From: Michael Stapelberg <stapelberg@users.noreply.github.com>
Date: Mon, 3 Aug 2015 17:49:15 +0000 (-0700)
Subject: Merge pull request #1789 from shdown/next
X-Git-Tag: 4.11~58
X-Git-Url: https://git.sur5r.net/?p=i3%2Fi3;a=commitdiff_plain;h=fdfe4081593268257cd65932bd5353eade45e190;hp=05fb9096362e788f032de6eccea2d7fea03317ab

Merge pull request #1789 from shdown/next

Use safe wrappers wherever possible
---

diff --git a/.travis.yml b/.travis.yml
index e3e45656..f90e0ebd 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -45,3 +45,22 @@ script:
   - CFLAGS="-Wformat -Wformat-security -Wextra -Wno-unused-parameter -Werror" make -j
   - (cd testcases && xvfb-run ./complete-run.pl --parallel=1 || (cat latest/complete-run.log; false))
   - clang-format-3.5 -i $(find . -name "*.[ch]" | tr '\n' ' ') && git diff --exit-code || (echo 'Code was not formatted using clang-format!'; false)
+  - |
+    funcs='malloc|calloc|realloc|strdup|strndup|asprintf|write'
+    cstring='"([^"\\]|\\.)*"'
+    cchar="'[^\\\\]'|'\\\\.[^']*'"
+    regex="^([^'\"]|${cstring}|${cchar})*\<(${funcs})\>"
+    detected=0
+    while IFS= read -r file; do
+        if { cpp -w -fpreprocessed "$file" || exit "$?"; } | grep -E -- "$regex"; then
+            echo "^ $file calls a function that has a safe counterpart."
+            detected=1
+        fi
+    done << EOF
+    $(find -name '*.c' -not -name safewrappers.c -not -name strndup.c)
+    EOF
+    if [ "$detected" -ne 0 ]; then
+        echo
+        echo "Calls of functions that have safe counterparts were detected."
+        exit 1
+    fi
diff --git a/i3-config-wizard/main.c b/i3-config-wizard/main.c
index 4c1d9697..bd9aa28a 100644
--- a/i3-config-wizard/main.c
+++ b/i3-config-wizard/main.c
@@ -392,7 +392,7 @@ static char *rewrite_binding(const char *input) {
                     }
                 }
                 if (walk != beginning) {
-                    char *str = scalloc(walk - beginning + 1);
+                    char *str = scalloc(walk - beginning + 1, 1);
                     /* We copy manually to handle escaping of characters. */
                     int inpos, outpos;
                     for (inpos = 0, outpos = 0;
@@ -768,7 +768,7 @@ int main(int argc, char *argv[]) {
         switch (o) {
             case 's':
                 FREE(socket_path);
-                socket_path = strdup(optarg);
+                socket_path = sstrdup(optarg);
                 break;
             case 'v':
                 printf("i3-config-wizard " I3_VERSION "\n");
diff --git a/i3-input/main.c b/i3-input/main.c
index 6736aad3..cf3884e9 100644
--- a/i3-input/main.c
+++ b/i3-input/main.c
@@ -103,7 +103,7 @@ static void restore_input_focus(void) {
  *
  */
 static uint8_t *concat_strings(char **glyphs, int max) {
-    uint8_t *output = calloc(max + 1, 4);
+    uint8_t *output = scalloc(max + 1, 4);
     uint8_t *walk = output;
     for (int c = 0; c < max; c++) {
         printf("at %c\n", glyphs[c][0]);
@@ -187,10 +187,10 @@ static void finish_input() {
 
     /* allocate space for the output */
     int inputlen = strlen(command);
-    char *full = calloc(1,
-                        strlen(format) - (2 * cnt) /* format without all %s */
-                            + (inputlen * cnt)     /* replaced %s */
-                            + 1);                  /* trailing NUL */
+    char *full = scalloc(strlen(format) - (2 * cnt) /* format without all %s */
+                             + (inputlen * cnt)     /* replaced %s */
+                             + 1,                   /* trailing NUL */
+                         1);
     char *dest = full;
     for (c = 0; c < len; c++) {
         /* if this is not % or it is % but without a following 's',
@@ -359,7 +359,7 @@ free_resources:
 }
 
