fix/silence bugs reported by ccc-analyzer (clang)

These should all be non critical:
 * memory leaks on startup in error cases (which lead to
   immediate shutdowns anyway)
 * http_auth/ldap: passing uninitialized "ret" to ldap_err2string
 * sizeof(T) not matching the target pointer in malloc/calloc calls;
   those cases were either:
   * T being the wrong pointer type - shouldn't matter as long as all
     pointers have same size
   * T being larger than the type needed
 * mod_accesslog: direct use after free in cleanup (server shutdown);
   could crash before "clean" shutdown
 * some false positives (mod_compress, mod_expire)
 * assert(srv->config_context->used > 0); - this is always the case,
   as there is always a global config block

From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2920 152afb58-edef-0310-8abb-c4023f1b3aa9

src/array.c

@@ -24,6 +24,8 @@ array *array_init_array(array *src) {
 	size_t i;
 	array *a = array_init();
 
+	if (0 == src->size) return a;
+
 	a->used = src->used;
 	a->size = src->size;
 	a->next_power_of_2 = src->next_power_of_2;

src/configfile.c

@@ -1026,7 +1026,10 @@ static char* getCWD(void) {
 	s = malloc(len);
 	if (!s) return NULL;
 	while (NULL == getcwd(s, len)) {
-		if (errno != ERANGE || SSIZE_MAX - len < len) return NULL;
+		if (errno != ERANGE || SSIZE_MAX - len < len) {
+			free(s);
+			return NULL;
+		}
 		len *= 2;
 		s1 = realloc(s, len);
 		if (!s1) {

src/fdevent.c

@@ -23,59 +23,62 @@ fdevents *fdevent_init(server *srv, size_t maxfds, fdevent_handler_t type) {
 	switch(type) {
 	case FDEVENT_HANDLER_POLL:
 		if (0 != fdevent_poll_init(ev)) {
-			log_error_write(ev->srv, __FILE__, __LINE__, "S",
+			log_error_write(srv, __FILE__, __LINE__, "S",
 				"event-handler poll failed");
-
-			return NULL;
+			goto error;
 		}
 		return ev;
 	case FDEVENT_HANDLER_SELECT:
 		if (0 != fdevent_select_init(ev)) {
-			log_error_write(ev->srv, __FILE__, __LINE__, "S",
+			log_error_write(srv, __FILE__, __LINE__, "S",
 				"event-handler select failed");
-			return NULL;
+			goto error;
 		}
 		return ev;
 	case FDEVENT_HANDLER_LINUX_SYSEPOLL:
 		if (0 != fdevent_linux_sysepoll_init(ev)) {
-			log_error_write(ev->srv, __FILE__, __LINE__, "S",
+			log_error_write(srv, __FILE__, __LINE__, "S",
 				"event-handler linux-sysepoll failed, try to set server.event-handler = \"poll\" or \"select\"");
-			return NULL;
+			goto error;
 		}
 		return ev;
 	case FDEVENT_HANDLER_SOLARIS_DEVPOLL:
 		if (0 != fdevent_solaris_devpoll_init(ev)) {
-			log_error_write(ev->srv, __FILE__, __LINE__, "S",
+			log_error_write(srv, __FILE__, __LINE__, "S",
 				"event-handler solaris-devpoll failed, try to set server.event-handler = \"poll\" or \"select\"");
-			return NULL;
+			goto error;
 		}
 		return ev;
 	case FDEVENT_HANDLER_SOLARIS_PORT:
 		if (0 != fdevent_solaris_port_init(ev)) {
-			log_error_write(ev->srv, __FILE__, __LINE__, "S",
+			log_error_write(srv, __FILE__, __LINE__, "S",
 				"event-handler solaris-eventports failed, try to set server.event-handler = \"poll\" or \"select\"");
-			return NULL;
+			goto error;
 		}
 		return ev;
 	case FDEVENT_HANDLER_FREEBSD_KQUEUE:
 		if (0 != fdevent_freebsd_kqueue_init(ev)) {
-			log_error_write(ev->srv, __FILE__, __LINE__, "S",
+			log_error_write(srv, __FILE__, __LINE__, "S",
 				"event-handler freebsd-kqueue failed, try to set server.event-handler = \"poll\" or \"select\"");
-			return NULL;
+			goto error;
 		}
 		return ev;
 	case FDEVENT_HANDLER_LIBEV:
 		if (0 != fdevent_libev_init(ev)) {
-			log_error_write(ev->srv, __FILE__, __LINE__, "S",
+			log_error_write(srv, __FILE__, __LINE__, "S",
 				"event-handler libev failed, try to set server.event-handler = \"poll\" or \"select\"");
-			return NULL;
+			goto error;
 		}
 		return ev;
 	case FDEVENT_HANDLER_UNSET:
 		break;
 	}
 
