grub-lakitu: BACKPORT: FROMGIT: calloc: Use calloc() at most places

This modifies most of the places we do some form of:

  X = malloc(Y * Z);

to use calloc(Y, Z) instead.

Among other issues, this fixes:
  - allocation of integer overflow in grub_png_decode_image_header()
    reported by Chris Coulson,
  - allocation of integer overflow in luks_recover_key()
    reported by Chris Coulson,
  - allocation of integer overflow in grub_lvm_detect()
    reported by Chris Coulson.

Fixes: CVE-2020-14308

Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Upstream-commit-id: 48eeedf1e4b
(cherry picked from commit cd97ed407e995a8457ffd2e6947972850ca72902
 https://github.com/rhboot/grub2 fedora-31)
Signed-off-by: Robert Kolchmeyer <rkolchmeyer@google.com>

Conflicts:
 - util/grub-mkimagexx.c: Needed to account for new program structure in
 one xmalloc -> xcalloc switch (line 1945).

BUG=b/162782466
TEST=shielded_vm_test

Change-Id: I1b060abd392bc4990a8f920327820552dbd96548
85 files changed
tree: 975ab7ec37af2e44b36f9bf8c9e19cc5bb9c00f4
  1. OWNERS
  2. README
  3. grub-lakitu/