 int main(int argc, char *argv[]) {
-    format = strdup("%s");
+    format = sstrdup("%s");
     socket_path = getenv("I3SOCK");
     char *pattern = sstrdup("pango:monospace 8");
     int o, option_index = 0;
@@ -381,7 +381,7 @@ int main(int argc, char *argv[]) {
         switch (o) {
             case 's':
                 FREE(socket_path);
-                socket_path = strdup(optarg);
+                socket_path = sstrdup(optarg);
                 break;
             case 'v':
                 printf("i3-input " I3_VERSION);
@@ -401,11 +401,11 @@ int main(int argc, char *argv[]) {
                 break;
             case 'f':
                 FREE(pattern);
-                pattern = strdup(optarg);
+                pattern = sstrdup(optarg);
                 break;
             case 'F':
                 FREE(format);
-                format = strdup(optarg);
+                format = sstrdup(optarg);
                 break;
             case 'h':
                 printf("i3-input " I3_VERSION "\n");
diff --git a/i3-msg/main.c b/i3-msg/main.c
index 6a6186d8..47e7ae91 100644
--- a/i3-msg/main.c
+++ b/i3-msg/main.c
@@ -77,7 +77,7 @@ static int reply_boolean_cb(void *params, int val) {
 }
 
 static int reply_string_cb(void *params, const unsigned char *val, size_t len) {
-    char *str = scalloc(len + 1);
+    char *str = scalloc(len + 1, 1);
     strncpy(str, (const char *)val, len);
     if (strcmp(last_key, "error") == 0)
         last_reply.error = str;
@@ -105,7 +105,7 @@ static int reply_end_map_cb(void *params) {
 
 static int reply_map_key_cb(void *params, const unsigned char *keyVal, size_t keyLen) {
     free(last_key);
-    last_key = scalloc(keyLen + 1);
+    last_key = scalloc(keyLen + 1, 1);
     strncpy(last_key, (const char *)keyVal, keyLen);
     return 1;
 }
@@ -187,8 +187,7 @@ int main(int argc, char *argv[]) {
             payload = sstrdup(argv[optind]);
         } else {
             char *both;
-            if (asprintf(&both, "%s %s", payload, argv[optind]) == -1)
-                err(EXIT_FAILURE, "asprintf");
+            sasprintf(&both, "%s %s", payload, argv[optind]);
             free(payload);
             payload = both;
         }
diff --git a/i3-nagbar/main.c b/i3-nagbar/main.c
index aca70ab1..d86cd69a 100644
--- a/i3-nagbar/main.c
+++ b/i3-nagbar/main.c
@@ -371,7 +371,7 @@ int main(int argc, char *argv[]) {
     if (argv0_len > strlen(".nagbar_cmd") &&
         strcmp(argv[0] + argv0_len - strlen(".nagbar_cmd"), ".nagbar_cmd") == 0) {
         unlink(argv[0]);
-        cmd = strdup(argv[0]);
+        cmd = sstrdup(argv[0]);
         *(cmd + argv0_len - strlen(".nagbar_cmd")) = '\0';
         execl("/bin/sh", "/bin/sh", cmd, NULL);
         err(EXIT_FAILURE, "execv(/bin/sh, /bin/sh, %s)", cmd);
@@ -418,7 +418,7 @@ int main(int argc, char *argv[]) {
                 printf("i3-nagbar [-m <message>] [-b <button> <action>] [-t warning|error] [-f <font>] [-v]\n");
                 return 0;
             case 'b':
-                buttons = realloc(buttons, sizeof(button_t) * (buttoncnt + 1));
+                buttons = srealloc(buttons, sizeof(button_t) * (buttoncnt + 1));
                 buttons[buttoncnt].label = i3string_from_utf8(optarg);
                 buttons[buttoncnt].action = argv[optind];
                 printf("button with label *%s* and action *%s*\n",
diff --git a/i3bar/src/child.c b/i3bar/src/child.c
index e369c54d..cfc96d5f 100644
--- a/i3bar/src/child.c
+++ b/i3bar/src/child.c
@@ -105,13 +105,13 @@ __attribute__((format(printf, 1, 2))) static void set_statusline_error(const cha
     va_start(args, format);
     (void)vasprintf(&message, format, args);
 
-    struct status_block *err_block = scalloc(sizeof(struct status_block));
+    struct status_block *err_block = scalloc(1, sizeof(struct status_block));
     err_block->full_text = i3string_from_utf8("Error: ");
     err_block->name = sstrdup("error");
     err_block->color = sstrdup("red");
     err_block->no_separator = true;
 
