Blame SOURCES/0284-calloc-Use-calloc-at-most-places.patch

5975ab
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
a4d572
From: Peter Jones <pjones@redhat.com>
a4d572
Date: Mon, 15 Jun 2020 12:26:01 -0400
5975ab
Subject: [PATCH] calloc: Use calloc() at most places
a4d572
a4d572
This modifies most of the places we do some form of:
a4d572
a4d572
  X = malloc(Y * Z);
a4d572
a4d572
to use calloc(Y, Z) instead.
a4d572
a4d572
Among other issues, this fixes:
a4d572
  - allocation of integer overflow in grub_png_decode_image_header()
a4d572
    reported by Chris Coulson,
a4d572
  - allocation of integer overflow in luks_recover_key()
a4d572
    reported by Chris Coulson,
a4d572
  - allocation of integer overflow in grub_lvm_detect()
a4d572
    reported by Chris Coulson.
a4d572
a4d572
Fixes: CVE-2020-14308
a4d572
a4d572
Signed-off-by: Peter Jones <pjones@redhat.com>
a4d572
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
a4d572
Upstream-commit-id: 48eeedf1e4b
a4d572
---
5975ab
 grub-core/bus/usb/usbhub.c                |  8 +++---
5975ab
 grub-core/commands/efi/lsefisystab.c      |  3 ++-
5975ab
 grub-core/commands/legacycfg.c            |  6 ++---
a4d572
 grub-core/commands/menuentry.c            |  2 +-
a4d572
 grub-core/commands/nativedisk.c           |  2 +-
5975ab
 grub-core/commands/parttool.c             | 12 ++++++---
a4d572
 grub-core/commands/regexp.c               |  2 +-
a4d572
 grub-core/commands/search_wrap.c          |  2 +-
5975ab
 grub-core/disk/diskfilter.c               |  4 +--
a4d572
 grub-core/disk/ieee1275/ofdisk.c          |  2 +-
5975ab
 grub-core/disk/ldm.c                      | 14 +++++-----
a4d572
 grub-core/disk/luks.c                     |  2 +-
5975ab
 grub-core/disk/lvm.c                      |  8 +++---
a4d572
 grub-core/disk/xen/xendisk.c              |  2 +-
a4d572
 grub-core/efiemu/loadcore.c               |  2 +-
5975ab
 grub-core/efiemu/mm.c                     |  6 ++---
5975ab
 grub-core/font/font.c                     |  3 +--
5975ab
 grub-core/fs/affs.c                       |  6 ++---
5975ab
 grub-core/fs/btrfs.c                      |  4 +--
a4d572
 grub-core/fs/hfs.c                        |  2 +-
5975ab
 grub-core/fs/hfsplus.c                    | 45 ++++++++++++++++++++-----------
a4d572
 grub-core/fs/iso9660.c                    |  2 +-
5975ab
 grub-core/fs/ntfs.c                       |  4 +--
a4d572
 grub-core/fs/sfs.c                        |  2 +-
a4d572
 grub-core/fs/tar.c                        |  2 +-
5975ab
 grub-core/fs/udf.c                        |  4 +--
5975ab
 grub-core/fs/zfs/zfs.c                    |  4 +--
a4d572
 grub-core/gfxmenu/gui_string_util.c       |  2 +-
5975ab
 grub-core/gfxmenu/widget-box.c            |  4 +--
a4d572
 grub-core/io/gzio.c                       |  2 +-
5975ab
 grub-core/kern/efi/efi.c                  | 33 ++++++++++++++++++-----
a4d572
 grub-core/kern/emu/hostdisk.c             |  2 +-
a4d572
 grub-core/kern/fs.c                       |  2 +-
a4d572
 grub-core/kern/misc.c                     |  2 +-
a4d572
 grub-core/kern/parser.c                   |  2 +-
a4d572
 grub-core/kern/uboot/uboot.c              |  2 +-
5975ab
 grub-core/lib/libgcrypt/cipher/ac.c       |  8 +++---
5975ab
 grub-core/lib/libgcrypt/cipher/primegen.c |  4 +--
5975ab
 grub-core/lib/libgcrypt/cipher/pubkey.c   |  4 +--
a4d572
 grub-core/lib/priority_queue.c            |  2 +-
5975ab
 grub-core/lib/reed_solomon.c              |  7 +++--
5975ab
 grub-core/lib/relocator.c                 | 10 +++----
a4d572
 grub-core/loader/arm/linux.c              |  2 +-
5975ab
 grub-core/loader/efi/chainloader.c        | 11 +++++---
a4d572
 grub-core/loader/i386/bsdXX.c             |  2 +-
5975ab
 grub-core/loader/i386/xnu.c               |  4 +--
a4d572
 grub-core/loader/macho.c                  |  2 +-
a4d572
 grub-core/loader/multiboot_elfxx.c        |  2 +-
a4d572
 grub-core/loader/xnu.c                    |  2 +-
5975ab
 grub-core/mmap/mmap.c                     |  4 +--
a4d572
 grub-core/net/bootp.c                     |  2 +-
5975ab
 grub-core/net/dns.c                       | 10 +++----
5975ab
 grub-core/net/net.c                       |  4 +--
5975ab
 grub-core/normal/charset.c                | 10 +++----
5975ab
 grub-core/normal/cmdline.c                | 14 +++++-----
5975ab
 grub-core/normal/menu_entry.c             | 14 +++++-----
5975ab
 grub-core/normal/menu_text.c              |  4 +--
5975ab
 grub-core/normal/term.c                   |  4 +--
5975ab
 grub-core/osdep/linux/getroot.c           |  6 ++---
a4d572
 grub-core/osdep/unix/config.c             |  2 +-
a4d572
 grub-core/osdep/windows/getroot.c         |  2 +-
5975ab
 grub-core/osdep/windows/hostdisk.c        |  4 +--
a4d572
 grub-core/osdep/windows/init.c            |  2 +-
5975ab
 grub-core/osdep/windows/platform.c        |  4 +--
a4d572
 grub-core/osdep/windows/relpath.c         |  2 +-
a4d572
 grub-core/partmap/gpt.c                   |  2 +-
a4d572
 grub-core/partmap/msdos.c                 |  2 +-
a4d572
 grub-core/script/execute.c                |  2 +-
a4d572
 grub-core/tests/fake_input.c              |  2 +-
5975ab
 grub-core/tests/video_checksum.c          |  6 ++---
a4d572
 grub-core/video/capture.c                 |  2 +-
a4d572
 grub-core/video/emu/sdl.c                 |  2 +-
a4d572
 grub-core/video/i386/pc/vga.c             |  2 +-
a4d572
 grub-core/video/readers/png.c             |  2 +-
a4d572
 util/getroot.c                            |  2 +-
a4d572
 util/grub-file.c                          |  2 +-
5975ab
 util/grub-fstest.c                        |  4 +--
a4d572
 util/grub-install-common.c                |  2 +-
5975ab
 util/grub-install.c                       |  4 +--
5975ab
 util/grub-mkimagexx.c                     |  6 ++---
5975ab
 util/grub-mkrescue.c                      |  4 +--
a4d572
 util/grub-mkstandalone.c                  |  2 +-
5975ab
 util/grub-pe2elf.c                        | 12 ++++-----
5975ab
 util/grub-probe.c                         |  4 +--
5975ab
 include/grub/unicode.h                    |  4 +--
a4d572
 85 files changed, 231 insertions(+), 191 deletions(-)
a4d572
a4d572
diff --git a/grub-core/bus/usb/usbhub.c b/grub-core/bus/usb/usbhub.c
09e3cc
index 34a7ff1b5..a06cce302 100644
a4d572
--- a/grub-core/bus/usb/usbhub.c
a4d572
+++ b/grub-core/bus/usb/usbhub.c
a4d572
@@ -149,8 +149,8 @@ grub_usb_add_hub (grub_usb_device_t dev)
a4d572
   grub_usb_set_configuration (dev, 1);
a4d572
 
a4d572
   dev->nports = hubdesc.portcnt;
a4d572
-  dev->children = grub_zalloc (hubdesc.portcnt * sizeof (dev->children[0]));
a4d572
-  dev->ports = grub_zalloc (dev->nports * sizeof (dev->ports[0]));
a4d572
+  dev->children = grub_calloc (hubdesc.portcnt, sizeof (dev->children[0]));
a4d572
+  dev->ports = grub_calloc (dev->nports, sizeof (dev->ports[0]));
a4d572
   if (!dev->children || !dev->ports)
a4d572
     {
a4d572
       grub_free (dev->children);
a4d572
@@ -268,8 +268,8 @@ grub_usb_controller_dev_register_iter (grub_usb_controller_t controller, void *d
a4d572
 
a4d572
   /* Query the number of ports the root Hub has.  */
a4d572
   hub->nports = controller->dev->hubports (controller);
a4d572
-  hub->devices = grub_zalloc (sizeof (hub->devices[0]) * hub->nports);
a4d572
-  hub->ports = grub_zalloc (sizeof (hub->ports[0]) * hub->nports);
a4d572
+  hub->devices = grub_calloc (hub->nports, sizeof (hub->devices[0]));
a4d572
+  hub->ports = grub_calloc (hub->nports, sizeof (hub->ports[0]));
a4d572
   if (!hub->devices || !hub->ports)
a4d572
     {
a4d572
       grub_free (hub->devices);
a4d572
diff --git a/grub-core/commands/efi/lsefisystab.c b/grub-core/commands/efi/lsefisystab.c
09e3cc
index df1030221..cd81507f5 100644
a4d572
--- a/grub-core/commands/efi/lsefisystab.c
a4d572
+++ b/grub-core/commands/efi/lsefisystab.c
a4d572
@@ -71,7 +71,8 @@ grub_cmd_lsefisystab (struct grub_command *cmd __attribute__ ((unused)),
a4d572
     grub_printf ("Vendor: ");
a4d572
     
a4d572
     for (vendor_utf16 = st->firmware_vendor; *vendor_utf16; vendor_utf16++);
a4d572
-    vendor = grub_malloc (4 * (vendor_utf16 - st->firmware_vendor) + 1);
a4d572
+    /* Allocate extra 3 bytes to simplify math. */
a4d572
+    vendor = grub_calloc (4, vendor_utf16 - st->firmware_vendor + 1);
a4d572
     if (!vendor)
a4d572
       return grub_errno;
a4d572
     *grub_utf16_to_utf8 ((grub_uint8_t *) vendor, st->firmware_vendor,
a4d572
diff --git a/grub-core/commands/legacycfg.c b/grub-core/commands/legacycfg.c
09e3cc
index f9d7627bd..da66a8927 100644
a4d572
--- a/grub-core/commands/legacycfg.c
a4d572
+++ b/grub-core/commands/legacycfg.c
a4d572
@@ -314,7 +314,7 @@ grub_cmd_legacy_kernel (struct grub_command *mycmd __attribute__ ((unused)),
a4d572
   if (argc < 2)
a4d572
     return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected"));
a4d572
 
a4d572
-  cutargs = grub_malloc (sizeof (cutargs[0]) * (argc - 1));
a4d572
+  cutargs = grub_calloc (argc - 1, sizeof (cutargs[0]));
a4d572
   if (!cutargs)
a4d572
     return grub_errno;
a4d572
   cutargc = argc - 1;
a4d572
@@ -436,7 +436,7 @@ grub_cmd_legacy_kernel (struct grub_command *mycmd __attribute__ ((unused)),
a4d572
 	    {
a4d572
 	      char rbuf[3] = "-r";
a4d572
 	      bsdargc = cutargc + 2;
a4d572
-	      bsdargs = grub_malloc (sizeof (bsdargs[0]) * bsdargc);
a4d572
+	      bsdargs = grub_calloc (bsdargc, sizeof (bsdargs[0]));
a4d572
 	      if (!bsdargs)
a4d572
 		{
a4d572
 		  err = grub_errno;
a4d572
@@ -559,7 +559,7 @@ grub_cmd_legacy_initrdnounzip (struct grub_command *mycmd __attribute__ ((unused
a4d572
 	return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("can't find command `%s'"),
a4d572
 			   "module");
a4d572
 
a4d572
-      newargs = grub_malloc ((argc + 1) * sizeof (newargs[0]));
a4d572
+      newargs = grub_calloc (argc + 1, sizeof (newargs[0]));
a4d572
       if (!newargs)
a4d572
 	return grub_errno;
a4d572
       grub_memcpy (newargs + 1, args, argc * sizeof (newargs[0]));
a4d572
diff --git a/grub-core/commands/menuentry.c b/grub-core/commands/menuentry.c
09e3cc
index 7004e08ce..4b5fcf2ce 100644
a4d572
--- a/grub-core/commands/menuentry.c
a4d572
+++ b/grub-core/commands/menuentry.c
a4d572
@@ -157,7 +157,7 @@ grub_normal_add_menu_entry (int argc, const char **args,
a4d572
   grub_dprintf ("menu", "menu_id:\"%s\"\n", menu_id);
a4d572
 
a4d572
   /* Save argc, args to pass as parameters to block arg later. */
a4d572
-  menu_args = grub_malloc (sizeof (char*) * (argc + 1));
a4d572
+  menu_args = grub_calloc (argc + 1, sizeof (char *));
a4d572
   if (! menu_args)
a4d572
     goto fail;
a4d572
 
a4d572
diff --git a/grub-core/commands/nativedisk.c b/grub-core/commands/nativedisk.c
09e3cc
index 2f56a870e..d69214f6d 100644
a4d572
--- a/grub-core/commands/nativedisk.c
a4d572
+++ b/grub-core/commands/nativedisk.c
a4d572
@@ -194,7 +194,7 @@ grub_cmd_nativedisk (grub_command_t cmd __attribute__ ((unused)),
a4d572
   else
a4d572
     path_prefix = prefix;
a4d572
 
a4d572
-  mods = grub_malloc (argc * sizeof (mods[0]));
a4d572
+  mods = grub_calloc (argc, sizeof (mods[0]));
a4d572
   if (!mods)
a4d572
     return grub_errno;
a4d572
 
a4d572
diff --git a/grub-core/commands/parttool.c b/grub-core/commands/parttool.c
09e3cc
index 693e2cb42..36dadc0b1 100644
a4d572
--- a/grub-core/commands/parttool.c
a4d572
+++ b/grub-core/commands/parttool.c
a4d572
@@ -59,7 +59,13 @@ grub_parttool_register(const char *part_name,
a4d572
   for (nargs = 0; args[nargs].name != 0; nargs++);
a4d572
   cur->nargs = nargs;
a4d572
   cur->args = (struct grub_parttool_argdesc *)
a4d572
-    grub_malloc ((nargs + 1) * sizeof (struct grub_parttool_argdesc));
a4d572
+    grub_calloc (nargs + 1, sizeof (struct grub_parttool_argdesc));
a4d572
+  if (!cur->args)
a4d572
+    {
a4d572
+      grub_free (cur);
a4d572
+      curhandle--;
a4d572
+      return -1;
a4d572
+    }
a4d572
   grub_memcpy (cur->args, args,
a4d572
 	       (nargs + 1) * sizeof (struct grub_parttool_argdesc));
a4d572
 
a4d572
@@ -257,7 +263,7 @@ grub_cmd_parttool (grub_command_t cmd __attribute__ ((unused)),
a4d572
 	return err;
a4d572
       }
a4d572
 
a4d572
-  parsed = (int *) grub_zalloc (argc * sizeof (int));
a4d572
+  parsed = (int *) grub_calloc (argc, sizeof (int));
a4d572
 