-	log_error_write(ev->srv, __FILE__, __LINE__, "S",
+error:
+	free(ev->fdarray);
+	free(ev);
+
+	log_error_write(srv, __FILE__, __LINE__, "S",
 		"event-handler is unknown, try to set server.event-handler = \"poll\" or \"select\"");
 	return NULL;
 }

src/http_auth.c

@@ -764,8 +764,9 @@ static int http_auth_basic_password_compare(server *srv, mod_auth_plugin_data *p
 				if (auth_ldap_init(srv, p->anon_conf) != HANDLER_GO_ON)
 					return -1;
 
-				if (p->anon_conf->ldap == NULL ||
-				    LDAP_SUCCESS != (ret = ldap_search_s(p->anon_conf->ldap, p->conf.auth_ldap_basedn->ptr, LDAP_SCOPE_SUBTREE, p->ldap_filter->ptr, attrs, 0, &lm))) {
+				if (NULL == p->anon_conf->ldap) return -1;
+
+				if (LDAP_SUCCESS != (ret = ldap_search_s(p->anon_conf->ldap, p->conf.auth_ldap_basedn->ptr, LDAP_SCOPE_SUBTREE, p->ldap_filter->ptr, attrs, 0, &lm))) {
 					log_error_write(srv, __FILE__, __LINE__, "sssb",
 							"ldap:", ldap_err2string(ret), "filter:", p->ldap_filter);
 					return -1;

src/lemon.c

@@ -1613,12 +1613,14 @@ int n;
 int k;
 FILE *err;
 {
-  int spcnt, i;
-  if( argv[0] ) fprintf(err,"%s",argv[0]);
-  spcnt = strlen(argv[0]) + 1;
+  int spcnt = 0, i;
+  if( argv[0] ) {
+    fprintf(err,"%s",argv[0]);
+    spcnt += strlen(argv[0]) + 1;
+  }
   for(i=1; i<n && argv[i]; i++){
     fprintf(err," %s",argv[i]);
-    spcnt += strlen(argv[i]+1);
+    spcnt += strlen(argv[i]) + 1;
   }
   spcnt += k;
   for(; argv[i]; i++) fprintf(err," %s",argv[i]);

src/mod_access.c

@@ -61,7 +61,7 @@ SETDEFAULTS_FUNC(mod_access_set_defaults) {
 		{ NULL,                          NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
 	};
 
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;

src/mod_accesslog.c

@@ -446,8 +446,8 @@ FREE_FUNC(mod_accesslog_free) {
 		free(p->config_storage);
 	}
 
-	free(p);
 	if (p->syslog_logbuffer) buffer_free(p->syslog_logbuffer);
+	free(p);
 
 	return HANDLER_GO_ON;
 }
@@ -466,7 +466,7 @@ SETDEFAULTS_FUNC(log_access_open) {
 
 	if (!p) return HANDLER_ERROR;
 
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;

src/mod_alias.c

@@ -72,7 +72,7 @@ SETDEFAULTS_FUNC(mod_alias_set_defaults) {
 
 	if (!p) return HANDLER_ERROR;
 
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;

src/mod_auth.c

@@ -364,7 +364,7 @@ SETDEFAULTS_FUNC(mod_auth_set_defaults) {
 		{ NULL,                             NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
 	};
 
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(mod_auth_plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		mod_auth_plugin_config *s;

src/mod_cgi.c

@@ -157,7 +157,7 @@ SETDEFAULTS_FUNC(mod_fastcgi_set_defaults) {
 
 	if (!p) return HANDLER_ERROR;
 
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;

src/mod_cml.c

@@ -83,7 +83,7 @@ SETDEFAULTS_FUNC(mod_cml_set_defaults) {
 
 	if (!p) return HANDLER_ERROR;
 
-	p->config_storage = malloc(srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;

src/mod_compress.c

@@ -12,6 +12,7 @@
 #include <sys/types.h>
 #include <sys/stat.h>
 
+#include <assert.h>
 #include <fcntl.h>
 #include <unistd.h>
 #include <ctype.h>
@@ -161,7 +162,7 @@ SETDEFAULTS_FUNC(mod_compress_setdefaults) {
 		{ NULL,                             NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
 	};
 