-    struct status_block *message_block = scalloc(sizeof(struct status_block));
+    struct status_block *message_block = scalloc(1, sizeof(struct status_block));
     message_block->full_text = i3string_from_utf8(message);
     message_block->name = sstrdup("error_message");
     message_block->color = sstrdup("red");
@@ -220,21 +220,21 @@ static int stdin_string(void *context, const unsigned char *val, size_t len) {
         return 1;
     }
     if (strcasecmp(ctx->last_map_key, "min_width") == 0) {
-        char *copy = (char *)malloc(len + 1);
+        char *copy = (char *)smalloc(len + 1);
         strncpy(copy, (const char *)val, len);
         copy[len] = 0;
         ctx->block.min_width_str = copy;
         return 1;
     }
     if (strcasecmp(ctx->last_map_key, "name") == 0) {
-        char *copy = (char *)malloc(len + 1);
+        char *copy = (char *)smalloc(len + 1);
         strncpy(copy, (const char *)val, len);
         copy[len] = 0;
         ctx->block.name = copy;
         return 1;
     }
     if (strcasecmp(ctx->last_map_key, "instance") == 0) {
-        char *copy = (char *)malloc(len + 1);
+        char *copy = (char *)smalloc(len + 1);
         strncpy(copy, (const char *)val, len);
         copy[len] = 0;
         ctx->block.instance = copy;
@@ -433,7 +433,7 @@ void stdin_io_first_line_cb(struct ev_loop *loop, ev_io *watcher, int revents) {
     } else {
         /* In case of plaintext, we just add a single block and change its
          * full_text pointer later. */
-        struct status_block *new_block = scalloc(sizeof(struct status_block));
+        struct status_block *new_block = scalloc(1, sizeof(struct status_block));
         TAILQ_INSERT_TAIL(&statusline_head, new_block, blocks);
         read_flat_input((char *)buffer, rec);
     }
diff --git a/i3bar/src/config.c b/i3bar/src/config.c
index 65447e7e..0e2dd05a 100644
--- a/i3bar/src/config.c
+++ b/i3bar/src/config.c
@@ -146,7 +146,7 @@ static int config_string_cb(void *params_, const unsigned char *val, size_t _len
      * users updating from that version and restarting i3bar before i3. */
     if (!strcmp(cur_key, "wheel_up_cmd")) {
         DLOG("wheel_up_cmd = %.*s\n", len, val);
-        binding_t *binding = scalloc(sizeof(binding_t));
+        binding_t *binding = scalloc(1, sizeof(binding_t));
         binding->input_code = 4;
         sasprintf(&(binding->command), "%.*s", len, val);
         TAILQ_INSERT_TAIL(&(config.bindings), binding, bindings);
@@ -157,7 +157,7 @@ static int config_string_cb(void *params_, const unsigned char *val, size_t _len
      * users updating from that version and restarting i3bar before i3. */
     if (!strcmp(cur_key, "wheel_down_cmd")) {
         DLOG("wheel_down_cmd = %.*s\n", len, val);
-        binding_t *binding = scalloc(sizeof(binding_t));
+        binding_t *binding = scalloc(1, sizeof(binding_t));
         binding->input_code = 5;
         sasprintf(&(binding->command), "%.*s", len, val);
         TAILQ_INSERT_TAIL(&(config.bindings), binding, bindings);
@@ -277,7 +277,7 @@ static int config_boolean_cb(void *params_, int val) {
 static int config_integer_cb(void *params_, long long val) {
     if (parsing_bindings) {
         if (strcmp(cur_key, "input_code") == 0) {
-            binding_t *binding = scalloc(sizeof(binding_t));
+            binding_t *binding = scalloc(1, sizeof(binding_t));
             binding->input_code = val;
             TAILQ_INSERT_TAIL(&(config.bindings), binding, bindings);
 
diff --git a/i3bar/src/xcb.c b/i3bar/src/xcb.c
index f31d711a..f90bbcee 100644
--- a/i3bar/src/xcb.c
+++ b/i3bar/src/xcb.c
@@ -533,7 +533,7 @@ void handle_button(xcb_button_press_event_t *event) {
     }
 
     const size_t len = namelen + strlen("workspace \"\"") + 1;
-    char *buffer = scalloc(len + num_quotes);
+    char *buffer = scalloc(len + num_quotes, 1);
     strncpy(buffer, "workspace \"", strlen("workspace \""));
     size_t inpos, outpos;
     for (inpos = 0, outpos = strlen("workspace \"");
@@ -730,7 +730,7 @@ static void handle_client_message(xcb_client_message_event_t *event) {
                                  values);
 