a4d572
   for (i = 1; i < argc; i++)
a4d572
     if (! parsed[i])
a4d572
@@ -290,7 +296,7 @@ grub_cmd_parttool (grub_command_t cmd __attribute__ ((unused)),
a4d572
 	  }
a4d572
 	ptool = cur;
a4d572
 	pargs = (struct grub_parttool_args *)
a4d572
-	  grub_zalloc (ptool->nargs * sizeof (struct grub_parttool_args));
a4d572
+	  grub_calloc (ptool->nargs, sizeof (struct grub_parttool_args));
a4d572
 	for (j = i; j < argc; j++)
a4d572
 	  if (! parsed[j])
a4d572
 	    {
a4d572
diff --git a/grub-core/commands/regexp.c b/grub-core/commands/regexp.c
09e3cc
index f00b184c8..4019164f3 100644
a4d572
--- a/grub-core/commands/regexp.c
a4d572
+++ b/grub-core/commands/regexp.c
a4d572
@@ -116,7 +116,7 @@ grub_cmd_regexp (grub_extcmd_context_t ctxt, int argc, char **args)
a4d572
   if (ret)
a4d572
     goto fail;
a4d572
 
a4d572
-  matches = grub_zalloc (sizeof (*matches) * (regex.re_nsub + 1));
a4d572
+  matches = grub_calloc (regex.re_nsub + 1, sizeof (*matches));
a4d572
   if (! matches)
a4d572
     goto fail;
a4d572
 
a4d572
diff --git a/grub-core/commands/search_wrap.c b/grub-core/commands/search_wrap.c
09e3cc
index d7fd26b94..47fc8eb99 100644
a4d572
--- a/grub-core/commands/search_wrap.c
a4d572
+++ b/grub-core/commands/search_wrap.c
a4d572
@@ -122,7 +122,7 @@ grub_cmd_search (grub_extcmd_context_t ctxt, int argc, char **args)
a4d572
     for (i = 0; state[SEARCH_HINT_BAREMETAL].args[i]; i++)
a4d572
       nhints++;
a4d572
 
a4d572
-  hints = grub_malloc (sizeof (hints[0]) * nhints);
a4d572
+  hints = grub_calloc (nhints, sizeof (hints[0]));
a4d572
   if (!hints)
a4d572
     return grub_errno;
a4d572
   j = 0;
a4d572
diff --git a/grub-core/disk/diskfilter.c b/grub-core/disk/diskfilter.c
09e3cc
index 6f901c0ad..2be019269 100644
a4d572
--- a/grub-core/disk/diskfilter.c
a4d572
+++ b/grub-core/disk/diskfilter.c
a4d572
@@ -1134,7 +1134,7 @@ grub_diskfilter_make_raid (grub_size_t uuidlen, char *uuid, int nmemb,
a4d572
   array->lvs->segments->node_count = nmemb;
a4d572
   array->lvs->segments->raid_member_size = disk_size;
a4d572
   array->lvs->segments->nodes
a4d572
-    = grub_zalloc (nmemb * sizeof (array->lvs->segments->nodes[0]));
a4d572
+    = grub_calloc (nmemb, sizeof (array->lvs->segments->nodes[0]));
a4d572
   array->lvs->segments->stripe_size = stripe_size;
a4d572
   for (i = 0; i < nmemb; i++)
a4d572
     {
a4d572
@@ -1226,7 +1226,7 @@ insert_array (grub_disk_t disk, const struct grub_diskfilter_pv_id *id,
a4d572
 	  grub_partition_t p;
a4d572
 	  for (p = disk->partition; p; p = p->parent)
a4d572
 	    s++;
a4d572
-	  pv->partmaps = xmalloc (s * sizeof (pv->partmaps[0]));
a4d572
+	  pv->partmaps = xcalloc (s, sizeof (pv->partmaps[0]));
a4d572
 	  s = 0;
a4d572
 	  for (p = disk->partition; p; p = p->parent)
a4d572
 	    pv->partmaps[s++] = xstrdup (p->partmap->name);
a4d572
diff --git a/grub-core/disk/ieee1275/ofdisk.c b/grub-core/disk/ieee1275/ofdisk.c
09e3cc
index 235c0fe2c..d887d4b6e 100644
a4d572
--- a/grub-core/disk/ieee1275/ofdisk.c
a4d572
+++ b/grub-core/disk/ieee1275/ofdisk.c
a4d572
@@ -297,7 +297,7 @@ dev_iterate (const struct grub_ieee1275_devalias *alias)
a4d572
       /* Power machines documentation specify 672 as maximum SAS disks in
a4d572
          one system. Using a slightly larger value to be safe. */
a4d572
       table_size = 768;
a4d572
-      table = grub_malloc (table_size * sizeof (grub_uint64_t));
a4d572
+      table = grub_calloc (table_size, sizeof (grub_uint64_t));
a4d572
 
a4d572
       if (!table)
a4d572
         {
a4d572
diff --git a/grub-core/disk/ldm.c b/grub-core/disk/ldm.c
09e3cc
index 2a22d2d6c..e6323701a 100644
a4d572
--- a/grub-core/disk/ldm.c
a4d572
+++ b/grub-core/disk/ldm.c
a4d572
@@ -323,8 +323,8 @@ make_vg (grub_disk_t disk,
a4d572
 	  lv->segments->type = GRUB_DISKFILTER_MIRROR;
a4d572
 	  lv->segments->node_count = 0;
a4d572
 	  lv->segments->node_alloc = 8;
a4d572
-	  lv->segments->nodes = grub_zalloc (sizeof (*lv->segments->nodes)
a4d572
-					     * lv->segments->node_alloc);
a4d572
+	  lv->segments->nodes = grub_calloc (lv->segments->node_alloc,
a4d572
+					     sizeof (*lv->segments->nodes));
a4d572
 	  if (!lv->segments->nodes)
a4d572
 	    goto fail2;
a4d572
 	  ptr = vblk[i].dynamic;
a4d572
@@ -543,8 +543,8 @@ make_vg (grub_disk_t disk,
a4d572
 	    {
a4d572
 	      comp->segment_alloc = 8;
a4d572
 	      comp->segment_count = 0;
a4d572
-	      comp->segments = grub_malloc (sizeof (*comp->segments)
a4d572
-					    * comp->segment_alloc);
a4d572
+	      comp->segments = grub_calloc (comp->segment_alloc,
a4d572
+					    sizeof (*comp->segments));
a4d572
 	      if (!comp->segments)
a4d572
 		goto fail2;
a4d572
 	    }
a4d572
@@ -590,8 +590,8 @@ make_vg (grub_disk_t disk,
a4d572
 		}
a4d572
 	      comp->segments->node_count = read_int (ptr + 1, *ptr);
a4d572
 	      comp->segments->node_alloc = comp->segments->node_count;
a4d572
-	      comp->segments->nodes = grub_zalloc (sizeof (*comp->segments->nodes)
a4d572
-						   * comp->segments->node_alloc);
a4d572
+	      comp->segments->nodes = grub_calloc (comp->segments->node_alloc,
a4d572
+						   sizeof (*comp->segments->nodes));
a4d572
 	      if (!lv->segments->nodes)
a4d572
 		goto fail2;
a4d572
 	    }
a4d572
@@ -1017,7 +1017,7 @@ grub_util_ldm_embed (struct grub_disk *disk, unsigned int *nsectors,
a4d572
       *nsectors = lv->size;
a4d572
       if (*nsectors > max_nsectors)
a4d572
 	*nsectors = max_nsectors;
a4d572
-      *sectors = grub_malloc (*nsectors * sizeof (**sectors));
a4d572
+      *sectors = grub_calloc (*nsectors, sizeof (**sectors));
a4d572
       if (!*sectors)
a4d572
 	return grub_errno;
a4d572
       for (i = 0; i < *nsectors; i++)
a4d572
diff --git a/grub-core/disk/luks.c b/grub-core/disk/luks.c
09e3cc
index 86c50c612..18b3a8bb1 100644
a4d572
--- a/grub-core/disk/luks.c
a4d572
+++ b/grub-core/disk/luks.c
a4d572
@@ -336,7 +336,7 @@ luks_recover_key (grub_disk_t source,
a4d572
 	&& grub_be_to_cpu32 (header.keyblock[i].stripes) > max_stripes)
a4d572
       max_stripes = grub_be_to_cpu32 (header.keyblock[i].stripes);
a4d572
 
a4d572
-  split_key = grub_malloc (keysize * max_stripes);
a4d572
+  split_key = grub_calloc (keysize, max_stripes);
a4d572
   if (!split_key)
a4d572
     return grub_errno;
a4d572
 
a4d572
diff --git a/grub-core/disk/lvm.c b/grub-core/disk/lvm.c
09e3cc
index 7b265c780..d1df640b3 100644
a4d572
--- a/grub-core/disk/lvm.c
a4d572
+++ b/grub-core/disk/lvm.c
a4d572
@@ -173,7 +173,7 @@ grub_lvm_detect (grub_disk_t disk,
a4d572
      first one.  */
a4d572
 
a4d572
   /* Allocate buffer space for the circular worst-case scenario. */
a4d572
-  metadatabuf = grub_malloc (2 * mda_size);
a4d572
+  metadatabuf = grub_calloc (2, mda_size);
a4d572
   if (! metadatabuf)
a4d572
     goto fail;
a4d572
 
a4d572
@@ -426,7 +426,7 @@ grub_lvm_detect (grub_disk_t disk,
a4d572
 #endif
a4d572
 		  goto lvs_fail;
a4d572
 		}
a4d572
-	      lv->segments = grub_zalloc (sizeof (*seg) * lv->segment_count);
a4d572
+	      lv->segments = grub_calloc (lv->segment_count, sizeof (*seg));
a4d572
 	      seg = lv->segments;
a4d572
 
a4d572
 	      for (i = 0; i < lv->segment_count; i++)
a4d572
@@ -483,8 +483,8 @@ grub_lvm_detect (grub_disk_t disk,
a4d572
 		      if (seg->node_count != 1)
a4d572
 			seg->stripe_size = grub_lvm_getvalue (&p, "stripe_size = ");
a4d572
 
a4d572
-		      seg->nodes = grub_zalloc (sizeof (*stripe)
a4d572
-						* seg->node_count);
a4d572
+		      seg->nodes = grub_calloc (seg->node_count,
a4d572
+						sizeof (*stripe));
a4d572
 		      stripe = seg->nodes;
a4d572
 
a4d572
 		      p = grub_strstr (p, "stripes = [");
a4d572
diff --git a/grub-core/disk/xen/xendisk.c b/grub-core/disk/xen/xendisk.c
09e3cc
index b18a9238d..c1b331edb 100644
a4d572
--- a/grub-core/disk/xen/xendisk.c
a4d572
+++ b/grub-core/disk/xen/xendisk.c
a4d572
@@ -426,7 +426,7 @@ grub_xendisk_init (void)
a4d572
   if (!ctr)
a4d572
     return;
a4d572
 
a4d572
-  virtdisks = grub_malloc (ctr * sizeof (virtdisks[0]));
a4d572
+  virtdisks = grub_calloc (ctr, sizeof (virtdisks[0]));
a4d572
   if (!virtdisks)
a4d572
     return;
a4d572
   if (grub_xenstore_dir ("device/vbd", fill, &ctr))
a4d572
diff --git a/grub-core/efiemu/loadcore.c b/grub-core/efiemu/loadcore.c
09e3cc
index 44085ef81..2b924623f 100644
a4d572
--- a/grub-core/efiemu/loadcore.c
a4d572
+++ b/grub-core/efiemu/loadcore.c
a4d572
@@ -201,7 +201,7 @@ grub_efiemu_count_symbols (const Elf_Ehdr *e)
a4d572
 
a4d572
   grub_efiemu_nelfsyms = (unsigned) s->sh_size / (unsigned) s->sh_entsize;
a4d572
   grub_efiemu_elfsyms = (struct grub_efiemu_elf_sym *)
a4d572
-    grub_malloc (sizeof (struct grub_efiemu_elf_sym) * grub_efiemu_nelfsyms);
a4d572
+    grub_calloc (grub_efiemu_nelfsyms, sizeof (struct grub_efiemu_elf_sym));
a4d572
 
a4d572
   /* Relocators */
a4d572
   for (i = 0, s = (Elf_Shdr *) ((char *) e + e->e_shoff);
a4d572
diff --git a/grub-core/efiemu/mm.c b/grub-core/efiemu/mm.c
09e3cc
index 52a032f7b..9b8e0d0ad 100644
a4d572
--- a/grub-core/efiemu/mm.c
a4d572
+++ b/grub-core/efiemu/mm.c
a4d572
@@ -554,11 +554,11 @@ grub_efiemu_mmap_sort_and_uniq (void)
a4d572
   /* Initialize variables*/
a4d572
   grub_memset (present, 0, sizeof (int) * GRUB_EFI_MAX_MEMORY_TYPE);
a4d572
   scanline_events = (struct grub_efiemu_mmap_scan *)
a4d572
-    grub_malloc (sizeof (struct grub_efiemu_mmap_scan) * 2 * mmap_num);
a4d572
+    grub_calloc (mmap_num, sizeof (struct grub_efiemu_mmap_scan) * 2);
a4d572
 
a4d572
   /* Number of chunks can't increase more than by factor of 2 */
a4d572
   result = (grub_efi_memory_descriptor_t *)
a4d572
-    grub_malloc (sizeof (grub_efi_memory_descriptor_t) * 2 * mmap_num);
a4d572
+    grub_calloc (mmap_num, sizeof (grub_efi_memory_descriptor_t) * 2);
a4d572
   if (!result || !scanline_events)
a4d572
     {
a4d572
       grub_free (result);
a4d572
@@ -660,7 +660,7 @@ grub_efiemu_mm_do_alloc (void)
a4d572
 
a4d572
   /* Preallocate mmap */
a4d572
   efiemu_mmap = (grub_efi_memory_descriptor_t *)
a4d572
-    grub_malloc (mmap_reserved_size * sizeof (grub_efi_memory_descriptor_t));
a4d572
+    grub_calloc (mmap_reserved_size, sizeof (grub_efi_memory_descriptor_t));
a4d572
   if (!efiemu_mmap)
a4d572
     {
a4d572
       grub_efiemu_unload ();
a4d572
diff --git a/grub-core/font/font.c b/grub-core/font/font.c
09e3cc
index 53d76a64d..68967dc1c 100644
a4d572
--- a/grub-core/font/font.c
a4d572
+++ b/grub-core/font/font.c
a4d572
@@ -293,8 +293,7 @@ load_font_index (grub_file_t file, grub_uint32_t sect_length, struct
a4d572
   font->num_chars = sect_length / FONT_CHAR_INDEX_ENTRY_SIZE;
a4d572
 
a4d572
   /* Allocate the character index array.  */
a4d572
-  font->char_index = grub_malloc (font->num_chars
a4d572
-				  * sizeof (struct char_index_entry));
a4d572
+  font->char_index = grub_calloc (font->num_chars, sizeof (struct char_index_entry));
a4d572
   if (!font->char_index)
a4d572
     return 1;
a4d572
   font->bmp_idx = grub_malloc (0x10000 * sizeof (grub_uint16_t));
a4d572
diff --git a/grub-core/fs/affs.c b/grub-core/fs/affs.c
09e3cc
index f673897e0..91073795f 100644
a4d572
--- a/grub-core/fs/affs.c
a4d572
+++ b/grub-core/fs/affs.c
a4d572
@@ -301,7 +301,7 @@ grub_affs_read_symlink (grub_fshelp_node_t node)
a4d572
       return 0;
a4d572
     }
a4d572
   latin1[symlink_size] = 0;
a4d572
-  utf8 = grub_malloc (symlink_size * GRUB_MAX_UTF8_PER_LATIN1 + 1);
a4d572
+  utf8 = grub_calloc (GRUB_MAX_UTF8_PER_LATIN1 + 1, symlink_size);
a4d572
   if (!utf8)
a4d572
     {
a4d572
       grub_free (latin1);
a4d572
@@ -422,7 +422,7 @@ grub_affs_iterate_dir (grub_fshelp_node_t dir,
a4d572
 	return 1;
a4d572
     }
a4d572
 
