x509v3/pcy_data.c
@@ -98,7 +98,7 @@ X509_POLICY_DATA *policy_data_new(POLICYINFO *policy,
             return NULL;
     } else
         id = NULL;
-    ret = OPENSSL_malloc(sizeof(*ret));
+    ret = OPENSSL_zalloc(sizeof(*ret));
     if (!ret)
         return NULL;
     ret->expected_policy_set = sk_ASN1_OBJECT_new_null();
@@ -110,8 +110,6 @@ X509_POLICY_DATA *policy_data_new(POLICYINFO *policy,
 
     if (crit)
         ret->flags = POLICY_DATA_FLAG_CRITICAL;
-    else
-        ret->flags = 0;
 
     if (id)
         ret->valid_policy = id;
@@ -123,8 +121,7 @@ X509_POLICY_DATA *policy_data_new(POLICYINFO *policy,
     if (policy) {
         ret->qualifier_set = policy->qualifiers;
         policy->qualifiers = NULL;
-    } else
-        ret->qualifier_set = NULL;
+    }
 
     return ret;
 }
diff --git a/crypto/x509v3/pcy_node.c b/crypto/x509v3/pcy_node.c
index 855fe3e..64f979a 100644
--- a/crypto/x509v3/pcy_node.c
+++ b/crypto/x509v3/pcy_node.c
@@ -114,12 +114,12 @@ X509_POLICY_NODE *level_add_node(X509_POLICY_LEVEL *level,
                                  X509_POLICY_TREE *tree)
 {
     X509_POLICY_NODE *node;
-    node = OPENSSL_malloc(sizeof(*node));
+
+    node = OPENSSL_zalloc(sizeof(*node));
     if (!node)
         return NULL;
     node->data = data;
     node->parent = parent;
-    node->nchild = 0;
     if (level) {
         if (OBJ_obj2nid(data->valid_policy) == NID_any_policy) {
             if (level->anyPolicy)
diff --git a/crypto/x509v3/pcy_tree.c b/crypto/x509v3/pcy_tree.c
index 2a41903..c6be015 100644
--- a/crypto/x509v3/pcy_tree.c
+++ b/crypto/x509v3/pcy_tree.c
@@ -217,7 +217,7 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs,
     }
 
     /* If we get this far initialize the tree */
-    tree = OPENSSL_malloc(sizeof(*tree));
+    tree = OPENSSL_zalloc(sizeof(*tree));
     if (!tree)
         return 0;
     tree->levels = OPENSSL_zalloc(sizeof(*tree->levels) * n);
@@ -225,10 +225,6 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs,
         OPENSSL_free(tree);
         return 0;
     }
-    tree->flags = 0;
-    tree->extra_data = NULL;
-    tree->auth_policies = NULL;
-    tree->user_policies = NULL;
     tree->nlevel = n;
     level = tree->levels;
 
diff --git a/engines/e_capi.c b/engines/e_capi.c
index 450f89e..8b3cfee 100644
--- a/engines/e_capi.c
+++ b/engines/e_capi.c
@@ -1573,23 +1573,18 @@ void capi_free_key(CAPI_KEY * key)
 
 static CAPI_CTX *capi_ctx_new()
 {
-    CAPI_CTX *ctx = OPENSSL_malloc(sizeof(*ctx));
+    CAPI_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx));
 
     if (!ctx) {
         CAPIerr(CAPI_F_CAPI_CTX_NEW, ERR_R_MALLOC_FAILURE);
         return NULL;
     }
-    ctx->cspname = NULL;
     ctx->csptype = PROV_RSA_FULL;
     ctx->dump_flags = CAPI_DMP_SUMMARY | CAPI_DMP_FNAME;
     ctx->keytype = AT_KEYEXCHANGE;
-    ctx->storename = NULL;
-    ctx->ssl_client_store = NULL;
     ctx->store_flags = CERT_STORE_OPEN_EXISTING_FLAG |
         CERT_STORE_READONLY_FLAG | CERT_SYSTEM_STORE_CURRENT_USER;
     ctx->lookup_method = CAPI_LU_SUBSTR;
-    ctx->debug_level = 0;
-    ctx->debug_file = NULL;
     ctx->client_cert_select = cert_select_simple;
     return ctx;
 }
diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c
index 5c320cb..0a4625c 100644
--- a/ssl/ssl_conf.c
+++ b/ssl/ssl_conf.c
@@ -771,24 +771,8 @@ int SSL_CONF_cmd_value_type(SSL_CONF_CTX *cctx, const char *cmd)
 
 SSL_CONF_CTX *SSL_CONF_CTX_new(void)
 {
-    SSL_CONF_CTX *ret = OPENSSL_malloc(sizeof(*ret));
-    size_t i;
+    SSL_CONF_CTX *ret = OPENSSL_zalloc(sizeof(*ret));
 