             /* send the XEMBED_EMBEDDED_NOTIFY message */
-            void *event = scalloc(32);
+            void *event = scalloc(32, 1);
             xcb_client_message_event_t *ev = event;
             ev->response_type = XCB_CLIENT_MESSAGE;
             ev->window = client;
@@ -1654,8 +1654,7 @@ void reconfig_windows(bool redraw_bars) {
                                                "i3bar\0i3bar\0");
 
             char *name;
-            if (asprintf(&name, "i3bar for output %s", walk->name) == -1)
-                err(EXIT_FAILURE, "asprintf()");
+            sasprintf(&name, "i3bar for output %s", walk->name);
             xcb_void_cookie_t name_cookie;
             name_cookie = xcb_change_property(xcb_connection,
                                               XCB_PROP_MODE_REPLACE,
diff --git a/include/libi3.h b/include/libi3.h
index 69c44528..102ad533 100644
--- a/include/libi3.h
+++ b/include/libi3.h
@@ -111,7 +111,7 @@ void *smalloc(size_t size);
  * there is no more memory available)
  *
  */
-void *scalloc(size_t size);
+void *scalloc(size_t num, size_t size);
 
 /**
  * Safe-wrapper around realloc which exits if realloc returns NULL (meaning
diff --git a/libi3/fake_configure_notify.c b/libi3/fake_configure_notify.c
index 225577a4..2c4d4559 100644
--- a/libi3/fake_configure_notify.c
+++ b/libi3/fake_configure_notify.c
@@ -23,7 +23,7 @@ void fake_configure_notify(xcb_connection_t *conn, xcb_rectangle_t r, xcb_window
     /* Every X11 event is 32 bytes long. Therefore, XCB will copy 32 bytes.
      * In order to properly initialize these bytes, we allocate 32 bytes even
      * though we only need less for an xcb_configure_notify_event_t */
-    void *event = scalloc(32);
+    void *event = scalloc(32, 1);
     xcb_configure_notify_event_t *generated_event = event;
 
     generated_event->event = window;
diff --git a/libi3/get_exe_path.c b/libi3/get_exe_path.c
index fc9b3014..ef8f23bc 100644
--- a/libi3/get_exe_path.c
+++ b/libi3/get_exe_path.c
@@ -73,7 +73,7 @@ char *get_exe_path(const char *argv0) {
         }
         sasprintf(&path, ":%s", tmp);
     } else {
-        path = strdup(path);
+        path = sstrdup(path);
     }
     const char *component;
     char *str = path;
diff --git a/libi3/resolve_tilde.c b/libi3/resolve_tilde.c
index 26cbabe5..7a4fb79b 100644
--- a/libi3/resolve_tilde.c
+++ b/libi3/resolve_tilde.c
@@ -34,7 +34,7 @@ char *resolve_tilde(const char *path) {
         err(EXIT_FAILURE, "glob() failed");
     } else {
         head = globbuf.gl_pathv[0];
-        result = scalloc(strlen(head) + (tail ? strlen(tail) : 0) + 1);
+        result = scalloc(strlen(head) + (tail ? strlen(tail) : 0) + 1, 1);
         strncpy(result, head, strlen(head));
         if (tail)
             strncat(result, tail, strlen(tail));
diff --git a/libi3/root_atom_contents.c b/libi3/root_atom_contents.c
index df54ef09..d91f1e15 100644
--- a/libi3/root_atom_contents.c
+++ b/libi3/root_atom_contents.c
@@ -80,18 +80,10 @@ char *root_atom_contents(const char *atomname, xcb_connection_t *provided_conn,
     if (prop_reply->type == XCB_ATOM_CARDINAL) {
         /* We treat a CARDINAL as a >= 32-bit unsigned int. The only CARDINAL
          * we query is I3_PID, which is 32-bit. */
-        if (asprintf(&content, "%u", *((unsigned int *)xcb_get_property_value(prop_reply))) == -1) {
-            free(atom_reply);
-            free(prop_reply);
-            return NULL;
-        }
+        sasprintf(&content, "%u", *((unsigned int *)xcb_get_property_value(prop_reply)));
     } else {
-        if (asprintf(&content, "%.*s", xcb_get_property_value_length(prop_reply),
-                     (char *)xcb_get_property_value(prop_reply)) == -1) {
-            free(atom_reply);
-            free(prop_reply);
-            return NULL;
-        }
+        sasprintf(&content, "%.*s", xcb_get_property_value_length(prop_reply),
+                  (char *)xcb_get_property_value(prop_reply));
     }
     if (provided_conn == NULL)
         xcb_disconnect(conn);
diff --git a/libi3/safewrappers.c b/libi3/safewrappers.c
index f5973cab..0a233a12 100644
--- a/libi3/safewrappers.c
+++ b/libi3/safewrappers.c
@@ -27,10 +27,10 @@ void *smalloc(size_t size) {
     return result;
 }
 