a4d572
-  hashtable = grub_zalloc (data->htsize * sizeof (*hashtable));
a4d572
+  hashtable = grub_calloc (data->htsize, sizeof (*hashtable));
a4d572
   if (!hashtable)
a4d572
     return 1;
a4d572
 
a4d572
@@ -628,7 +628,7 @@ grub_affs_label (grub_device_t device, char **label)
a4d572
       len = file.namelen;
a4d572
       if (len > sizeof (file.name))
a4d572
 	len = sizeof (file.name);
a4d572
-      *label = grub_malloc (len * GRUB_MAX_UTF8_PER_LATIN1 + 1);
a4d572
+      *label = grub_calloc (GRUB_MAX_UTF8_PER_LATIN1 + 1, len);
a4d572
       if (*label)
a4d572
 	*grub_latin1_to_utf8 ((grub_uint8_t *) *label, file.name, len) = '\0';
a4d572
     }
a4d572
diff --git a/grub-core/fs/btrfs.c b/grub-core/fs/btrfs.c
09e3cc
index dac73b2fa..8c8aa9c31 100644
a4d572
--- a/grub-core/fs/btrfs.c
a4d572
+++ b/grub-core/fs/btrfs.c
a4d572
@@ -404,7 +404,7 @@ lower_bound (struct grub_btrfs_data *data,
a4d572
     {
a4d572
       desc->allocated = 16;
a4d572
       desc->depth = 0;
a4d572
-      desc->data = grub_malloc (sizeof (desc->data[0]) * desc->allocated);
a4d572
+      desc->data = grub_calloc (desc->allocated, sizeof (desc->data[0]));
a4d572
       if (!desc->data)
a4d572
 	return grub_errno;
a4d572
     }
a4d572
@@ -2056,7 +2056,7 @@ grub_btrfs_embed (grub_device_t device __attribute__ ((unused)),
a4d572
   *nsectors = 64 * 2 - 1;
a4d572
   if (*nsectors > max_nsectors)
a4d572
     *nsectors = max_nsectors;
a4d572
-  *sectors = grub_malloc (*nsectors * sizeof (**sectors));
a4d572
+  *sectors = grub_calloc (*nsectors, sizeof (**sectors));
a4d572
   if (!*sectors)
a4d572
     return grub_errno;
a4d572
   for (i = 0; i < *nsectors; i++)
a4d572
diff --git a/grub-core/fs/hfs.c b/grub-core/fs/hfs.c
09e3cc
index fc3683178..3fd4eec20 100644
a4d572
--- a/grub-core/fs/hfs.c
a4d572
+++ b/grub-core/fs/hfs.c
a4d572
@@ -1360,7 +1360,7 @@ grub_hfs_label (grub_device_t device, char **label)
a4d572
       grub_size_t len = data->sblock.volname[0];
a4d572
       if (len > sizeof (data->sblock.volname) - 1)
a4d572
 	len = sizeof (data->sblock.volname) - 1;
a4d572
-      *label = grub_malloc (len * MAX_UTF8_PER_MAC_ROMAN + 1);
a4d572
+      *label = grub_calloc (MAX_UTF8_PER_MAC_ROMAN + 1, len);
a4d572
       if (*label)
a4d572
 	macroman_to_utf8 (*label, data->sblock.volname + 1,
a4d572
 			  len + 1, 0);
a4d572
diff --git a/grub-core/fs/hfsplus.c b/grub-core/fs/hfsplus.c
09e3cc
index 21159e858..f1cd72398 100644
a4d572
--- a/grub-core/fs/hfsplus.c
a4d572
+++ b/grub-core/fs/hfsplus.c
a4d572
@@ -661,6 +661,7 @@ list_nodes (void *record, void *hook_arg)
a4d572
   char *filename;
a4d572
   int i;
a4d572
   struct grub_fshelp_node *node;
a4d572
+  grub_uint16_t *keyname;
a4d572
   struct grub_hfsplus_catfile *fileinfo;
a4d572
   enum grub_fshelp_filetype type = GRUB_FSHELP_UNKNOWN;
a4d572
   struct list_nodes_ctx *ctx = hook_arg;
a4d572
@@ -719,32 +720,34 @@ list_nodes (void *record, void *hook_arg)
a4d572
   if (! filename)
a4d572
     return 0;
a4d572
 
a4d572
+  keyname = grub_calloc (grub_be_to_cpu16 (catkey->namelen), sizeof (*keyname));
a4d572
+  if (!keyname)
a4d572
+    {
a4d572
+      grub_free (filename);
a4d572
+      return 0;
a4d572
+    }
a4d572
+
a4d572
   /* Make sure the byte order of the UTF16 string is correct.  */
a4d572
   for (i = 0; i < grub_be_to_cpu16 (catkey->namelen); i++)
a4d572
     {
a4d572
-      catkey->name[i] = grub_be_to_cpu16 (catkey->name[i]);
a4d572
+      keyname[i] = grub_be_to_cpu16 (catkey->name[i]);
a4d572
 
a4d572
-      if (catkey->name[i] == '/')
a4d572
-	catkey->name[i] = ':';
a4d572
+      if (keyname[i] == '/')
a4d572
+	keyname[i] = ':';
a4d572
 
a4d572
       /* If the name is obviously invalid, skip this node.  */
a4d572
-      if (catkey->name[i] == 0)
a4d572
+      if (keyname[i] == 0)
a4d572
 	{
a4d572
 	  grub_free (filename);
a4d572
+	  grub_free (keyname);
a4d572
 	  return 0;
a4d572
 	}
a4d572
     }
a4d572
 
a4d572
-  *grub_utf16_to_utf8 ((grub_uint8_t *) filename, catkey->name,
a4d572
+  *grub_utf16_to_utf8 ((grub_uint8_t *) filename, keyname,
a4d572
 		       grub_be_to_cpu16 (catkey->namelen)) = '\0';
a4d572
 
a4d572
-  /* Restore the byte order to what it was previously.  */
a4d572
-  for (i = 0; i < grub_be_to_cpu16 (catkey->namelen); i++)
a4d572
-    {
a4d572
-      if (catkey->name[i] == ':')
a4d572
-	catkey->name[i] = '/';
a4d572
-      catkey->name[i] = grub_be_to_cpu16 (catkey->name[i]);
a4d572
-    }
a4d572
+  grub_free (keyname);
a4d572
 
a4d572
   /* hfs+ is case insensitive.  */
a4d572
   if (! ctx->dir->data->case_sensitive)
a4d572
@@ -975,6 +978,7 @@ grub_hfsplus_label (grub_device_t device, char **label)
a4d572
   grub_disk_t disk = device->disk;
a4d572
   struct grub_hfsplus_catkey *catkey;
a4d572
   int i, label_len;
a4d572
+  grub_uint16_t *label_name;
a4d572
   struct grub_hfsplus_key_internal intern;
a4d572
   struct grub_hfsplus_btnode *node = NULL;
a4d572
   grub_disk_addr_t ptr = 0;
a4d572
@@ -1003,22 +1007,31 @@ grub_hfsplus_label (grub_device_t device, char **label)
a4d572
     grub_hfsplus_btree_recptr (&data->catalog_tree, node, ptr);
a4d572
 
a4d572
   label_len = grub_be_to_cpu16 (catkey->namelen);
a4d572
+  label_name = grub_calloc (label_len, sizeof (*label_name));
a4d572
+  if (!label_name)
a4d572
+    {
a4d572
+      grub_free (node);
a4d572
+      grub_free (data);
a4d572
+      return grub_errno;
a4d572
+    }
a4d572
+
a4d572
   for (i = 0; i < label_len; i++)
a4d572
     {
a4d572
-      catkey->name[i] = grub_be_to_cpu16 (catkey->name[i]);
a4d572
+      label_name[i] = grub_be_to_cpu16 (catkey->name[i]);
a4d572
 
a4d572
       /* If the name is obviously invalid, skip this node.  */
a4d572
-      if (catkey->name[i] == 0)
a4d572
+      if (label_name[i] == 0)
a4d572
 	return 0;
a4d572
     }
a4d572
 
a4d572
-  *label = grub_malloc (label_len * GRUB_MAX_UTF8_PER_UTF16 + 1);
a4d572
+  *label = grub_calloc (label_len, GRUB_MAX_UTF8_PER_UTF16 + 1);
a4d572
   if (! *label)
a4d572
     return grub_errno;
a4d572
 
a4d572
-  *grub_utf16_to_utf8 ((grub_uint8_t *) (*label), catkey->name,
a4d572
+  *grub_utf16_to_utf8 ((grub_uint8_t *) (*label), label_name,
a4d572
 		       label_len) = '\0';
a4d572
 
a4d572
+  grub_free (label_name);
a4d572
   grub_free (node);
a4d572
   grub_free (data);
a4d572
 
a4d572
diff --git a/grub-core/fs/iso9660.c b/grub-core/fs/iso9660.c
09e3cc
index c9c8374bf..092b8f409 100644
a4d572
--- a/grub-core/fs/iso9660.c
a4d572
+++ b/grub-core/fs/iso9660.c
a4d572
@@ -331,7 +331,7 @@ grub_iso9660_convert_string (grub_uint8_t *us, int len)
a4d572
   int i;
a4d572
   grub_uint16_t t[MAX_NAMELEN / 2 + 1];
a4d572
 
a4d572
-  p = grub_malloc (len * GRUB_MAX_UTF8_PER_UTF16 + 1);
a4d572
+  p = grub_calloc (len, GRUB_MAX_UTF8_PER_UTF16 + 1);
a4d572
   if (! p)
a4d572
     return NULL;
a4d572
 
a4d572
diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c
09e3cc
index 6f8468862..9827f9bb8 100644
a4d572
--- a/grub-core/fs/ntfs.c
a4d572
+++ b/grub-core/fs/ntfs.c
a4d572
@@ -556,8 +556,8 @@ get_utf8 (grub_uint8_t *in, grub_size_t len)
a4d572
   grub_uint16_t *tmp;
a4d572
   grub_size_t i;
a4d572
 
a4d572
-  buf = grub_malloc (len * GRUB_MAX_UTF8_PER_UTF16 + 1);
a4d572
-  tmp = grub_malloc (len * sizeof (tmp[0]));
a4d572
+  buf = grub_calloc (len, GRUB_MAX_UTF8_PER_UTF16 + 1);
a4d572
+  tmp = grub_calloc (len, sizeof (tmp[0]));
a4d572
   if (!buf || !tmp)
a4d572
     {
a4d572
       grub_free (buf);
a4d572
diff --git a/grub-core/fs/sfs.c b/grub-core/fs/sfs.c
09e3cc
index 57b8d8da6..663931717 100644
a4d572
--- a/grub-core/fs/sfs.c
a4d572
+++ b/grub-core/fs/sfs.c
a4d572
@@ -266,7 +266,7 @@ grub_sfs_read_block (grub_fshelp_node_t node, grub_disk_addr_t fileblock)
a4d572
       node->next_extent = node->block;
a4d572
       node->cache_size = 0;
a4d572
 
a4d572
-      node->cache = grub_malloc (sizeof (node->cache[0]) * cache_size);
a4d572
+      node->cache = grub_calloc (cache_size, sizeof (node->cache[0]));
a4d572
       if (!node->cache)
a4d572
 	{
a4d572
 	  grub_errno = 0;
a4d572
diff --git a/grub-core/fs/tar.c b/grub-core/fs/tar.c
09e3cc
index 39bf197aa..4864451e1 100644
a4d572
--- a/grub-core/fs/tar.c
a4d572
+++ b/grub-core/fs/tar.c
a4d572
@@ -120,7 +120,7 @@ grub_cpio_find_file (struct grub_archelp_data *data, char **name,
a4d572
 	  if (data->linkname_alloc < linksize + 1)
a4d572
 	    {
a4d572
 	      char *n;
a4d572
-	      n = grub_malloc (2 * (linksize + 1));
a4d572
+	      n = grub_calloc (2, linksize + 1);
a4d572
 	      if (!n)
a4d572
 		return grub_errno;
a4d572
 	      grub_free (data->linkname);
a4d572
diff --git a/grub-core/fs/udf.c b/grub-core/fs/udf.c
09e3cc
index 00a16098b..44481da7c 100644
a4d572
--- a/grub-core/fs/udf.c
a4d572
+++ b/grub-core/fs/udf.c
a4d572
@@ -873,7 +873,7 @@ read_string (const grub_uint8_t *raw, grub_size_t sz, char *outbuf)
a4d572
     {
a4d572
       unsigned i;
a4d572
       utf16len = sz - 1;
a4d572
-      utf16 = grub_malloc (utf16len * sizeof (utf16[0]));
a4d572
+      utf16 = grub_calloc (utf16len, sizeof (utf16[0]));
a4d572
       if (!utf16)
a4d572
 	return NULL;
a4d572
       for (i = 0; i < utf16len; i++)
a4d572
@@ -883,7 +883,7 @@ read_string (const grub_uint8_t *raw, grub_size_t sz, char *outbuf)
a4d572
     {
a4d572
       unsigned i;
a4d572
       utf16len = (sz - 1) / 2;
a4d572
-      utf16 = grub_malloc (utf16len * sizeof (utf16[0]));
a4d572
+      utf16 = grub_calloc (utf16len, sizeof (utf16[0]));
a4d572
       if (!utf16)
a4d572
 	return NULL;
a4d572
       for (i = 0; i < utf16len; i++)
a4d572
diff --git a/grub-core/fs/zfs/zfs.c b/grub-core/fs/zfs/zfs.c
09e3cc
index 6e1fff9e9..f6b95d4fb 100644
a4d572
--- a/grub-core/fs/zfs/zfs.c
a4d572
+++ b/grub-core/fs/zfs/zfs.c
a4d572
@@ -3325,7 +3325,7 @@ dnode_get_fullpath (const char *fullpath, struct subvolume *subvol,
a4d572
 	}
a4d572
       subvol->nkeys = 0;
a4d572
       zap_iterate (&keychain_dn, 8, count_zap_keys, &ctx, data);
a4d572
-      subvol->keyring = grub_zalloc (subvol->nkeys * sizeof (subvol->keyring[0]));
a4d572
+      subvol->keyring = grub_calloc (subvol->nkeys, sizeof (subvol->keyring[0]));
a4d572
       if (!subvol->keyring)
a4d572
 	{
a4d572
 	  grub_free (fsname);
a4d572
@@ -4336,7 +4336,7 @@ grub_zfs_embed (grub_device_t device __attribute__ ((unused)),
a4d572
   *nsectors = (VDEV_BOOT_SIZE >> GRUB_DISK_SECTOR_BITS);
a4d572
   if (*nsectors > max_nsectors)
a4d572
     *nsectors = max_nsectors;
a4d572
-  *sectors = grub_malloc (*nsectors * sizeof (**sectors));
a4d572
+  *sectors = grub_calloc (*nsectors, sizeof (**sectors));
a4d572
   if (!*sectors)
a4d572
     return grub_errno;
a4d572
   for (i = 0; i < *nsectors; i++)
a4d572
diff --git a/grub-core/gfxmenu/gui_string_util.c b/grub-core/gfxmenu/gui_string_util.c
09e3cc
index a9a415e31..ba1e1eab3 100644
a4d572
--- a/grub-core/gfxmenu/gui_string_util.c
a4d572
+++ b/grub-core/gfxmenu/gui_string_util.c
a4d572
@@ -55,7 +55,7 @@ canonicalize_path (const char *path)
a4d572
     if (*p == '/')
a4d572
       components++;
a4d572
 
