From a331a7a04feacd5310468d4281a8abd618d2fb2a Mon Sep 17 00:00:00 2001
From: Nicolas Williams <nico@twosigma.com>
Date: Fri, 30 Dec 2022 16:38:13 -0600
Subject: [PATCH] wind: Check for integer overflow in idn-lookup utility

---
 lib/wind/idn-lookup.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/wind/idn-lookup.c b/lib/wind/idn-lookup.c
index 378c912a3..45da15633 100644
--- a/lib/wind/idn-lookup.c
+++ b/lib/wind/idn-lookup.c
@@ -69,9 +69,9 @@ lookup(const char *name)
     struct addrinfo *ai;
 
     size_t u_len = strlen(name);
-    uint32_t *u = malloc(u_len * sizeof(uint32_t));
+    uint32_t *u = calloc(u_len, sizeof(uint32_t));
     size_t norm_len = u_len * 2;
-    uint32_t *norm = malloc(norm_len * sizeof(uint32_t));
+    uint32_t *norm = calloc(norm_len, sizeof(uint32_t));
 
     if (u == NULL && u_len != 0)
 	errx(1, "malloc failed");