-void *scalloc(size_t size) {
-    void *result = calloc(size, 1);
+void *scalloc(size_t num, size_t size) {
+    void *result = calloc(num, size);
     if (result == NULL)
-        err(EXIT_FAILURE, "calloc(%zd)", size);
+        err(EXIT_FAILURE, "calloc(%zd, %zd)", num, size);
     return result;
 }
 
diff --git a/libi3/string.c b/libi3/string.c
index 70244743..a7b8c6fc 100644
--- a/libi3/string.c
+++ b/libi3/string.c
@@ -33,7 +33,7 @@ struct _i3String {
  *
  */
 i3String *i3string_from_utf8(const char *from_utf8) {
-    i3String *str = scalloc(sizeof(i3String));
+    i3String *str = scalloc(1, sizeof(i3String));
 
     /* Get the text */
     str->utf8 = sstrdup(from_utf8);
@@ -64,10 +64,10 @@ i3String *i3string_from_markup(const char *from_markup) {
  *
  */
 i3String *i3string_from_utf8_with_length(const char *from_utf8, size_t num_bytes) {
-    i3String *str = scalloc(sizeof(i3String));
+    i3String *str = scalloc(1, sizeof(i3String));
 
     /* Copy the actual text to our i3String */
-    str->utf8 = scalloc(sizeof(char) * (num_bytes + 1));
+    str->utf8 = scalloc(num_bytes + 1, 1);
     strncpy(str->utf8, from_utf8, num_bytes);
     str->utf8[num_bytes] = '\0';
 
@@ -97,12 +97,11 @@ i3String *i3string_from_markup_with_length(const char *from_markup, size_t num_b
  *
  */
 i3String *i3string_from_ucs2(const xcb_char2b_t *from_ucs2, size_t num_glyphs) {
-    i3String *str = scalloc(sizeof(i3String));
+    i3String *str = scalloc(1, sizeof(i3String));
 
     /* Copy the actual text to our i3String */
-    size_t num_bytes = num_glyphs * sizeof(xcb_char2b_t);
-    str->ucs2 = scalloc(num_bytes);
-    memcpy(str->ucs2, from_ucs2, num_bytes);
+    str->ucs2 = scalloc(num_glyphs, sizeof(xcb_char2b_t));
+    memcpy(str->ucs2, from_ucs2, num_glyphs * sizeof(xcb_char2b_t));
 
     /* Store the length */
     str->num_glyphs = num_glyphs;
diff --git a/libi3/ucs2_conversion.c b/libi3/ucs2_conversion.c
index 3a7d0194..b583e32c 100644
--- a/libi3/ucs2_conversion.c
+++ b/libi3/ucs2_conversion.c
@@ -23,8 +23,8 @@ static iconv_t ucs2_conversion_descriptor = (iconv_t)-1;
  */
 char *convert_ucs2_to_utf8(xcb_char2b_t *text, size_t num_glyphs) {
     /* Allocate the output buffer (UTF-8 is at most 4 bytes per glyph) */
-    size_t buffer_size = num_glyphs * 4 * sizeof(char) + 1;
-    char *buffer = scalloc(buffer_size);
+    size_t buffer_size = num_glyphs * 4 + 1;
+    char *buffer = scalloc(buffer_size, 1);
 
     /* We need to use an additional pointer, because iconv() modifies it */
     char *output = buffer;
diff --git a/src/bindings.c b/src/bindings.c
index 63ca0836..8e8e9feb 100644
--- a/src/bindings.c
+++ b/src/bindings.c
@@ -33,9 +33,9 @@ static struct Mode *mode_from_name(const char *name) {
     }
 
     /* If the mode was not found, create a new one */
-    mode = scalloc(sizeof(struct Mode));
+    mode = scalloc(1, sizeof(struct Mode));
     mode->name = sstrdup(name);
-    mode->bindings = scalloc(sizeof(struct bindings_head));
+    mode->bindings = scalloc(1, sizeof(struct bindings_head));
     TAILQ_INIT(mode->bindings);
     SLIST_INSERT_HEAD(&modes, mode, modes);
 