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;
@@ -860,7 +861,8 @@ PHYSICALPATH_FUNC(mod_compress_physical) {
 					} else if (matched_encodings & HTTP_ACCEPT_ENCODING_X_GZIP) {
 						compression_type = HTTP_ACCEPT_ENCODING_X_GZIP;
 						compression_name = dflt_x_gzip;
-					} else if (matched_encodings & HTTP_ACCEPT_ENCODING_DEFLATE) {
+					} else {
+						assert(matched_encodings & HTTP_ACCEPT_ENCODING_DEFLATE);
 						compression_type = HTTP_ACCEPT_ENCODING_DEFLATE;
 						compression_name = dflt_deflate;
 					}

src/mod_dirlisting.c

@@ -278,7 +278,7 @@ SETDEFAULTS_FUNC(mod_dirlisting_set_defaults) {
 
 	if (!p) return HANDLER_ERROR;
 
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;

src/mod_evasive.c

@@ -78,7 +78,7 @@ SETDEFAULTS_FUNC(mod_evasive_set_defaults) {
 		{ NULL,                          NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
 	};
 
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;

src/mod_evhost.c

@@ -128,7 +128,7 @@ SETDEFAULTS_FUNC(mod_evhost_set_defaults) {
 
 	if (!p) return HANDLER_ERROR;
 
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;

src/mod_expire.c

@@ -221,7 +221,7 @@ SETDEFAULTS_FUNC(mod_expire_set_defaults) {
 
 	if (!p) return HANDLER_ERROR;
 
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;
@@ -320,7 +320,7 @@ URIHANDLER_FUNC(mod_expire_path_handler) {
 				break;
 			default:
 				/* -1 is handled at parse-time */
-				break;
+				return HANDLER_ERROR;
 			}
 
 			/* expires should be at least srv->cur_ts */

src/mod_extforward.c

@@ -165,7 +165,7 @@ SETDEFAULTS_FUNC(mod_extforward_set_defaults) {
 
 	if (!p) return HANDLER_ERROR;
 
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;

src/mod_fastcgi.c

@@ -1169,7 +1169,7 @@ SETDEFAULTS_FUNC(mod_fastcgi_set_defaults) {
 		{ NULL,                          NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
 	};
 
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;
@@ -3174,8 +3174,6 @@ SUBREQUEST_FUNC(mod_fastcgi_handle_subrequest) {
 	/* ok, create the request */
 	switch(fcgi_write_request(srv, hctx)) {
 	case HANDLER_ERROR:
-		host = hctx->host;
-
 		if (hctx->state == FCGI_STATE_INIT ||
 		    hctx->state == FCGI_STATE_CONNECT_DELAYED) {
 			fcgi_restart_dead_procs(srv, p, host);

src/mod_flv_streaming.c

@@ -84,7 +84,7 @@ SETDEFAULTS_FUNC(mod_flv_streaming_set_defaults) {
 
 	if (!p) return HANDLER_ERROR;
 
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;

src/mod_indexfile.c

@@ -81,7 +81,7 @@ SETDEFAULTS_FUNC(mod_indexfile_set_defaults) {
 
 	if (!p) return HANDLER_ERROR;
 
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;

src/mod_magnet.c

@@ -103,7 +103,7 @@ SETDEFAULTS_FUNC(mod_magnet_set_defaults) {
 
 	if (!p) return HANDLER_ERROR;
 
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;

src/mod_mysql_vhost.c

@@ -185,7 +185,7 @@ SERVER_FUNC(mod_mysql_vhost_set_defaults) {
                 { NULL,			NULL, T_CONFIG_UNSET,	T_CONFIG_SCOPE_UNSET }
         };
 
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;

src/mod_proxy.c

@@ -194,7 +194,7 @@ SETDEFAULTS_FUNC(mod_proxy_set_defaults) {
 		{ NULL,                        NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
 	};
 
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;

src/mod_redirect.c

@@ -76,7 +76,7 @@ SETDEFAULTS_FUNC(mod_redirect_set_defaults) {
 	if (!p) return HANDLER_ERROR;
 
 	/* 0 */
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;

src/mod_rewrite.c

@@ -242,7 +242,7 @@ SETDEFAULTS_FUNC(mod_rewrite_set_defaults) {
 	if (!p) return HANDLER_ERROR;
 
 	/* 0 */
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 #else
 	UNUSED(p_d);
 #endif

src/mod_rrdtool.c

@@ -7,6 +7,7 @@
 #include "plugin.h"
 #include <sys/types.h>
 
+#include <assert.h>
 #include <fcntl.h>
 #include <stdlib.h>
 #include <stdio.h>
@@ -345,7 +346,8 @@ SETDEFAULTS_FUNC(mod_rrd_set_defaults) {
 
 	if (!p) return HANDLER_ERROR;
 