a4d572
-  char **path_array = grub_malloc (components * sizeof (*path_array));
a4d572
+  char **path_array = grub_calloc (components, sizeof (*path_array));
a4d572
   if (! path_array)
a4d572
     return 0;
a4d572
 
a4d572
diff --git a/grub-core/gfxmenu/widget-box.c b/grub-core/gfxmenu/widget-box.c
09e3cc
index b60602889..470597ded 100644
a4d572
--- a/grub-core/gfxmenu/widget-box.c
a4d572
+++ b/grub-core/gfxmenu/widget-box.c
a4d572
@@ -303,10 +303,10 @@ grub_gfxmenu_create_box (const char *pixmaps_prefix,
a4d572
   box->content_height = 0;
a4d572
   box->raw_pixmaps =
a4d572
     (struct grub_video_bitmap **)
a4d572
-    grub_malloc (BOX_NUM_PIXMAPS * sizeof (struct grub_video_bitmap *));
a4d572
+    grub_calloc (BOX_NUM_PIXMAPS, sizeof (struct grub_video_bitmap *));
a4d572
   box->scaled_pixmaps =
a4d572
     (struct grub_video_bitmap **)
a4d572
-    grub_malloc (BOX_NUM_PIXMAPS * sizeof (struct grub_video_bitmap *));
a4d572
+    grub_calloc (BOX_NUM_PIXMAPS, sizeof (struct grub_video_bitmap *));
a4d572
 
a4d572
   /* Initialize all pixmap pointers to NULL so that proper destruction can
a4d572
      be performed if an error is encountered partway through construction.  */
a4d572
diff --git a/grub-core/io/gzio.c b/grub-core/io/gzio.c
09e3cc
index 86ea8cfde..7024cda84 100644
a4d572
--- a/grub-core/io/gzio.c
a4d572
+++ b/grub-core/io/gzio.c
a4d572
@@ -554,7 +554,7 @@ huft_build (unsigned *b,	/* code lengths in bits (all assumed <= BMAX) */
a4d572
 	      z = 1 << j;	/* table entries for j-bit table */
a4d572
 
a4d572
 	      /* allocate and link in new table */
a4d572
-	      q = (struct huft *) grub_zalloc ((z + 1) * sizeof (struct huft));
a4d572
+	      q = (struct huft *) grub_calloc (z + 1, sizeof (struct huft));
a4d572
 	      if (! q)
a4d572
 		{
a4d572
 		  if (h)
a4d572
diff --git a/grub-core/kern/efi/efi.c b/grub-core/kern/efi/efi.c
09e3cc
index 4d36fe311..b1379b92f 100644
a4d572
--- a/grub-core/kern/efi/efi.c
a4d572
+++ b/grub-core/kern/efi/efi.c
a4d572
@@ -207,7 +207,7 @@ grub_efi_set_variable(const char *var, const grub_efi_guid_t *guid,
a4d572
 
a4d572
   len = grub_strlen (var);
a4d572
   len16 = len * GRUB_MAX_UTF16_PER_UTF8;
a4d572
-  var16 = grub_malloc ((len16 + 1) * sizeof (var16[0]));
a4d572
+  var16 = grub_calloc (len16 + 1, sizeof (var16[0]));
a4d572
   if (!var16)
a4d572
     return grub_errno;
a4d572
   len16 = grub_utf8_to_utf16 (var16, len16, (grub_uint8_t *) var, len, NULL);
a4d572
@@ -242,7 +242,7 @@ grub_efi_get_variable (const char *var, const grub_efi_guid_t *guid,
a4d572
 
a4d572
   len = grub_strlen (var);
a4d572
   len16 = len * GRUB_MAX_UTF16_PER_UTF8;
a4d572
-  var16 = grub_malloc ((len16 + 1) * sizeof (var16[0]));
a4d572
+  var16 = grub_calloc (len16 + 1, sizeof (var16[0]));
a4d572
   if (!var16)
a4d572
     return NULL;
a4d572
   len16 = grub_utf8_to_utf16 (var16, len16, (grub_uint8_t *) var, len, NULL);
a4d572
@@ -384,6 +384,7 @@ grub_efi_get_filename (grub_efi_device_path_t *dp0)
a4d572
 	{
a4d572
 	  grub_efi_file_path_device_path_t *fp;
a4d572
 	  grub_efi_uint16_t len;
a4d572
+	  grub_efi_char16_t *dup_name;
a4d572
 
a4d572
 	  *p++ = '/';
a4d572
 
a4d572
@@ -394,7 +395,16 @@ grub_efi_get_filename (grub_efi_device_path_t *dp0)
a4d572
 	  while (len > 0 && fp->path_name[len - 1] == 0)
a4d572
 	    len--;
a4d572
 
a4d572
-	  p = (char *) grub_utf16_to_utf8 ((unsigned char *) p, fp->path_name, len);
a4d572
+	  dup_name = grub_calloc (len, sizeof (*dup_name));
a4d572
+	  if (!dup_name)
a4d572
+	    {
a4d572
+	      grub_free (name);
a4d572
+	      return NULL;
a4d572
+	    }
a4d572
+	  p = (char *) grub_utf16_to_utf8 ((unsigned char *) p,
a4d572
+					    grub_memcpy (dup_name, fp->path_name, len * sizeof (*dup_name)),
a4d572
+					    len);
a4d572
+	  grub_free (dup_name);
a4d572
 	}
a4d572
 
a4d572
       dp = GRUB_EFI_NEXT_DEVICE_PATH (dp);
a4d572
@@ -884,9 +894,20 @@ grub_efi_print_device_path (grub_efi_device_path_t *dp)
a4d572
 		fp = (grub_efi_file_path_device_path_t *) dp;
a4d572
 		buf = grub_malloc ((len - 4) * 2 + 1);
a4d572
 		if (buf)
a4d572
-		  *grub_utf16_to_utf8 (buf, fp->path_name,
a4d572
-				       (len - 4) / sizeof (grub_efi_char16_t))
a4d572
-		    = '\0';
a4d572
+		  {
a4d572
+		    grub_efi_char16_t *dup_name = grub_malloc (len - 4);
a4d572
+		    if (!dup_name)
a4d572
+		      {
a4d572
+			grub_errno = GRUB_ERR_NONE;
a4d572
+			grub_printf ("/File((null))");
a4d572
+			grub_free (buf);
a4d572
+			break;
a4d572
+		      }
a4d572
+		    *grub_utf16_to_utf8 (buf, grub_memcpy (dup_name, fp->path_name, len - 4),
a4d572
+					 (len - 4) / sizeof (grub_efi_char16_t))
a4d572
+		      = '\0';
a4d572
+		    grub_free (dup_name);
a4d572
+		  }
a4d572
 		else
a4d572
 		  grub_errno = GRUB_ERR_NONE;
a4d572
 		grub_printf ("/File(%s)", buf);
a4d572
diff --git a/grub-core/kern/emu/hostdisk.c b/grub-core/kern/emu/hostdisk.c
09e3cc
index 87e3e2512..f57bd334c 100644
a4d572
--- a/grub-core/kern/emu/hostdisk.c
a4d572
+++ b/grub-core/kern/emu/hostdisk.c
a4d572
@@ -615,7 +615,7 @@ static char *
a4d572
 grub_util_path_concat_real (size_t n, int ext, va_list ap)
a4d572
 {
a4d572
   size_t totlen = 0;
a4d572
-  char **l = xmalloc ((n + ext) * sizeof (l[0]));
a4d572
+  char **l = xcalloc (n + ext, sizeof (l[0]));
a4d572
   char *r, *p, *pi;
a4d572
   size_t i;
a4d572
   int first = 1;
a4d572
diff --git a/grub-core/kern/fs.c b/grub-core/kern/fs.c
09e3cc
index 1bd748be8..730d21770 100644
a4d572
--- a/grub-core/kern/fs.c
a4d572
+++ b/grub-core/kern/fs.c
a4d572
@@ -151,7 +151,7 @@ grub_fs_blocklist_open (grub_file_t file, const char *name)
a4d572
   while (p);
a4d572
 
a4d572
   /* Allocate a block list.  */
a4d572
-  blocks = grub_zalloc (sizeof (struct grub_fs_block) * (num + 1));
a4d572
+  blocks = grub_calloc (num + 1, sizeof (struct grub_fs_block));
a4d572
   if (! blocks)
a4d572
     return 0;
a4d572
 
a4d572
diff --git a/grub-core/kern/misc.c b/grub-core/kern/misc.c
09e3cc
index aaae9aa0a..c034f49f9 100644
a4d572
--- a/grub-core/kern/misc.c
a4d572
+++ b/grub-core/kern/misc.c
a4d572
@@ -737,7 +737,7 @@ parse_printf_args (const char *fmt0, struct printf_args *args,
a4d572
     args->ptr = args->prealloc;
a4d572
   else
a4d572
     {
a4d572
-      args->ptr = grub_malloc (args->count * sizeof (args->ptr[0]));
a4d572
+      args->ptr = grub_calloc (args->count, sizeof (args->ptr[0]));
a4d572
       if (!args->ptr)
a4d572
 	{
a4d572
 	  grub_errno = GRUB_ERR_NONE;
a4d572
diff --git a/grub-core/kern/parser.c b/grub-core/kern/parser.c
09e3cc
index 78175aac2..619db3122 100644
a4d572
--- a/grub-core/kern/parser.c
a4d572
+++ b/grub-core/kern/parser.c
a4d572
@@ -213,7 +213,7 @@ grub_parser_split_cmdline (const char *cmdline,
a4d572
     return grub_errno;
a4d572
   grub_memcpy (args, buffer, bp - buffer);
a4d572
 
a4d572
-  *argv = grub_malloc (sizeof (char *) * (*argc + 1));
a4d572
+  *argv = grub_calloc (*argc + 1, sizeof (char *));
a4d572
   if (!*argv)
a4d572
     {
a4d572
       grub_free (args);
a4d572
diff --git a/grub-core/kern/uboot/uboot.c b/grub-core/kern/uboot/uboot.c
09e3cc
index cf0168e62..efa10f284 100644
a4d572
--- a/grub-core/kern/uboot/uboot.c
a4d572
+++ b/grub-core/kern/uboot/uboot.c
a4d572
@@ -133,7 +133,7 @@ grub_uboot_dev_enum (void)
a4d572
     return num_devices;
a4d572
 
a4d572
   max_devices = 2;
a4d572
-  enum_devices = grub_malloc (sizeof(struct device_info) * max_devices);
a4d572
+  enum_devices = grub_calloc (max_devices, sizeof(struct device_info));
a4d572
   if (!enum_devices)
a4d572
     return 0;
a4d572
 
a4d572
diff --git a/grub-core/lib/libgcrypt/cipher/ac.c b/grub-core/lib/libgcrypt/cipher/ac.c
09e3cc
index f5e946a2d..63f6fcd11 100644
a4d572
--- a/grub-core/lib/libgcrypt/cipher/ac.c
a4d572
+++ b/grub-core/lib/libgcrypt/cipher/ac.c
a4d572
@@ -185,7 +185,7 @@ ac_data_mpi_copy (gcry_ac_mpi_t *data_mpis, unsigned int data_mpis_n,
a4d572
   gcry_mpi_t mpi;
a4d572
   char *label;
a4d572
 
a4d572
-  data_mpis_new = gcry_malloc (sizeof (*data_mpis_new) * data_mpis_n);
a4d572
+  data_mpis_new = gcry_calloc (data_mpis_n, sizeof (*data_mpis_new));
a4d572
   if (! data_mpis_new)
a4d572
     {
a4d572
       err = gcry_error_from_errno (errno);
a4d572
@@ -572,7 +572,7 @@ _gcry_ac_data_to_sexp (gcry_ac_data_t data, gcry_sexp_t *sexp,
a4d572
     }
a4d572
 
a4d572
   /* Add MPI list.  */
a4d572
-  arg_list = gcry_malloc (sizeof (*arg_list) * (data_n + 1));
a4d572
+  arg_list = gcry_calloc (data_n + 1, sizeof (*arg_list));
a4d572
   if (! arg_list)
a4d572
     {
a4d572
       err = gcry_error_from_errno (errno);
a4d572
@@ -1283,7 +1283,7 @@ ac_data_construct (const char *identifier, int include_flags,
a4d572
   /* We build a list of arguments to pass to
a4d572
      gcry_sexp_build_array().  */
a4d572
   data_length = _gcry_ac_data_length (data);
a4d572
-  arg_list = gcry_malloc (sizeof (*arg_list) * (data_length * 2));
a4d572
+  arg_list = gcry_calloc (data_length, sizeof (*arg_list) * 2);
a4d572
   if (! arg_list)
a4d572
     {
a4d572
       err = gcry_error_from_errno (errno);
a4d572
@@ -1593,7 +1593,7 @@ _gcry_ac_key_pair_generate (gcry_ac_handle_t handle, unsigned int nbits,
a4d572
 	arg_list_n += 2;
a4d572
 
a4d572
   /* Allocate list.  */
a4d572
-  arg_list = gcry_malloc (sizeof (*arg_list) * arg_list_n);
a4d572
+  arg_list = gcry_calloc (arg_list_n, sizeof (*arg_list));
a4d572
   if (! arg_list)
a4d572
     {
a4d572
       err = gcry_error_from_errno (errno);
a4d572
diff --git a/grub-core/lib/libgcrypt/cipher/primegen.c b/grub-core/lib/libgcrypt/cipher/primegen.c
09e3cc
index 2788e349f..b12e79b19 100644
a4d572
--- a/grub-core/lib/libgcrypt/cipher/primegen.c
a4d572
+++ b/grub-core/lib/libgcrypt/cipher/primegen.c
a4d572
@@ -383,7 +383,7 @@ prime_generate_internal (int need_q_factor,
a4d572
     }
a4d572
 
a4d572
   /* Allocate an array to track pool usage. */
a4d572
-  pool_in_use = gcry_malloc (n * sizeof *pool_in_use);
a4d572
+  pool_in_use = gcry_calloc (n, sizeof *pool_in_use);
a4d572
   if (!pool_in_use)
a4d572
     {
a4d572
       err = gpg_err_code_from_errno (errno);
a4d572
@@ -765,7 +765,7 @@ gen_prime (unsigned int nbits, int secret, int randomlevel,
a4d572
   if (nbits < 16)
a4d572
     log_fatal ("can't generate a prime with less than %d bits\n", 16);
a4d572
 