@@ -51,7 +51,7 @@ static struct Mode *mode_from_name(const char *name) {
 Binding *configure_binding(const char *bindtype, const char *modifiers, const char *input_code,
                            const char *release, const char *border, const char *whole_window,
                            const char *command, const char *modename) {
-    Binding *new_binding = scalloc(sizeof(Binding));
+    Binding *new_binding = scalloc(1, sizeof(Binding));
     DLOG("bindtype %s, modifiers %s, input code %s, release %s\n", bindtype, modifiers, input_code, release);
     new_binding->release = (release != NULL ? B_UPON_KEYRELEASE : B_UPON_KEYPRESS);
     new_binding->border = (border != NULL);
@@ -393,9 +393,9 @@ static Binding *binding_copy(Binding *bind) {
     Binding *ret = smalloc(sizeof(Binding));
     *ret = *bind;
     if (bind->symbol != NULL)
-        ret->symbol = strdup(bind->symbol);
+        ret->symbol = sstrdup(bind->symbol);
     if (bind->command != NULL)
-        ret->command = strdup(bind->command);
+        ret->command = sstrdup(bind->command);
     if (bind->translated_to != NULL) {
         ret->translated_to = smalloc(sizeof(xcb_keycode_t) * bind->number_keycodes);
         memcpy(ret->translated_to, bind->translated_to, sizeof(xcb_keycode_t) * bind->number_keycodes);
diff --git a/src/commands_parser.c b/src/commands_parser.c
index 9ae75abe..ffe416f0 100644
--- a/src/commands_parser.c
+++ b/src/commands_parser.c
@@ -148,9 +148,9 @@ static TAILQ_HEAD(criteria_head, criterion) criteria =
  */
 static void push_criterion(void *unused_criteria, const char *type,
                            const char *value) {
-    struct criterion *criterion = malloc(sizeof(struct criterion));
-    criterion->type = strdup(type);
-    criterion->value = strdup(value);
+    struct criterion *criterion = smalloc(sizeof(struct criterion));
+    criterion->type = sstrdup(type);
+    criterion->value = sstrdup(value);
     TAILQ_INSERT_TAIL(&criteria, criterion, criteria);
 }
 
@@ -243,7 +243,7 @@ char *parse_string(const char **walk, bool as_word) {
     if (*walk == beginning)
         return NULL;
 
-    char *str = scalloc(*walk - beginning + 1);
+    char *str = scalloc(*walk - beginning + 1, 1);
     /* We copy manually to handle escaping of characters. */
     int inpos, outpos;
     for (inpos = 0, outpos = 0;
@@ -270,7 +270,7 @@ char *parse_string(const char **walk, bool as_word) {
 CommandResult *parse_command(const char *input, yajl_gen gen) {
     DLOG("COMMAND: *%s*\n", input);
     state = INITIAL;
-    CommandResult *result = scalloc(sizeof(CommandResult));
+    CommandResult *result = scalloc(1, sizeof(CommandResult));
 
     /* A YAJL JSON generator used for formatting replies. */
     command_output.json_gen = gen;
diff --git a/src/con.c b/src/con.c
index b63d5578..3427013d 100644
--- a/src/con.c
+++ b/src/con.c
@@ -36,7 +36,7 @@ void con_force_split_parents_redraw(Con *con) {
  *
  */
 Con *con_new_skeleton(Con *parent, i3Window *window) {
-    Con *new = scalloc(sizeof(Con));
+    Con *new = scalloc(1, sizeof(Con));
     new->on_remove_child = con_on_remove_child;
     TAILQ_INSERT_TAIL(&all_cons, new, all_cons);
     new->aspect_ratio = 0.0;
diff --git a/src/config.c b/src/config.c
index a931ba1f..b0c6f1a4 100644
--- a/src/config.c
+++ b/src/config.c
@@ -58,7 +58,7 @@ bool parse_configuration(const char *override_configpath, bool use_nagbar) {
 
     /* initialize default bindings if we're just validating the config file */
     if (!use_nagbar && bindings == NULL) {
-        bindings = scalloc(sizeof(struct bindings_head));
+        bindings = scalloc(1, sizeof(struct bindings_head));
         TAILQ_INIT(bindings);
     }
 
@@ -155,9 +155,9 @@ void load_configuration(xcb_connection_t *conn, const char *override_configpath,
 
     SLIST_INIT(&modes);
 
-    struct Mode *default_mode = scalloc(sizeof(struct Mode));
+    struct Mode *default_mode = scalloc(1, sizeof(struct Mode));
     default_mode->name = sstrdup("default");
-    default_mode->bindings = scalloc(sizeof(struct bindings_head));
+    default_mode->bindings = scalloc(1, sizeof(struct bindings_head));
     TAILQ_INIT(default_mode->bindings);
     SLIST_INSERT_HEAD(&modes, default_mode, modes);
 
