Use calloc instead of malloc followed by memset.

ChangeLog

@@ -7,6 +7,9 @@
     Fix for Secunia Advisory SA45125, heap overflow (heap gets overwritten with
     byte value of 0) due to integer overflow if PAF file handler.
 
+    * src/ima_adpcm.c src/ms_adpcm.c src/paf.c
+    Use calloc instead of malloc followed by memset.
+
 2011-07-05  Erik de Castro Lopo  <erikd AT mega-nerd DOT com>
 
     * src/ogg.c

src/ima_adpcm.c

@@ -186,13 +186,11 @@ ima_reader_init (SF_PRIVATE *psf, int blockalign, int samplesperblock)
 
 	pimasize = sizeof (IMA_ADPCM_PRIVATE) + blockalign * psf->sf.channels + 3 * psf->sf.channels * samplesperblock ;
 
-	if (! (pima = malloc (pimasize)))
+	if (! (pima = calloc (1, pimasize)))
 		return SFE_MALLOC_FAILED ;
 
 	psf->codec_data = (void*) pima ;
 
-	memset (pima, 0, pimasize) ;
-
 	pima->samples	= pima->data ;
 	pima->block		= (unsigned char*) (pima->data + samplesperblock * psf->sf.channels) ;
 

src/ms_adpcm.c

@@ -142,10 +142,9 @@ wav_w64_msadpcm_init	(SF_PRIVATE *psf, int blockalign, int samplesperblock)
 
 	pmssize = sizeof (MSADPCM_PRIVATE) + blockalign + 3 * psf->sf.channels * samplesperblock ;
 
-	if (! (psf->codec_data = malloc (pmssize)))
+	if (! (psf->codec_data = calloc (1, pmssize)))
 		return SFE_MALLOC_FAILED ;
 	pms = (MSADPCM_PRIVATE*) psf->codec_data ;
-	memset (pms, 0, pmssize) ;
 
 	pms->samples	= pms->dummydata ;
 	pms->block		= (unsigned char*) (pms->dummydata + psf->sf.channels * samplesperblock) ;

src/paf.c

@@ -359,11 +359,10 @@ paf24_init (SF_PRIVATE *psf)
 	*/
 	psf->last_op = 0 ;
 
-	if (! (psf->codec_data = malloc (paf24size)))
+	if (! (psf->codec_data = calloc (1, paf24size)))
 		return SFE_MALLOC_FAILED ;
 
 	ppaf24 = (PAF24_PRIVATE*) psf->codec_data ;
-	memset (ppaf24, 0, paf24size) ;
 
 	ppaf24->channels	= psf->sf.channels ;
 	ppaf24->samples		= ppaf24->data ;