-    if (ret) {
-        ret->flags = 0;
-        ret->prefix = NULL;
-        ret->prefixlen = 0;
-        ret->ssl = NULL;
-        ret->ctx = NULL;
-        ret->poptions = NULL;
-        ret->pcert_flags = NULL;
-        ret->pvfy_flags = NULL;
-        ret->tbl = NULL;
-        ret->ntbl = 0;
-        for (i = 0; i < SSL_PKEY_NUM; i++)
-            ret->cert_filename[i] = NULL;
-        ret->canames = NULL;
-    }
     return ret;
 }
 
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index b1d4771..fe07d2c 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1688,41 +1688,16 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
         goto err;
 
     ret->method = meth;
-    ret->cert_store = NULL;
     ret->session_cache_mode = SSL_SESS_CACHE_SERVER;
     ret->session_cache_size = SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;
-    ret->session_cache_head = NULL;
-    ret->session_cache_tail = NULL;
-
-    /* We take the system default */
+    /* We take the system default. */
     ret->session_timeout = meth->get_timeout();
-
-    ret->new_session_cb = 0;
-    ret->remove_session_cb = 0;
-    ret->get_session_cb = 0;
-    ret->generate_session_id = 0;
-
     ret->references = 1;
-    ret->quiet_shutdown = 0;
-    ret->info_callback = NULL;
-    ret->app_verify_callback = 0;
-    ret->app_verify_arg = NULL;
     ret->max_cert_list = SSL_MAX_CERT_LIST_DEFAULT;
-    ret->read_ahead = 0;
-    ret->msg_callback = 0;
-    ret->msg_callback_arg = NULL;
     ret->verify_mode = SSL_VERIFY_NONE;
-    ret->sid_ctx_length = 0;
-    ret->default_verify_callback = NULL;
     if ((ret->cert = ssl_cert_new()) == NULL)
         goto err;
 
-    ret->default_passwd_callback = 0;
-    ret->default_passwd_callback_userdata = NULL;
-    ret->client_cert_cb = 0;
-    ret->app_gen_cookie_cb = 0;
-    ret->app_verify_cookie_cb = 0;
-
     ret->sessions = lh_SSL_SESSION_new();
     if (ret->sessions == NULL)
         goto err;
@@ -1756,39 +1731,23 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
 
     CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data);
 
-    ret->extra_certs = NULL;
     /* No compression for DTLS */
     if (!(meth->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS))
         ret->comp_methods = SSL_COMP_get_compression_methods();
 
     ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
 
-    ret->tlsext_servername_callback = 0;
-    ret->tlsext_servername_arg = NULL;
     /* Setup RFC4507 ticket keys */
     if ((RAND_bytes(ret->tlsext_tick_key_name, 16) <= 0)
         || (RAND_bytes(ret->tlsext_tick_hmac_key, 16) <= 0)
         || (RAND_bytes(ret->tlsext_tick_aes_key, 16) <= 0))
         ret->options |= SSL_OP_NO_TICKET;
 
-    ret->tlsext_status_cb = 0;
-    ret->tlsext_status_arg = NULL;
-
-#ifndef OPENSSL_NO_NEXTPROTONEG
-    ret->next_protos_advertised_cb = 0;
-    ret->next_proto_select_cb = 0;
-#endif
-#ifndef OPENSSL_NO_PSK
-    ret->psk_identity_hint = NULL;
-    ret->psk_client_callback = NULL;
-    ret->psk_server_callback = NULL;
-#endif
 #ifndef OPENSSL_NO_SRP
     if (!SSL_CTX_SRP_CTX_init(ret))
         goto err;
 #endif
 #ifndef OPENSSL_NO_ENGINE
-    ret->client_cert_engine = NULL;
 # ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO
 #  define eng_strx(x)     #x
 #  define eng_str(x)      eng_strx(x)
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 3e980bf..3774db4 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -196,31 +196,14 @@ SSL_SESSION *SSL_SESSION_new(void)
     ss = OPENSSL_zalloc(sizeof(*ss));
     if (ss == NULL) {
         SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE);
-        return (0);
+        return (NULL);
     }
 
     ss->verify_result = 1;      /* avoid 0 (= X509_V_OK) just in case */
     ss->references = 1;
     ss->timeout = 60 * 5 + 4;   /* 5 minute timeout by default */
     ss->time = (unsigned long)time(NULL);
-    ss->prev = NULL;
-    ss->next = NULL;
-    ss->compress_meth = 0;
-    ss->tlsext_hostname = NULL;
-#ifndef OPENSSL_NO_EC
-    ss->tlsext_ecpointformatlist_length = 0;
-    ss->tlsext_ecpointformatlist = NULL;
-    ss->tlsext_ellipticcurvelist_length = 0;
-    ss->tlsext_ellipticcurvelist = NULL;
-#endif
     CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
-#ifndef OPENSSL_NO_PSK
-    ss->psk_identity_hint = NULL;
-    ss->psk_identity = NULL;
-#endif
-#ifndef OPENSSL_NO_SRP
-    ss->srp_username = NULL;
-#endif
     return (ss);
 }
 


More information about the openssl-commits mailing list