diff --git a/src/config_directives.c b/src/config_directives.c
index 5b85012c..6032dc11 100644
--- a/src/config_directives.c
+++ b/src/config_directives.c
@@ -242,7 +242,7 @@ CFGFUN(for_window, const char *command) {
         return;
     }
     DLOG("\t should execute command %s for the criteria mentioned above\n", command);
-    Assignment *assignment = scalloc(sizeof(Assignment));
+    Assignment *assignment = scalloc(1, sizeof(Assignment));
     assignment->type = A_COMMAND;
     match_copy(&(assignment->match), current_match);
     assignment->dest.command = sstrdup(command);
@@ -400,7 +400,7 @@ CFGFUN(workspace, const char *workspace, const char *output) {
         }
     }
     if (!duplicate) {
-        assignment = scalloc(sizeof(struct Workspace_Assignment));
+        assignment = scalloc(1, sizeof(struct Workspace_Assignment));
         assignment->name = sstrdup(workspace);
         assignment->output = sstrdup(output);
         TAILQ_INSERT_TAIL(&ws_assignments, assignment, ws_assignments);
@@ -458,7 +458,7 @@ CFGFUN(assign, const char *workspace) {
         return;
     }
     DLOG("New assignment, using above criteria, to workspace \"%s\".\n", workspace);
-    Assignment *assignment = scalloc(sizeof(Assignment));
+    Assignment *assignment = scalloc(1, sizeof(Assignment));
     match_copy(&(assignment->match), current_match);
     assignment->type = A_TO_WORKSPACE;
     assignment->dest.workspace = sstrdup(workspace);
@@ -472,7 +472,7 @@ CFGFUN(no_focus) {
     }
 
     DLOG("New assignment, using above criteria, to ignore focus on manage.\n");
-    Assignment *assignment = scalloc(sizeof(Assignment));
+    Assignment *assignment = scalloc(1, sizeof(Assignment));
     match_copy(&(assignment->match), current_match);
     assignment->type = A_NO_FOCUS;
     TAILQ_INSERT_TAIL(&assignments, assignment, assignments);
@@ -555,7 +555,7 @@ static void bar_configure_binding(const char *button, const char *command) {
         }
     }
 
-    struct Barbinding *new_binding = scalloc(sizeof(struct Barbinding));
+    struct Barbinding *new_binding = scalloc(1, sizeof(struct Barbinding));
     new_binding->input_code = input_code;
     new_binding->command = sstrdup(command);
     TAILQ_INSERT_TAIL(&(current_bar.bar_bindings), new_binding, bindings);
@@ -669,7 +669,7 @@ CFGFUN(bar_finish) {
 
     /* Copy the current (static) structure into a dynamically allocated
      * one, then cleanup our static one. */
-    Barconfig *bar_config = scalloc(sizeof(Barconfig));
+    Barconfig *bar_config = scalloc(1, sizeof(Barconfig));
     memcpy(bar_config, &current_bar, sizeof(Barconfig));
     TAILQ_INSERT_TAIL(&barconfigs, bar_config, configs);
 
diff --git a/src/config_parser.c b/src/config_parser.c
index 9a0d1925..6393efe9 100644
--- a/src/config_parser.c
+++ b/src/config_parser.c
@@ -202,9 +202,9 @@ static TAILQ_HEAD(criteria_head, criterion) criteria =
  */
 static void push_criterion(void *unused_criteria, const char *type,
                            const char *value) {
-    struct criterion *criterion = malloc(sizeof(struct criterion));
-    criterion->type = strdup(type);
-    criterion->value = strdup(value);
+    struct criterion *criterion = smalloc(sizeof(struct criterion));
+    criterion->type = sstrdup(type);
+    criterion->value = sstrdup(value);
     TAILQ_INSERT_TAIL(&criteria, criterion, criteria);
 }
 
@@ -414,7 +414,7 @@ struct ConfigResultIR *parse_config(const char *input, struct context *context)
                     }
                 }
                 if (walk != beginning) {
-                    char *str = scalloc(walk - beginning + 1);
+                    char *str = scalloc(walk - beginning + 1, 1);
                     /* We copy manually to handle escaping of characters. */
                     int inpos, outpos;
                     for (inpos = 0, outpos = 0;
@@ -519,7 +519,7 @@ struct ConfigResultIR *parse_config(const char *input, struct context *context)
 
             /* Contains the same amount of characters as 'input' has, but with
              * the unparseable part highlighted using ^ characters. */
-            char *position = scalloc(strlen(error_line) + 1);
+            char *position = scalloc(strlen(error_line) + 1, 1);
             const char *copywalk;
             for (copywalk = error_line;
                  *copywalk != '\n' && *copywalk != '\r' && *copywalk != '\0';
@@ -789,12 +789,12 @@ static char *migrate_config(char *input, off_t size) {
 
     /* read the script’s output */
     int conv_size = 65535;
-    char *converted = malloc(conv_size);
+    char *converted = smalloc(conv_size);
     int read_bytes = 0, ret;
     do {
         if (read_bytes == conv_size) {
             conv_size += 65535;
-            converted = realloc(converted, conv_size);
+            converted = srealloc(converted, conv_size);
         }
         ret = read(readpipe[0], converted + read_bytes, conv_size - read_bytes);
         if (ret == -1) {
@@ -849,7 +849,7 @@ bool parse_file(const char *f, bool use_nagbar) {
     if (fstat(fd, &stbuf) == -1)
         die("Could not fstat file: %s\n", strerror(errno));
 