a4d572
-  mods = gcry_xmalloc( no_of_small_prime_numbers * sizeof *mods );
a4d572
+  mods = gcry_xcalloc( no_of_small_prime_numbers, sizeof *mods);
a4d572
   /* Make nbits fit into gcry_mpi_t implementation. */
a4d572
   val_2  = mpi_alloc_set_ui( 2 );
a4d572
   val_3 = mpi_alloc_set_ui( 3);
a4d572
diff --git a/grub-core/lib/libgcrypt/cipher/pubkey.c b/grub-core/lib/libgcrypt/cipher/pubkey.c
09e3cc
index 910982141..ca087ad75 100644
a4d572
--- a/grub-core/lib/libgcrypt/cipher/pubkey.c
a4d572
+++ b/grub-core/lib/libgcrypt/cipher/pubkey.c
a4d572
@@ -2941,7 +2941,7 @@ gcry_pk_encrypt (gcry_sexp_t *r_ciph, gcry_sexp_t s_data, gcry_sexp_t s_pkey)
a4d572
        * array to a format string, so we have to do it this way :-(.  */
a4d572
       /* FIXME: There is now such a format specifier, so we can
a4d572
          change the code to be more clear. */
a4d572
-      arg_list = malloc (nelem * sizeof *arg_list);
a4d572
+      arg_list = calloc (nelem, sizeof *arg_list);
a4d572
       if (!arg_list)
a4d572
         {
a4d572
           rc = gpg_err_code_from_syserror ();
a4d572
@@ -3233,7 +3233,7 @@ gcry_pk_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_hash, gcry_sexp_t s_skey)
a4d572
         }
a4d572
       strcpy (p, "))");
a4d572
 
a4d572
-      arg_list = malloc (nelem * sizeof *arg_list);
a4d572
+      arg_list = calloc (nelem, sizeof *arg_list);
a4d572
       if (!arg_list)
a4d572
         {
a4d572
           rc = gpg_err_code_from_syserror ();
a4d572
diff --git a/grub-core/lib/priority_queue.c b/grub-core/lib/priority_queue.c
09e3cc
index 659be0b7f..7d5e7c05a 100644
a4d572
--- a/grub-core/lib/priority_queue.c
a4d572
+++ b/grub-core/lib/priority_queue.c
a4d572
@@ -92,7 +92,7 @@ grub_priority_queue_new (grub_size_t elsize,
a4d572
 {
a4d572
   struct grub_priority_queue *ret;
a4d572
   void *els;
a4d572
-  els = grub_malloc (elsize * 8);
a4d572
+  els = grub_calloc (8, elsize);
a4d572
   if (!els)
a4d572
     return 0;
a4d572
   ret = (struct grub_priority_queue *) grub_malloc (sizeof (*ret));
a4d572
diff --git a/grub-core/lib/reed_solomon.c b/grub-core/lib/reed_solomon.c
09e3cc
index ee9fa7b4f..467305b46 100644
a4d572
--- a/grub-core/lib/reed_solomon.c
a4d572
+++ b/grub-core/lib/reed_solomon.c
a4d572
@@ -20,6 +20,7 @@
a4d572
 #include <stdio.h>
a4d572
 #include <string.h>
a4d572
 #include <stdlib.h>
a4d572
+#define xcalloc calloc
a4d572
 #define xmalloc malloc
a4d572
 #define grub_memset memset
a4d572
 #define grub_memcpy memcpy
a4d572
@@ -158,11 +159,9 @@ rs_encode (gf_single_t *data, grub_size_t s, grub_size_t rs)
a4d572
   gf_single_t *rs_polynomial;
a4d572
   int i, j;
a4d572
   gf_single_t *m;
a4d572
-  m = xmalloc ((s + rs) * sizeof (gf_single_t));
a4d572
+  m = xcalloc (s + rs, sizeof (gf_single_t));
a4d572
   grub_memcpy (m, data, s * sizeof (gf_single_t));
a4d572
-  grub_memset (m + s, 0, rs * sizeof (gf_single_t));
a4d572
-  rs_polynomial = xmalloc ((rs + 1) * sizeof (gf_single_t));
a4d572
-  grub_memset (rs_polynomial, 0, (rs + 1) * sizeof (gf_single_t));
a4d572
+  rs_polynomial = xcalloc (rs + 1, sizeof (gf_single_t));
a4d572
   rs_polynomial[rs] = 1;
a4d572
   /* Multiply with X - a^r */
a4d572
   for (j = 0; j < rs; j++)
a4d572
diff --git a/grub-core/lib/relocator.c b/grub-core/lib/relocator.c
09e3cc
index ea3ebc719..5847aac36 100644
a4d572
--- a/grub-core/lib/relocator.c
a4d572
+++ b/grub-core/lib/relocator.c
a4d572
@@ -495,9 +495,9 @@ malloc_in_range (struct grub_relocator *rel,
a4d572
   }
a4d572
 #endif
a4d572
 
a4d572
-  eventt = grub_malloc (maxevents * sizeof (events[0]));
a4d572
+  eventt = grub_calloc (maxevents, sizeof (events[0]));
a4d572
   counter = grub_malloc ((DIGITSORT_MASK + 2) * sizeof (counter[0]));
a4d572
-  events = grub_malloc (maxevents * sizeof (events[0]));
a4d572
+  events = grub_calloc (maxevents, sizeof (events[0]));
a4d572
   if (!events || !eventt || !counter)
a4d572
     {
a4d572
       grub_dprintf ("relocator", "events or counter allocation failed %d\n",
a4d572
@@ -963,7 +963,7 @@ malloc_in_range (struct grub_relocator *rel,
a4d572
 #endif
a4d572
     unsigned cural = 0;
a4d572
     int oom = 0;
a4d572
-    res->subchunks = grub_malloc (sizeof (res->subchunks[0]) * nallocs);
a4d572
+    res->subchunks = grub_calloc (nallocs, sizeof (res->subchunks[0]));
a4d572
     if (!res->subchunks)
a4d572
       oom = 1;
a4d572
     res->nsubchunks = nallocs;
a4d572
@@ -1562,8 +1562,8 @@ grub_relocator_prepare_relocs (struct grub_relocator *rel, grub_addr_t addr,
a4d572
 	    count[(chunk->src & 0xff) + 1]++;
a4d572
 	  }
a4d572
     }
a4d572
-    from = grub_malloc (nchunks * sizeof (sorted[0]));
a4d572
-    to = grub_malloc (nchunks * sizeof (sorted[0]));
a4d572
+    from = grub_calloc (nchunks, sizeof (sorted[0]));
a4d572
+    to = grub_calloc (nchunks, sizeof (sorted[0]));
a4d572
     if (!from || !to)
a4d572
       {
a4d572
 	grub_free (from);
a4d572
diff --git a/grub-core/loader/arm/linux.c b/grub-core/loader/arm/linux.c
09e3cc
index b4f609d2d..ea29d7a72 100644
a4d572
--- a/grub-core/loader/arm/linux.c
a4d572
+++ b/grub-core/loader/arm/linux.c
a4d572
@@ -77,7 +77,7 @@ linux_prepare_atag (void *target_atag)
a4d572
 
a4d572
   /* some place for cmdline, initrd and terminator.  */
a4d572
   tmp_size = get_atag_size (atag_orig) + 20 + (arg_size) / 4;
a4d572
-  tmp_atag = grub_malloc (tmp_size * sizeof (grub_uint32_t));
a4d572
+  tmp_atag = grub_calloc (tmp_size, sizeof (grub_uint32_t));
a4d572
   if (!tmp_atag)
a4d572
     return grub_errno;
a4d572
 
a4d572
diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c
09e3cc
index 3630b0cbf..2da119ad5 100644
a4d572
--- a/grub-core/loader/efi/chainloader.c
a4d572
+++ b/grub-core/loader/efi/chainloader.c
a4d572
@@ -119,18 +119,23 @@ static void
a4d572
 copy_file_path (grub_efi_file_path_device_path_t *fp,
a4d572
 		const char *str, grub_efi_uint16_t len)
a4d572
 {
a4d572
-  grub_efi_char16_t *p;
a4d572
+  grub_efi_char16_t *p, *path_name;
a4d572
   grub_efi_uint16_t size;
a4d572
 
a4d572
   fp->header.type = GRUB_EFI_MEDIA_DEVICE_PATH_TYPE;
a4d572
   fp->header.subtype = GRUB_EFI_FILE_PATH_DEVICE_PATH_SUBTYPE;
a4d572
 
a4d572
-  size = grub_utf8_to_utf16 (fp->path_name, len * GRUB_MAX_UTF16_PER_UTF8,
a4d572
+  path_name = grub_calloc (len, GRUB_MAX_UTF16_PER_UTF8 * sizeof (*path_name));
a4d572
+  if (!path_name)
a4d572
+    return;
a4d572
+
a4d572
+  size = grub_utf8_to_utf16 (path_name, len * GRUB_MAX_UTF16_PER_UTF8,
a4d572
 			     (const grub_uint8_t *) str, len, 0);
a4d572
-  for (p = fp->path_name; p < fp->path_name + size; p++)
a4d572
+  for (p = path_name; p < path_name + size; p++)
a4d572
     if (*p == '/')
a4d572
       *p = '\\';
a4d572
 
a4d572
+  grub_memcpy (fp->path_name, path_name, size * sizeof (*fp->path_name));
a4d572
   /* File Path is NULL terminated */
a4d572
   fp->path_name[size++] = '\0';
a4d572
   fp->header.length = size * sizeof (grub_efi_char16_t) + sizeof (*fp);
a4d572
diff --git a/grub-core/loader/i386/bsdXX.c b/grub-core/loader/i386/bsdXX.c
09e3cc
index af6741d15..a8d8bf7da 100644
a4d572
--- a/grub-core/loader/i386/bsdXX.c
a4d572
+++ b/grub-core/loader/i386/bsdXX.c
a4d572
@@ -48,7 +48,7 @@ read_headers (grub_file_t file, const char *filename, Elf_Ehdr *e, char **shdr)
a4d572
   if (e->e_ident[EI_CLASS] != SUFFIX (ELFCLASS))
a4d572
     return grub_error (GRUB_ERR_BAD_OS, N_("invalid arch-dependent ELF magic"));
a4d572
 
a4d572
-  *shdr = grub_malloc ((grub_uint32_t) e->e_shnum * e->e_shentsize);
a4d572
+  *shdr = grub_calloc (e->e_shnum, e->e_shentsize);
a4d572
   if (! *shdr)
a4d572
     return grub_errno;
a4d572
 
a4d572
diff --git a/grub-core/loader/i386/xnu.c b/grub-core/loader/i386/xnu.c
09e3cc
index 59ef73a73..ee0eaadc4 100644
a4d572
--- a/grub-core/loader/i386/xnu.c
a4d572
+++ b/grub-core/loader/i386/xnu.c
a4d572
@@ -295,7 +295,7 @@ grub_xnu_devprop_add_property_utf8 (struct grub_xnu_devprop_device_descriptor *d
a4d572
     return grub_errno;
a4d572
 
a4d572
   len = grub_strlen (name);
a4d572
-  utf16 = grub_malloc (sizeof (grub_uint16_t) * len);
a4d572
+  utf16 = grub_calloc (len, sizeof (grub_uint16_t));
a4d572
   if (!utf16)
a4d572
     {
a4d572
       grub_free (utf8);
a4d572
@@ -331,7 +331,7 @@ grub_xnu_devprop_add_property_utf16 (struct grub_xnu_devprop_device_descriptor *
a4d572
   grub_uint16_t *utf16;
a4d572
   grub_err_t err;
a4d572
 
a4d572
-  utf16 = grub_malloc (sizeof (grub_uint16_t) * namelen);
a4d572
+  utf16 = grub_calloc (namelen, sizeof (grub_uint16_t));
a4d572
   if (!utf16)
a4d572
     return grub_errno;
a4d572
   grub_memcpy (utf16, name, sizeof (grub_uint16_t) * namelen);
a4d572
diff --git a/grub-core/loader/macho.c b/grub-core/loader/macho.c
09e3cc
index 59b195e27..f61341af5 100644
a4d572
--- a/grub-core/loader/macho.c
a4d572
+++ b/grub-core/loader/macho.c
a4d572
@@ -97,7 +97,7 @@ grub_macho_file (grub_file_t file, const char *filename, int is_64bit)
a4d572
       if (grub_file_seek (macho->file, sizeof (struct grub_macho_fat_header))
a4d572
 	  == (grub_off_t) -1)
a4d572
 	goto fail;
a4d572
-      archs = grub_malloc (sizeof (struct grub_macho_fat_arch) * narchs);
a4d572
+      archs = grub_calloc (narchs, sizeof (struct grub_macho_fat_arch));
a4d572
       if (!archs)
a4d572
 	goto fail;
a4d572
       if (grub_file_read (macho->file, archs,
a4d572
diff --git a/grub-core/loader/multiboot_elfxx.c b/grub-core/loader/multiboot_elfxx.c
09e3cc
index 70cd1db51..cc6853692 100644
a4d572
--- a/grub-core/loader/multiboot_elfxx.c
a4d572
+++ b/grub-core/loader/multiboot_elfxx.c
a4d572
@@ -217,7 +217,7 @@ CONCAT(grub_multiboot_load_elf, XX) (mbi_load_data_t *mld)
a4d572
     {
a4d572
       grub_uint8_t *shdr, *shdrptr;
a4d572
 
a4d572
-      shdr = grub_malloc ((grub_uint32_t) ehdr->e_shnum * ehdr->e_shentsize);
a4d572
+      shdr = grub_calloc (ehdr->e_shnum, ehdr->e_shentsize);
a4d572
       if (!shdr)
a4d572
 	return grub_errno;
a4d572
       
a4d572
diff --git a/grub-core/loader/xnu.c b/grub-core/loader/xnu.c
09e3cc
index df8dfdb4b..dc7d5409e 100644
a4d572
--- a/grub-core/loader/xnu.c
a4d572
+++ b/grub-core/loader/xnu.c
a4d572
@@ -792,7 +792,7 @@ grub_cmd_xnu_mkext (grub_command_t cmd __attribute__ ((unused)),
a4d572
   if (grub_be_to_cpu32 (head.magic) == GRUB_MACHO_FAT_MAGIC)
a4d572
     {
a4d572
       narchs = grub_be_to_cpu32 (head.nfat_arch);
a4d572
-      archs = grub_malloc (sizeof (struct grub_macho_fat_arch) * narchs);
a4d572
+      archs = grub_calloc (narchs, sizeof (struct grub_macho_fat_arch));
a4d572
       if (! archs)
a4d572
 	{
a4d572
 	  grub_file_close (file);
a4d572
diff --git a/grub-core/mmap/mmap.c b/grub-core/mmap/mmap.c
09e3cc
index 6a31cbae3..57b4e9a72 100644
a4d572
--- a/grub-core/mmap/mmap.c
a4d572
+++ b/grub-core/mmap/mmap.c
a4d572
@@ -143,9 +143,9 @@ grub_mmap_iterate (grub_memory_hook_t hook, void *hook_data)
a4d572
 
a4d572
   /* Initialize variables. */
a4d572
   ctx.scanline_events = (struct grub_mmap_scan *)
a4d572
-    grub_malloc (sizeof (struct grub_mmap_scan) * 2 * mmap_num);
a4d572
+    grub_calloc (mmap_num, sizeof (struct grub_mmap_scan) * 2);
a4d572
 
a4d572
-  present = grub_zalloc (sizeof (present[0]) * current_priority);
a4d572
+  present = grub_calloc (current_priority, sizeof (present[0]));
a4d572
 
a4d572
   if (! ctx.scanline_events || !present)
a4d572
     {
a4d572
diff --git a/grub-core/net/bootp.c b/grub-core/net/bootp.c
09e3cc
index 8b6fc9f24..adf36fa4a 100644
a4d572
--- a/grub-core/net/bootp.c
a4d572
+++ b/grub-core/net/bootp.c
a4d572
@@ -1326,7 +1326,7 @@ grub_cmd_bootp (struct grub_command *cmd __attribute__ ((unused)),
a4d572
   if (ncards == 0)
a4d572
     return grub_error (GRUB_ERR_NET_NO_CARD, N_("no network card found"));
a4d572
 