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	assert(srv->config_context->used > 0);
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;

src/mod_scgi.c

@@ -925,7 +925,7 @@ SETDEFAULTS_FUNC(mod_scgi_set_defaults) {
 		{ NULL,                          NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
 	};
 
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;

src/mod_secure_download.c

@@ -97,7 +97,7 @@ SETDEFAULTS_FUNC(mod_secdownload_set_defaults) {
 
 	if (!p) return HANDLER_ERROR;
 
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;

src/mod_setenv.c

@@ -96,7 +96,7 @@ SETDEFAULTS_FUNC(mod_setenv_set_defaults) {
 
 	if (!p) return HANDLER_ERROR;
 
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;

src/mod_simple_vhost.c

@@ -89,7 +89,7 @@ SETDEFAULTS_FUNC(mod_simple_vhost_set_defaults) {
 
 	if (!p) return HANDLER_ERROR;
 
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;

src/mod_skeleton.c

@@ -108,7 +108,7 @@ SETDEFAULTS_FUNC(mod_skeleton_set_defaults) {
 
 	if (!p) return HANDLER_ERROR;
 
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;

src/mod_ssi.c

@@ -108,7 +108,7 @@ SETDEFAULTS_FUNC(mod_ssi_set_defaults) {
 
 	if (!p) return HANDLER_ERROR;
 
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;

src/mod_staticfile.c

@@ -91,7 +91,7 @@ SETDEFAULTS_FUNC(mod_staticfile_set_defaults) {
 
 	if (!p) return HANDLER_ERROR;
 
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;

src/mod_status.c

@@ -115,7 +115,7 @@ SETDEFAULTS_FUNC(mod_status_set_defaults) {
 
 	if (!p) return HANDLER_ERROR;
 
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;

src/mod_trigger_b4_dl.c

@@ -143,7 +143,7 @@ SETDEFAULTS_FUNC(mod_trigger_b4_dl_set_defaults) {
 
 	if (!p) return HANDLER_ERROR;
 
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;

src/mod_uploadprogress.c

@@ -201,7 +201,7 @@ SETDEFAULTS_FUNC(mod_uploadprogress_set_defaults) {
 
 	if (!p) return HANDLER_ERROR;
 
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;

src/mod_userdir.c

@@ -96,7 +96,7 @@ SETDEFAULTS_FUNC(mod_userdir_set_defaults) {
 
 	if (!p) return HANDLER_ERROR;
 
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;

src/mod_usertrack.c

@@ -78,7 +78,7 @@ SETDEFAULTS_FUNC(mod_usertrack_set_defaults) {
 
 	if (!p) return HANDLER_ERROR;
 
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;

src/mod_webdav.c

@@ -179,7 +179,7 @@ SETDEFAULTS_FUNC(mod_webdav_set_defaults) {
 
 	if (!p) return HANDLER_ERROR;
 
-	p->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+	p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *));
 
 	for (i = 0; i < srv->config_context->used; i++) {
 		plugin_config *s;

src/network.c

@@ -453,10 +453,10 @@ static int network_server_init(server *srv, buffer *host_token, specific_config
 	if (srv->srv_sockets.size == 0) {
 		srv->srv_sockets.size = 4;
 		srv->srv_sockets.used = 0;
-		srv->srv_sockets.ptr = malloc(srv->srv_sockets.size * sizeof(server_socket));
+		srv->srv_sockets.ptr = malloc(srv->srv_sockets.size * sizeof(server_socket*));
 	} else if (srv->srv_sockets.used == srv->srv_sockets.size) {
 		srv->srv_sockets.size += 4;
-		srv->srv_sockets.ptr = realloc(srv->srv_sockets.ptr, srv->srv_sockets.size * sizeof(server_socket));
+		srv->srv_sockets.ptr = realloc(srv->srv_sockets.ptr, srv->srv_sockets.size * sizeof(server_socket*));
 	}
 
 	srv->srv_sockets.ptr[srv->srv_sockets.used++] = srv_socket;

src/stat_cache.c

@@ -713,7 +713,7 @@ int stat_cache_trigger_cleanup(server *srv) {
 
 	if (!sc->files) return 0;
 
-	keys = calloc(1, sizeof(size_t) * sc->files->size);
+	keys = calloc(1, sizeof(int) * sc->files->size);
 
 	stat_cache_tag_old_entries(srv, sc->files, keys, &max_ndx);