a4d572
-  ifaces = grub_zalloc (ncards * sizeof (ifaces[0]));
a4d572
+  ifaces = grub_calloc (ncards, sizeof (ifaces[0]));
a4d572
   if (!ifaces)
a4d572
     return grub_errno;
a4d572
 
a4d572
diff --git a/grub-core/net/dns.c b/grub-core/net/dns.c
09e3cc
index 5d9afe093..e332d5eb4 100644
a4d572
--- a/grub-core/net/dns.c
a4d572
+++ b/grub-core/net/dns.c
a4d572
@@ -285,8 +285,8 @@ recv_hook (grub_net_udp_socket_t sock __attribute__ ((unused)),
a4d572
       ptr++;
a4d572
       ptr += 4;
a4d572
     }
a4d572
-  *data->addresses = grub_malloc (sizeof ((*data->addresses)[0])
a4d572
-				 * grub_be_to_cpu16 (head->ancount));
a4d572
+  *data->addresses = grub_calloc (grub_be_to_cpu16 (head->ancount),
a4d572
+				  sizeof ((*data->addresses)[0]));
a4d572
   if (!*data->addresses)
a4d572
     {
a4d572
       grub_errno = GRUB_ERR_NONE;
a4d572
@@ -406,8 +406,8 @@ recv_hook (grub_net_udp_socket_t sock __attribute__ ((unused)),
a4d572
       dns_cache[h].addresses = 0;
a4d572
       dns_cache[h].name = grub_strdup (data->oname);
a4d572
       dns_cache[h].naddresses = *data->naddresses;
a4d572
-      dns_cache[h].addresses = grub_malloc (*data->naddresses
a4d572
-					    * sizeof (dns_cache[h].addresses[0]));
a4d572
+      dns_cache[h].addresses = grub_calloc (*data->naddresses,
a4d572
+					    sizeof (dns_cache[h].addresses[0]));
a4d572
       dns_cache[h].limit_time = grub_get_time_ms () + 1000 * ttl_all;
a4d572
       if (!dns_cache[h].addresses || !dns_cache[h].name)
a4d572
 	{
a4d572
@@ -479,7 +479,7 @@ grub_net_dns_lookup (const char *name,
a4d572
 	}
a4d572
     }
a4d572
 
a4d572
-  sockets = grub_malloc (sizeof (sockets[0]) * n_servers);
a4d572
+  sockets = grub_calloc (n_servers, sizeof (sockets[0]));
a4d572
   if (!sockets)
a4d572
     return grub_errno;
a4d572
 
a4d572
diff --git a/grub-core/net/net.c b/grub-core/net/net.c
09e3cc
index 19ff2d486..0e72bbb9b 100644
a4d572
--- a/grub-core/net/net.c
a4d572
+++ b/grub-core/net/net.c
a4d572
@@ -338,8 +338,8 @@ grub_cmd_ipv6_autoconf (struct grub_command *cmd __attribute__ ((unused)),
a4d572
     ncards++;
a4d572
   }
a4d572
 
a4d572
-  ifaces = grub_zalloc (ncards * sizeof (ifaces[0]));
a4d572
-  slaacs = grub_zalloc (ncards * sizeof (slaacs[0]));
a4d572
+  ifaces = grub_calloc (ncards, sizeof (ifaces[0]));
a4d572
+  slaacs = grub_calloc (ncards, sizeof (slaacs[0]));
a4d572
   if (!ifaces || !slaacs)
a4d572
     {
a4d572
       grub_free (ifaces);
a4d572
diff --git a/grub-core/normal/charset.c b/grub-core/normal/charset.c
09e3cc
index b0ab47d73..d57fb72fa 100644
a4d572
--- a/grub-core/normal/charset.c
a4d572
+++ b/grub-core/normal/charset.c
a4d572
@@ -203,7 +203,7 @@ grub_utf8_to_ucs4_alloc (const char *msg, grub_uint32_t **unicode_msg,
a4d572
 {
a4d572
   grub_size_t msg_len = grub_strlen (msg);
a4d572
 
a4d572
-  *unicode_msg = grub_malloc (msg_len * sizeof (grub_uint32_t));
a4d572
+  *unicode_msg = grub_calloc (msg_len, sizeof (grub_uint32_t));
a4d572
  
a4d572
   if (!*unicode_msg)
a4d572
     return -1;
a4d572
@@ -488,7 +488,7 @@ grub_unicode_aglomerate_comb (const grub_uint32_t *in, grub_size_t inlen,
a4d572
 	    }
a4d572
 	  else
a4d572
 	    {
a4d572
-	      n = grub_malloc (sizeof (n[0]) * (out->ncomb + 1));
a4d572
+	      n = grub_calloc (out->ncomb + 1, sizeof (n[0]));
a4d572
 	      if (!n)
a4d572
 		{
a4d572
 		  grub_errno = GRUB_ERR_NONE;
a4d572
@@ -842,7 +842,7 @@ grub_bidi_line_logical_to_visual (const grub_uint32_t *logical,
a4d572
       }							\
a4d572
   }
a4d572
 
a4d572
-  visual = grub_malloc (sizeof (visual[0]) * logical_len);
a4d572
+  visual = grub_calloc (logical_len, sizeof (visual[0]));
a4d572
   if (!visual)
a4d572
     return -1;
a4d572
 
a4d572
@@ -1165,8 +1165,8 @@ grub_bidi_logical_to_visual (const grub_uint32_t *logical,
a4d572
 {
a4d572
   const grub_uint32_t *line_start = logical, *ptr;
a4d572
   struct grub_unicode_glyph *visual_ptr;
a4d572
-  *visual_out = visual_ptr = grub_malloc (3 * sizeof (visual_ptr[0])
a4d572
-					  * (logical_len + 2));
a4d572
+  *visual_out = visual_ptr = grub_calloc (logical_len + 2,
a4d572
+					  3 * sizeof (visual_ptr[0]));
a4d572
   if (!visual_ptr)
a4d572
     return -1;
a4d572
   for (ptr = logical; ptr <= logical + logical_len; ptr++)
a4d572
diff --git a/grub-core/normal/cmdline.c b/grub-core/normal/cmdline.c
09e3cc
index c037d5050..c57242e2e 100644
a4d572
--- a/grub-core/normal/cmdline.c
a4d572
+++ b/grub-core/normal/cmdline.c
a4d572
@@ -41,7 +41,7 @@ grub_err_t
a4d572
 grub_set_history (int newsize)
a4d572
 {
a4d572
   grub_uint32_t **old_hist_lines = hist_lines;
a4d572
-  hist_lines = grub_malloc (sizeof (grub_uint32_t *) * newsize);
a4d572
+  hist_lines = grub_calloc (newsize, sizeof (grub_uint32_t *));
a4d572
 
a4d572
   /* Copy the old lines into the new buffer.  */
a4d572
   if (old_hist_lines)
a4d572
@@ -114,7 +114,7 @@ static void
a4d572
 grub_history_set (int pos, grub_uint32_t *s, grub_size_t len)
a4d572
 {
a4d572
   grub_free (hist_lines[pos]);
a4d572
-  hist_lines[pos] = grub_malloc ((len + 1) * sizeof (grub_uint32_t));
a4d572
+  hist_lines[pos] = grub_calloc (len + 1, sizeof (grub_uint32_t));
a4d572
   if (!hist_lines[pos])
a4d572
     {
a4d572
       grub_print_error ();
a4d572
@@ -349,7 +349,7 @@ grub_cmdline_get (const char *prompt_translated)
a4d572
   char *ret;
a4d572
   unsigned nterms;
a4d572
 
a4d572
-  buf = grub_malloc (max_len * sizeof (grub_uint32_t));
a4d572
+  buf = grub_calloc (max_len, sizeof (grub_uint32_t));
a4d572
   if (!buf)
a4d572
     return 0;
a4d572
 
a4d572
@@ -377,7 +377,7 @@ grub_cmdline_get (const char *prompt_translated)
a4d572
     FOR_ACTIVE_TERM_OUTPUTS(cur)
a4d572
       nterms++;
a4d572
 
a4d572
-    cl_terms = grub_malloc (sizeof (cl_terms[0]) * nterms);
a4d572
+    cl_terms = grub_calloc (nterms, sizeof (cl_terms[0]));
a4d572
     if (!cl_terms)
a4d572
       {
a4d572
 	grub_free (buf);
a4d572
@@ -385,7 +385,7 @@ grub_cmdline_get (const char *prompt_translated)
a4d572
       }
a4d572
     cl_term_cur = cl_terms;
a4d572
 
a4d572
-    unicode_msg = grub_malloc (msg_len * sizeof (grub_uint32_t));
a4d572
+    unicode_msg = grub_calloc (msg_len, sizeof (grub_uint32_t));
a4d572
     if (!unicode_msg)
a4d572
       {
a4d572
 	grub_free (buf);
a4d572
@@ -495,7 +495,7 @@ grub_cmdline_get (const char *prompt_translated)
a4d572
 		grub_uint32_t *insert;
a4d572
 
a4d572
 		insertlen = grub_strlen (insertu8);
a4d572
-		insert = grub_malloc ((insertlen + 1) * sizeof (grub_uint32_t));
a4d572
+		insert = grub_calloc (insertlen + 1, sizeof (grub_uint32_t));
a4d572
 		if (!insert)
a4d572
 		  {
a4d572
 		    grub_free (insertu8);
a4d572
@@ -602,7 +602,7 @@ grub_cmdline_get (const char *prompt_translated)
a4d572
 
a4d572
 	      grub_free (kill_buf);
a4d572
 
a4d572
-	      kill_buf = grub_malloc ((n + 1) * sizeof(grub_uint32_t));
a4d572
+	      kill_buf = grub_calloc (n + 1, sizeof (grub_uint32_t));
a4d572
 	      if (grub_errno)
a4d572
 		{
a4d572
 		  grub_print_error ();
a4d572
diff --git a/grub-core/normal/menu_entry.c b/grub-core/normal/menu_entry.c
09e3cc
index 5785f67ee..f31487c1f 100644
a4d572
--- a/grub-core/normal/menu_entry.c
a4d572
+++ b/grub-core/normal/menu_entry.c
a4d572
@@ -95,8 +95,8 @@ init_line (struct screen *screen, struct line *linep)
a4d572
 {
a4d572
   linep->len = 0;
a4d572
   linep->max_len = 80;
a4d572
-  linep->buf = grub_malloc ((linep->max_len + 1) * sizeof (linep->buf[0]));
a4d572
-  linep->pos = grub_zalloc (screen->nterms * sizeof (linep->pos[0]));
a4d572
+  linep->buf = grub_calloc (linep->max_len + 1, sizeof (linep->buf[0]));
a4d572
+  linep->pos = grub_calloc (screen->nterms, sizeof (linep->pos[0]));
a4d572
   if (! linep->buf || !linep->pos)
a4d572
     {
a4d572
       grub_free (linep->buf);
a4d572
@@ -287,7 +287,7 @@ update_screen (struct screen *screen, struct per_term_screen *term_screen,
a4d572
 	  pos = linep->pos + (term_screen - screen->terms);
a4d572
 
a4d572
 	  if (!*pos)
a4d572
-	    *pos = grub_zalloc ((linep->len + 1) * sizeof (**pos));
a4d572
+	    *pos = grub_calloc (linep->len + 1, sizeof (**pos));
a4d572
 
a4d572
 	  if (i == region_start || linep == screen->lines + screen->line
a4d572
 	      || (i > region_start && mode == ALL_LINES))
a4d572
@@ -471,7 +471,7 @@ insert_string (struct screen *screen, const char *s, int update)
a4d572
 
a4d572
 	  /* Insert the string.  */
a4d572
 	  current_linep = screen->lines + screen->line;
a4d572
-	  unicode_msg = grub_malloc ((p - s) * sizeof (grub_uint32_t));
a4d572
+	  unicode_msg = grub_calloc (p - s, sizeof (grub_uint32_t));
a4d572
 
a4d572
 	  if (!unicode_msg)
a4d572
 	    return 0;
a4d572
@@ -1023,7 +1023,7 @@ complete (struct screen *screen, int continuous, int update)
a4d572
   if (completion_buffer.buf)
a4d572
     {
a4d572
       buflen = grub_strlen (completion_buffer.buf);
a4d572
-      ucs4 = grub_malloc (sizeof (grub_uint32_t) * (buflen + 1));
a4d572
+      ucs4 = grub_calloc (buflen + 1, sizeof (grub_uint32_t));
a4d572
       
a4d572
       if (!ucs4)
a4d572
 	{
a4d572
@@ -1265,7 +1265,7 @@ grub_menu_entry_run (grub_menu_entry_t entry)
a4d572
   for (i = 0; i < (unsigned) screen->num_lines; i++)
a4d572
     {
a4d572
       grub_free (screen->lines[i].pos);
a4d572
-      screen->lines[i].pos = grub_zalloc (screen->nterms * sizeof (screen->lines[i].pos[0]));
a4d572
+      screen->lines[i].pos = grub_calloc (screen->nterms, sizeof (screen->lines[i].pos[0]));
a4d572
       if (! screen->lines[i].pos)
a4d572
 	{
a4d572
 	  grub_print_error ();
a4d572
@@ -1275,7 +1275,7 @@ grub_menu_entry_run (grub_menu_entry_t entry)
a4d572
 	}
a4d572
     }
a4d572
 
a4d572
-  screen->terms = grub_zalloc (screen->nterms * sizeof (screen->terms[0]));
a4d572
+  screen->terms = grub_calloc (screen->nterms, sizeof (screen->terms[0]));
a4d572
   if (!screen->terms)
a4d572
     {
a4d572
       grub_print_error ();
a4d572
diff --git a/grub-core/normal/menu_text.c b/grub-core/normal/menu_text.c
09e3cc
index 7681f7d28..ca1356243 100644
a4d572
--- a/grub-core/normal/menu_text.c
a4d572
+++ b/grub-core/normal/menu_text.c
a4d572
@@ -78,7 +78,7 @@ grub_print_message_indented_real (const char *msg, int margin_left,
a4d572
   grub_size_t msg_len = grub_strlen (msg) + 2;
a4d572
   int ret = 0;
a4d572
 
a4d572
-  unicode_msg = grub_malloc (msg_len * sizeof (grub_uint32_t));
a4d572
+  unicode_msg = grub_calloc (msg_len, sizeof (grub_uint32_t));
a4d572
  
a4d572
   if (!unicode_msg)
a4d572
     return 0;
a4d572
@@ -167,7 +167,7 @@ print_entry (int y, int highlight, grub_menu_entry_t entry,
a4d572
 
a4d572
   title = entry ? entry->title : "";
a4d572
   title_len = grub_strlen (title);
a4d572
-  unicode_title = grub_malloc (title_len * sizeof (*unicode_title));
a4d572
+  unicode_title = grub_calloc (title_len, sizeof (*unicode_title));
a4d572
   if (! unicode_title)
a4d572
     /* XXX How to show this error?  */
a4d572
     return;
a4d572
diff --git a/grub-core/normal/term.c b/grub-core/normal/term.c
09e3cc
index ac5d69f0f..93a3a0d91 100644
a4d572
--- a/grub-core/normal/term.c
a4d572
+++ b/grub-core/normal/term.c
a4d572
@@ -264,7 +264,7 @@ grub_term_save_pos (void)
a4d572
   FOR_ACTIVE_TERM_OUTPUTS(cur)
a4d572
     cnt++;
a4d572
 
a4d572
-  ret = grub_malloc (cnt * sizeof (ret[0]));
a4d572
+  ret = grub_calloc (cnt, sizeof (ret[0]));
a4d572
   if (!ret)
a4d572
     return NULL;
a4d572
 
a4d572
@@ -1013,7 +1013,7 @@ grub_xnputs (const char *str, grub_size_t msg_len)
a4d572
 
a4d572
   grub_error_push ();
a4d572
 
a4d572
-  unicode_str = grub_malloc (msg_len * sizeof (grub_uint32_t));
a4d572
+  unicode_str = grub_calloc (msg_len, sizeof (grub_uint32_t));
a4d572
  
a4d572
   grub_error_pop ();
a4d572
 
a4d572
diff --git a/grub-core/osdep/linux/getroot.c b/grub-core/osdep/linux/getroot.c
09e3cc
index 388a0f706..e450f5f0a 100644
a4d572
--- a/grub-core/osdep/linux/getroot.c
a4d572
+++ b/grub-core/osdep/linux/getroot.c
a4d572
@@ -176,7 +176,7 @@ grub_util_raid_getmembers (const char *name, int bootable)
a4d572
   if (ret != 0)
a4d572
     grub_util_error (_("ioctl GET_ARRAY_INFO error: %s"), strerror (errno));
a4d572
 
a4d572
-  devicelist = xmalloc ((info.nr_disks + 1) * sizeof (char *));
a4d572
+  devicelist = xcalloc (info.nr_disks + 1, sizeof (char *));
a4d572
 
a4d572
   for (i = 0, j = 0; j < info.nr_disks; i++)
a4d572
     {
a4d572
@@ -249,7 +249,7 @@ grub_find_root_devices_from_btrfs (const char *dir)
a4d572
       return NULL;
a4d572
     }
a4d572
 
a4d572
-  ret = xmalloc ((fsi.num_devices + 1) * sizeof (ret[0]));
a4d572
+  ret = xcalloc (fsi.num_devices + 1, sizeof (ret[0]));
a4d572
 
a4d572
   for (i = 1; i <= fsi.max_id && j < fsi.num_devices; i++)
a4d572
     {
a4d572
@@ -508,7 +508,7 @@ grub_find_root_devices_from_mountinfo (const char *dir, char **relroot)
a4d572
   if (relroot)
a4d572
     *relroot = NULL;
a4d572
 
a4d572
-  entries = xmalloc (entry_max * sizeof (*entries));
a4d572
+  entries = xcalloc (entry_max, sizeof (*entries));
a4d572
 
a4d572
 again:
a4d572
   fp = grub_util_fopen ("/proc/self/mountinfo", "r");
a4d572
diff --git a/grub-core/osdep/unix/config.c b/grub-core/osdep/unix/config.c
09e3cc
index b637c58ef..46a881530 100644
a4d572
--- a/grub-core/osdep/unix/config.c
a4d572
+++ b/grub-core/osdep/unix/config.c
a4d572
@@ -102,7 +102,7 @@ grub_util_load_config (struct grub_util_config *cfg)
a4d572
   argv[0] = "sh";
a4d572
   argv[1] = "-c";
a4d572
 
a4d572
-  script = xmalloc (4 * strlen (cfgfile) + 300);
a4d572
+  script = xcalloc (4, strlen (cfgfile) + 300);
a4d572
 
a4d572
   ptr = script;
a4d572
   memcpy (ptr, ". '", 3);
a4d572
diff --git a/grub-core/osdep/windows/getroot.c b/grub-core/osdep/windows/getroot.c
09e3cc
index 661d95461..eada663b2 100644
a4d572
--- a/grub-core/osdep/windows/getroot.c
a4d572
+++ b/grub-core/osdep/windows/getroot.c
a4d572
@@ -59,7 +59,7 @@ grub_get_mount_point (const TCHAR *path)
a4d572
 
a4d572
   for (ptr = path; *ptr; ptr++);
a4d572
   allocsize = (ptr - path + 10) * 2;
a4d572
-  out = xmalloc (allocsize * sizeof (out[0]));
a4d572
+  out = xcalloc (allocsize, sizeof (out[0]));
a4d572
 
a4d572
   /* When pointing to EFI system partition GetVolumePathName fails
a4d572
      for ESP root and returns abberant information for everything
a4d572
diff --git a/grub-core/osdep/windows/hostdisk.c b/grub-core/osdep/windows/hostdisk.c
09e3cc
index 6f49df465..580b3f2da 100644
a4d572
--- a/grub-core/osdep/windows/hostdisk.c
a4d572
+++ b/grub-core/osdep/windows/hostdisk.c
a4d572
@@ -111,7 +111,7 @@ grub_util_get_windows_path_real (const char *path)
a4d572
 
a4d572
   while (1)
a4d572
     {
a4d572
-      fpa = xmalloc (alloc * sizeof (fpa[0]));
a4d572
+      fpa = xcalloc (alloc, sizeof (fpa[0]));
a4d572
 
a4d572
       len = GetFullPathName (tpath, alloc, fpa, NULL);
a4d572
       if (len >= alloc)
a4d572
@@ -393,7 +393,7 @@ grub_util_fd_opendir (const char *name)
a4d572
   for (l = 0; name_windows[l]; l++);
a4d572
   for (l--; l >= 0 && (name_windows[l] == '\\' || name_windows[l] == '/'); l--);
a4d572
   l++;
a4d572
-  pattern = xmalloc ((l + 3) * sizeof (pattern[0]));
a4d572
+  pattern = xcalloc (l + 3, sizeof (pattern[0]));
a4d572
   memcpy (pattern, name_windows, l * sizeof (pattern[0]));
a4d572
   pattern[l] = '\\';
a4d572
   pattern[l + 1] = '*';
a4d572
diff --git a/grub-core/osdep/windows/init.c b/grub-core/osdep/windows/init.c
09e3cc
index e8ffd62c6..6297de632 100644
a4d572
--- a/grub-core/osdep/windows/init.c
a4d572
+++ b/grub-core/osdep/windows/init.c
a4d572
@@ -161,7 +161,7 @@ grub_util_host_init (int *argc __attribute__ ((unused)),
a4d572
   LPWSTR *targv;
a4d572
 
a4d572
   targv = CommandLineToArgvW (tcmdline, argc);
a4d572
-  *argv = xmalloc ((*argc + 1) * sizeof (argv[0]));
a4d572
+  *argv = xcalloc (*argc + 1, sizeof (argv[0]));
a4d572
 
a4d572
   for (i = 0; i < *argc; i++)
a4d572
     (*argv)[i] = grub_util_tchar_to_utf8 (targv[i]); 
a4d572
diff --git a/grub-core/osdep/windows/platform.c b/grub-core/osdep/windows/platform.c
09e3cc
index 912269191..04e0eda9a 100644
a4d572
--- a/grub-core/osdep/windows/platform.c
a4d572
+++ b/grub-core/osdep/windows/platform.c
a4d572
@@ -225,8 +225,8 @@ grub_install_register_efi (grub_device_t efidir_grub_dev,
a4d572
     grub_util_error ("%s", _("no EFI routines are available when running in BIOS mode"));
a4d572
 
a4d572
   distrib8_len = grub_strlen (efi_distributor);
a4d572
-  distributor16 = xmalloc ((distrib8_len + 1) * GRUB_MAX_UTF16_PER_UTF8
a4d572
-			   * sizeof (grub_uint16_t));
a4d572
+  distributor16 = xcalloc (distrib8_len + 1,
a4d572
+			   GRUB_MAX_UTF16_PER_UTF8 * sizeof (grub_uint16_t));
a4d572
   distrib16_len = grub_utf8_to_utf16 (distributor16, distrib8_len * GRUB_MAX_UTF16_PER_UTF8,
a4d572
 				      (const grub_uint8_t *) efi_distributor,
a4d572
 				      distrib8_len, 0);
a4d572
diff --git a/grub-core/osdep/windows/relpath.c b/grub-core/osdep/windows/relpath.c
09e3cc
index cb0861744..478e8ef14 100644
a4d572
--- a/grub-core/osdep/windows/relpath.c
a4d572
+++ b/grub-core/osdep/windows/relpath.c
a4d572
@@ -72,7 +72,7 @@ grub_make_system_path_relative_to_its_root (const char *path)
a4d572
       if (dirwindows[0] && dirwindows[1] == ':')
a4d572
 	offset = 2;
a4d572
     }
a4d572
-  ret = xmalloc (sizeof (ret[0]) * (flen - offset + 2));
a4d572
+  ret = xcalloc (flen - offset + 2, sizeof (ret[0]));
a4d572
   if (dirwindows[offset] != '\\'
a4d572
       && dirwindows[offset] != '/'
a4d572
       && dirwindows[offset])
a4d572
diff --git a/grub-core/partmap/gpt.c b/grub-core/partmap/gpt.c
09e3cc
index 103f6796f..72a2e37cd 100644
a4d572
--- a/grub-core/partmap/gpt.c
a4d572
+++ b/grub-core/partmap/gpt.c
a4d572
@@ -199,7 +199,7 @@ gpt_partition_map_embed (struct grub_disk *disk, unsigned int *nsectors,
a4d572
   *nsectors = ctx.len;
a4d572
   if (*nsectors > max_nsectors)
a4d572
     *nsectors = max_nsectors;
a4d572
-  *sectors = grub_malloc (*nsectors * sizeof (**sectors));
a4d572
+  *sectors = grub_calloc (*nsectors, sizeof (**sectors));
a4d572
   if (!*sectors)
a4d572
     return grub_errno;
a4d572
   for (i = 0; i < *nsectors; i++)
a4d572
diff --git a/grub-core/partmap/msdos.c b/grub-core/partmap/msdos.c
09e3cc
index 6d4b455a1..81ca6b90e 100644
a4d572
--- a/grub-core/partmap/msdos.c
a4d572
+++ b/grub-core/partmap/msdos.c
a4d572
@@ -337,7 +337,7 @@ pc_partition_map_embed (struct grub_disk *disk, unsigned int *nsectors,
a4d572
       avail_nsectors = *nsectors;
a4d572
       if (*nsectors > max_nsectors)
a4d572
 	*nsectors = max_nsectors;
a4d572
-      *sectors = grub_malloc (*nsectors * sizeof (**sectors));
a4d572
+      *sectors = grub_calloc (*nsectors, sizeof (**sectors));
a4d572
       if (!*sectors)
a4d572
 	return grub_errno;
a4d572
       for (i = 0; i < *nsectors; i++)
a4d572
diff --git a/grub-core/script/execute.c b/grub-core/script/execute.c
09e3cc
index 7d327f59d..528ddfd36 100644
a4d572
--- a/grub-core/script/execute.c
a4d572
+++ b/grub-core/script/execute.c
a4d572
@@ -587,7 +587,7 @@ gettext_append (struct grub_script_argv *result, const char *orig_str)
a4d572
   for (iptr = orig_str; *iptr; iptr++)
a4d572
     if (*iptr == '$')
a4d572
       dollar_cnt++;
a4d572
-  ctx.allowed_strings = grub_malloc (sizeof (ctx.allowed_strings[0]) * dollar_cnt);
a4d572
+  ctx.allowed_strings = grub_calloc (dollar_cnt, sizeof (ctx.allowed_strings[0]));
a4d572
 
a4d572
   if (parse_string (orig_str, gettext_save_allow, &ctx, 0))
a4d572
     goto fail;
a4d572
diff --git a/grub-core/tests/fake_input.c b/grub-core/tests/fake_input.c
09e3cc
index 2d6085298..b5eb516be 100644
a4d572
--- a/grub-core/tests/fake_input.c
a4d572
+++ b/grub-core/tests/fake_input.c
a4d572
@@ -49,7 +49,7 @@ grub_terminal_input_fake_sequence (int *seq_in, int nseq_in)
a4d572
     saved = grub_term_inputs;
a4d572
   if (seq)
a4d572
     grub_free (seq);
a4d572
-  seq = grub_malloc (nseq_in * sizeof (seq[0]));
a4d572
+  seq = grub_calloc (nseq_in, sizeof (seq[0]));
a4d572
   if (!seq)
a4d572
     return;
a4d572
 
a4d572
diff --git a/grub-core/tests/video_checksum.c b/grub-core/tests/video_checksum.c
09e3cc
index 74d5b65e5..44d081069 100644
a4d572
--- a/grub-core/tests/video_checksum.c
a4d572
+++ b/grub-core/tests/video_checksum.c
a4d572
@@ -336,7 +336,7 @@ grub_video_capture_write_bmp (const char *fname,
a4d572
     {
a4d572
     case 4:
a4d572
       {
a4d572
-	grub_uint8_t *buffer = xmalloc (mode_info->width * 3);
a4d572
+	grub_uint8_t *buffer = xcalloc (3, mode_info->width);
a4d572
 	grub_uint32_t rmask = ((1 << mode_info->red_mask_size) - 1);
a4d572
 	grub_uint32_t gmask = ((1 << mode_info->green_mask_size) - 1);
a4d572
 	grub_uint32_t bmask = ((1 << mode_info->blue_mask_size) - 1);
a4d572
@@ -367,7 +367,7 @@ grub_video_capture_write_bmp (const char *fname,
a4d572
       }
a4d572
     case 3:
a4d572
       {
a4d572
-	grub_uint8_t *buffer = xmalloc (mode_info->width * 3);
a4d572
+	grub_uint8_t *buffer = xcalloc (3, mode_info->width);
a4d572
 	grub_uint32_t rmask = ((1 << mode_info->red_mask_size) - 1);
a4d572
 	grub_uint32_t gmask = ((1 << mode_info->green_mask_size) - 1);
a4d572
 	grub_uint32_t bmask = ((1 << mode_info->blue_mask_size) - 1);
a4d572
@@ -407,7 +407,7 @@ grub_video_capture_write_bmp (const char *fname,
a4d572
       }
a4d572
     case 2:
a4d572
       {
a4d572
-	grub_uint8_t *buffer = xmalloc (mode_info->width * 3);
a4d572
+	grub_uint8_t *buffer = xcalloc (3, mode_info->width);
a4d572
 	grub_uint16_t rmask = ((1 << mode_info->red_mask_size) - 1);
a4d572
 	grub_uint16_t gmask = ((1 << mode_info->green_mask_size) - 1);
a4d572
 	grub_uint16_t bmask = ((1 << mode_info->blue_mask_size) - 1);
a4d572
diff --git a/grub-core/video/capture.c b/grub-core/video/capture.c
09e3cc
index 4f83c7441..4d3195e01 100644
a4d572
--- a/grub-core/video/capture.c
a4d572
+++ b/grub-core/video/capture.c
a4d572
@@ -89,7 +89,7 @@ grub_video_capture_start (const struct grub_video_mode_info *mode_info,
a4d572
   framebuffer.mode_info = *mode_info;
a4d572
   framebuffer.mode_info.blit_format = grub_video_get_blit_format (&framebuffer.mode_info);
a4d572
 
a4d572
-  framebuffer.ptr = grub_malloc (framebuffer.mode_info.height * framebuffer.mode_info.pitch);
a4d572
+  framebuffer.ptr = grub_calloc (framebuffer.mode_info.height, framebuffer.mode_info.pitch);
a4d572
   if (!framebuffer.ptr)
a4d572
     return grub_errno;
a4d572
   
a4d572
diff --git a/grub-core/video/emu/sdl.c b/grub-core/video/emu/sdl.c
09e3cc
index a2f639f66..0ebab6f57 100644
a4d572
--- a/grub-core/video/emu/sdl.c
a4d572
+++ b/grub-core/video/emu/sdl.c
a4d572
@@ -172,7 +172,7 @@ grub_video_sdl_set_palette (unsigned int start, unsigned int count,
a4d572
       if (start + count > mode_info.number_of_colors)
a4d572
 	count = mode_info.number_of_colors - start;
a4d572
 
a4d572
-      tmp = grub_malloc (count * sizeof (tmp[0]));
a4d572
+      tmp = grub_calloc (count, sizeof (tmp[0]));
a4d572
       for (i = 0; i < count; i++)
a4d572
 	{
a4d572
 	  tmp[i].r = palette_data[i].r;
a4d572
diff --git a/grub-core/video/i386/pc/vga.c b/grub-core/video/i386/pc/vga.c
09e3cc
index 01f47112d..b2f776c99 100644
a4d572
--- a/grub-core/video/i386/pc/vga.c
a4d572
+++ b/grub-core/video/i386/pc/vga.c
a4d572
@@ -127,7 +127,7 @@ grub_video_vga_setup (unsigned int width, unsigned int height,
a4d572
 
a4d572
   vga_height = height ? : 480;
a4d572
 
a4d572
-  framebuffer.temporary_buffer = grub_malloc (vga_height * VGA_WIDTH);
a4d572
+  framebuffer.temporary_buffer = grub_calloc (vga_height, VGA_WIDTH);
a4d572
   framebuffer.front_page = 0;
a4d572
   framebuffer.back_page = 0;
a4d572
   if (!framebuffer.temporary_buffer)
a4d572
diff --git a/grub-core/video/readers/png.c b/grub-core/video/readers/png.c
09e3cc
index e1a01e99f..e85df3c1b 100644
a4d572
--- a/grub-core/video/readers/png.c
a4d572
+++ b/grub-core/video/readers/png.c
a4d572
@@ -309,7 +309,7 @@ grub_png_decode_image_header (struct grub_png_data *data)
a4d572
   if (data->is_16bit || data->is_gray || data->is_palette)
a4d572
 #endif
a4d572
     {
a4d572
-      data->image_data = grub_malloc (data->image_height * data->row_bytes);
a4d572
+      data->image_data = grub_calloc (data->image_height, data->row_bytes);
a4d572
       if (grub_errno)
a4d572
         return grub_errno;
a4d572
 
a4d572
diff --git a/util/getroot.c b/util/getroot.c
09e3cc
index fa3460d6c..6feb2a4de 100644
a4d572
--- a/util/getroot.c
a4d572
+++ b/util/getroot.c
a4d572
@@ -219,7 +219,7 @@ make_device_name (const char *drive)
a4d572
   char *ret, *ptr;
a4d572
   const char *iptr;
a4d572
 
a4d572
-  ret = xmalloc (strlen (drive) * 2);
a4d572
+  ret = xcalloc (2, strlen (drive));
a4d572
   ptr = ret;
a4d572
   for (iptr = drive; *iptr; iptr++)
a4d572
     {
a4d572
diff --git a/util/grub-file.c b/util/grub-file.c
09e3cc
index 50c18b683..b2e7dd69f 100644
a4d572
--- a/util/grub-file.c
a4d572
+++ b/util/grub-file.c
a4d572
@@ -54,7 +54,7 @@ main (int argc, char *argv[])
a4d572
 
a4d572
   grub_util_host_init (&argc, &argv);
a4d572
 
a4d572
-  argv2 = xmalloc (argc * sizeof (argv2[0]));
a4d572
+  argv2 = xcalloc (argc, sizeof (argv2[0]));
a4d572
 
a4d572
   if (argc == 2 && strcmp (argv[1], "--version") == 0)
a4d572
     {
a4d572
diff --git a/util/grub-fstest.c b/util/grub-fstest.c
09e3cc
index a358ae471..793aefa02 100644
a4d572
--- a/util/grub-fstest.c
a4d572
+++ b/util/grub-fstest.c
a4d572
@@ -650,7 +650,7 @@ argp_parser (int key, char *arg, struct argp_state *state)
a4d572
   if (args_count < num_disks)
a4d572
     {
a4d572
       if (args_count == 0)
a4d572
-	images = xmalloc (num_disks * sizeof (images[0]));
a4d572
+	images = xcalloc (num_disks, sizeof (images[0]));
a4d572
       images[args_count] = grub_canonicalize_file_name (arg);
a4d572
       args_count++;
a4d572
       return 0;
a4d572
@@ -734,7 +734,7 @@ main (int argc, char *argv[])
a4d572
 
a4d572
   grub_util_host_init (&argc, &argv);
a4d572
 
a4d572
-  args = xmalloc (argc * sizeof (args[0]));
a4d572
+  args = xcalloc (argc, sizeof (args[0]));
a4d572
 
a4d572
   argp_parse (&argp, argc, argv, 0, 0, 0);
a4d572
 
a4d572
diff --git a/util/grub-install-common.c b/util/grub-install-common.c
09e3cc
index 0a2e24a79..cf993c059 100644
a4d572
--- a/util/grub-install-common.c
a4d572
+++ b/util/grub-install-common.c
a4d572
@@ -281,7 +281,7 @@ handle_install_list (struct install_list *il, const char *val,
a4d572
       il->n_entries++;
a4d572
     }
a4d572
   il->n_alloc = il->n_entries + 1;
a4d572
-  il->entries = xmalloc (il->n_alloc * sizeof (il->entries[0]));
a4d572
+  il->entries = xcalloc (il->n_alloc, sizeof (il->entries[0]));
a4d572
   ptr = val;
a4d572
   for (ce = il->entries; ; ce++)
a4d572
     {
a4d572
diff --git a/util/grub-install.c b/util/grub-install.c
09e3cc
index 16f137ca8..3bf0e063a 100644
a4d572
--- a/util/grub-install.c
a4d572
+++ b/util/grub-install.c
a4d572
@@ -623,7 +623,7 @@ device_map_check_duplicates (const char *dev_map)
a4d572
   if (! fp)
a4d572
     return;
a4d572
 
a4d572
-  d = xmalloc (alloced * sizeof (d[0]));
a4d572
+  d = xcalloc (alloced, sizeof (d[0]));
a4d572
 
a4d572
   while (fgets (buf, sizeof (buf), fp))
a4d572
     {
a4d572
@@ -1232,7 +1232,7 @@ main (int argc, char *argv[])
a4d572
       ndev++;
a4d572
     }
a4d572
 
a4d572
-  grub_drives = xmalloc (sizeof (grub_drives[0]) * (ndev + 1)); 
a4d572
+  grub_drives = xcalloc (ndev + 1, sizeof (grub_drives[0]));
a4d572
 
a4d572
   for (curdev = grub_devices, curdrive = grub_drives; *curdev; curdev++,
a4d572
        curdrive++)
a4d572
diff --git a/util/grub-mkimagexx.c b/util/grub-mkimagexx.c
09e3cc
index a483c674c..f9aa1a033 100644
a4d572
--- a/util/grub-mkimagexx.c
a4d572
+++ b/util/grub-mkimagexx.c
a4d572
@@ -1999,10 +1999,8 @@ SUFFIX (grub_mkimage_load_image) (const char *kernel_path,
a4d572
 		      + grub_host_to_target16 (e->e_shstrndx) * smd.section_entsize);
a4d572
   smd.strtab = (char *) e + grub_host_to_target_addr (s->sh_offset);
a4d572
 
a4d572
-  smd.addrs = xmalloc (sizeof (*smd.addrs) * smd.num_sections);
a4d572
-  memset (smd.addrs, 0, sizeof (*smd.addrs) * smd.num_sections);
a4d572
-  smd.vaddrs = xmalloc (sizeof (*smd.vaddrs) * smd.num_sections);
a4d572
-  memset (smd.vaddrs, 0, sizeof (*smd.vaddrs) * smd.num_sections);
a4d572
+  smd.addrs = xcalloc (smd.num_sections, sizeof (*smd.addrs));
a4d572
+  smd.vaddrs = xcalloc (smd.num_sections, sizeof (*smd.vaddrs));
a4d572
 
a4d572
   SUFFIX (locate_sections) (e, kernel_path, &smd, layout, image_target);
a4d572
 
a4d572
diff --git a/util/grub-mkrescue.c b/util/grub-mkrescue.c
09e3cc
index 9545945d8..21e72bde4 100644
a4d572
--- a/util/grub-mkrescue.c
a4d572
+++ b/util/grub-mkrescue.c
a4d572
@@ -441,8 +441,8 @@ main (int argc, char *argv[])
a4d572
   xorriso = xstrdup ("xorriso");
a4d572
   label_font = grub_util_path_concat (2, pkgdatadir, "unicode.pf2");
a4d572
 
a4d572
-  argp_argv = xmalloc (sizeof (argp_argv[0]) * argc);
a4d572
-  xorriso_tail_argv = xmalloc (sizeof (argp_argv[0]) * argc);
a4d572
+  argp_argv = xcalloc (argc, sizeof (argp_argv[0]));
a4d572
+  xorriso_tail_argv = xcalloc (argc, sizeof (argp_argv[0]));
a4d572
 
a4d572
   xorriso_tail_argc = 0;
a4d572
   /* Program name */
a4d572
diff --git a/util/grub-mkstandalone.c b/util/grub-mkstandalone.c
09e3cc
index 4907d44c0..edf309717 100644
a4d572
--- a/util/grub-mkstandalone.c
a4d572
+++ b/util/grub-mkstandalone.c
a4d572
@@ -296,7 +296,7 @@ main (int argc, char *argv[])
a4d572
   grub_util_host_init (&argc, &argv);
a4d572
   grub_util_disable_fd_syncs ();
a4d572
 
a4d572
-  files = xmalloc ((argc + 1) * sizeof (files[0]));
a4d572
+  files = xcalloc (argc + 1, sizeof (files[0]));
a4d572
 
a4d572
   argp_parse (&argp, argc, argv, 0, 0, 0);
a4d572
 
a4d572
diff --git a/util/grub-pe2elf.c b/util/grub-pe2elf.c
09e3cc
index 0d4084a10..11331294f 100644
a4d572
--- a/util/grub-pe2elf.c
a4d572
+++ b/util/grub-pe2elf.c
a4d572
@@ -100,9 +100,9 @@ write_section_data (FILE* fp, const char *name, char *image,
a4d572
   char *pe_strtab = (image + pe_chdr->symtab_offset
a4d572
 		     + pe_chdr->num_symbols * sizeof (struct grub_pe32_symbol));
a4d572
 
a4d572
-  section_map = xmalloc ((2 * pe_chdr->num_sections + 5) * sizeof (int));
a4d572
+  section_map = xcalloc (2 * pe_chdr->num_sections + 5, sizeof (int));
a4d572
   section_map[0] = 0;
a4d572
-  shdr = xmalloc ((2 * pe_chdr->num_sections + 5) * sizeof (shdr[0]));
a4d572
+  shdr = xcalloc (2 * pe_chdr->num_sections + 5, sizeof (shdr[0]));
a4d572
   idx = 1;
a4d572
   idx_reloc = pe_chdr->num_sections + 1;
a4d572
 
a4d572
@@ -233,7 +233,7 @@ write_reloc_section (FILE* fp, const char *name, char *image,
a4d572
 
a4d572
       pe_sec = pe_shdr + shdr[i].sh_link;
a4d572
       pe_rel = (struct grub_pe32_reloc *) (image + pe_sec->relocations_offset);
a4d572
-      rel = (elf_reloc_t *) xmalloc (pe_sec->num_relocations * sizeof (elf_reloc_t));
a4d572
+      rel = (elf_reloc_t *) xcalloc (pe_sec->num_relocations, sizeof (elf_reloc_t));
a4d572
       num_rels = 0;
a4d572
       modified = 0;
a4d572
 
a4d572
@@ -365,12 +365,10 @@ write_symbol_table (FILE* fp, const char *name, char *image,
a4d572
   pe_symtab = (struct grub_pe32_symbol *) (image + pe_chdr->symtab_offset);
a4d572
   pe_strtab = (char *) (pe_symtab + pe_chdr->num_symbols);
a4d572
 
a4d572
-  symtab = (Elf_Sym *) xmalloc ((pe_chdr->num_symbols + 1) *
a4d572
-				sizeof (Elf_Sym));
a4d572
-  memset (symtab, 0, (pe_chdr->num_symbols + 1) * sizeof (Elf_Sym));
a4d572
+  symtab = (Elf_Sym *) xcalloc (pe_chdr->num_symbols + 1, sizeof (Elf_Sym));
a4d572
   num_syms = 1;
a4d572
 
a4d572
-  symtab_map = (int *) xmalloc (pe_chdr->num_symbols * sizeof (int));
a4d572
+  symtab_map = (int *) xcalloc (pe_chdr->num_symbols, sizeof (int));
a4d572
 
a4d572
   for (i = 0; i < (int) pe_chdr->num_symbols;
a4d572
        i += pe_symtab->num_aux + 1, pe_symtab += pe_symtab->num_aux + 1)
a4d572
diff --git a/util/grub-probe.c b/util/grub-probe.c
09e3cc
index e45dbf9e0..2a8c2cdff 100644
a4d572
--- a/util/grub-probe.c
a4d572
+++ b/util/grub-probe.c
a4d572
@@ -361,8 +361,8 @@ probe (const char *path, char **device_names, char delim)
a4d572
       grub_util_pull_device (*curdev);
a4d572
       ndev++;
a4d572
     }
a4d572
-  
a4d572
-  drives_names = xmalloc (sizeof (drives_names[0]) * (ndev + 1)); 
a4d572
+
a4d572
+  drives_names = xcalloc (ndev + 1, sizeof (drives_names[0]));
a4d572
 
a4d572
   for (curdev = device_names, curdrive = drives_names; *curdev; curdev++,
a4d572
        curdrive++)
a4d572
diff --git a/include/grub/unicode.h b/include/grub/unicode.h
09e3cc
index a0403e91f..4de986a85 100644
a4d572
--- a/include/grub/unicode.h
a4d572
+++ b/include/grub/unicode.h
a4d572
@@ -293,7 +293,7 @@ grub_unicode_glyph_dup (const struct grub_unicode_glyph *in)
a4d572
   grub_memcpy (out, in, sizeof (*in));
a4d572
   if (in->ncomb > ARRAY_SIZE (out->combining_inline))
a4d572
     {
a4d572
-      out->combining_ptr = grub_malloc (in->ncomb * sizeof (out->combining_ptr[0]));
a4d572
+      out->combining_ptr = grub_calloc (in->ncomb, sizeof (out->combining_ptr[0]));
a4d572
       if (!out->combining_ptr)
a4d572
 	{
a4d572
 	  grub_free (out);
a4d572
@@ -315,7 +315,7 @@ grub_unicode_set_glyph (struct grub_unicode_glyph *out,
a4d572
   grub_memcpy (out, in, sizeof (*in));
a4d572
   if (in->ncomb > ARRAY_SIZE (out->combining_inline))
a4d572
     {
a4d572
-      out->combining_ptr = grub_malloc (in->ncomb * sizeof (out->combining_ptr[0]));
a4d572
+      out->combining_ptr = grub_calloc (in->ncomb, sizeof (out->combining_ptr[0]));
a4d572
       if (!out->combining_ptr)
a4d572
 	return;
a4d572
       grub_memcpy (out->combining_ptr, in->combining_ptr,