-    buf = scalloc((stbuf.st_size + 1) * sizeof(char));
+    buf = scalloc(stbuf.st_size + 1, 1);
 
     if ((fstr = fdopen(fd, "r")) == NULL)
         die("Could not fdopen: %s\n", strerror(errno));
@@ -897,7 +897,7 @@ bool parse_file(const char *f, bool use_nagbar) {
             while (*v_value == '\t' || *v_value == ' ')
                 v_value++;
 
-            struct Variable *new = scalloc(sizeof(struct Variable));
+            struct Variable *new = scalloc(1, sizeof(struct Variable));
             new->key = sstrdup(v_key);
             new->value = sstrdup(v_value);
             SLIST_INSERT_HEAD(&variables, new, variables);
@@ -931,7 +931,7 @@ bool parse_file(const char *f, bool use_nagbar) {
     /* Then, allocate a new buffer and copy the file over to the new one,
      * but replace occurences of our variables */
     char *walk = buf, *destwalk;
-    char *new = smalloc((stbuf.st_size + extra_bytes + 1) * sizeof(char));
+    char *new = smalloc(stbuf.st_size + extra_bytes + 1);
     destwalk = new;
     while (walk < (buf + stbuf.st_size)) {
         /* Find the next variable */
@@ -990,7 +990,7 @@ bool parse_file(const char *f, bool use_nagbar) {
         }
     }
 
-    context = scalloc(sizeof(struct context));
+    context = scalloc(1, sizeof(struct context));
     context->filename = f;
 
     struct ConfigResultIR *config_output = parse_config(new, context);
diff --git a/src/fake_outputs.c b/src/fake_outputs.c
index b4f92cd4..3df0e246 100644
--- a/src/fake_outputs.c
+++ b/src/fake_outputs.c
@@ -49,7 +49,7 @@ void fake_outputs_init(const char *output_spec) {
             new_output->rect.width = min(new_output->rect.width, width);
             new_output->rect.height = min(new_output->rect.height, height);
         } else {
-            new_output = scalloc(sizeof(Output));
+            new_output = scalloc(1, sizeof(Output));
             sasprintf(&(new_output->name), "fake-%d", num_screens);
             DLOG("Created new fake output %s (%p)\n", new_output->name, new_output);
             new_output->active = true;
diff --git a/src/handlers.c b/src/handlers.c
index 8e08d697..49636543 100644
--- a/src/handlers.c
+++ b/src/handlers.c
@@ -760,7 +760,7 @@ static void handle_client_message(xcb_client_message_event_t *event) {
         uint32_t rnd = event->data.data32[1];
         DLOG("[i3 sync protocol] Sending random value %d back to X11 window 0x%08x\n", rnd, window);
 
-        void *reply = scalloc(32);
+        void *reply = scalloc(32, 1);
         xcb_client_message_event_t *ev = reply;
 
         ev->response_type = XCB_CLIENT_MESSAGE;
diff --git a/src/ipc.c b/src/ipc.c
index 51a3d223..a4bc2278 100644
--- a/src/ipc.c
+++ b/src/ipc.c
@@ -84,7 +84,7 @@ void ipc_shutdown(void) {
 IPC_HANDLER(command) {
     /* To get a properly terminated buffer, we copy
      * message_size bytes out of the buffer */
-    char *command = scalloc(message_size + 1);
+    char *command = scalloc(message_size + 1, 1);
     strncpy(command, (const char *)message, message_size);
     LOG("IPC: received: *%s*\n", command);
     yajl_gen gen = yajl_gen_alloc(NULL);
@@ -855,7 +855,7 @@ IPC_HANDLER(get_bar_config) {
 
     /* To get a properly terminated buffer, we copy
      * message_size bytes out of the buffer */
-    char *bar_id = scalloc(message_size + 1);
+    char *bar_id = scalloc(message_size + 1, 1);
     strncpy(bar_id, (const char *)message, message_size);
     LOG("IPC: looking for config for bar ID \"%s\"\n", bar_id);
     Barconfig *current, *config = NULL;
@@ -900,10 +900,10 @@ static int add_subscription(void *extra, const unsigned char *s,
     int event = client->num_events;
 
     client->num_events++;
-    client->events = realloc(client->events, client->num_events * sizeof(char *));
+    client->events = srealloc(client->events, client->num_events * sizeof(char *));
     /* We copy the string because it is not null-terminated and strndup()
      * is missing on some BSD systems */
-    client->events[event] = scalloc(len + 1);
+    client->events[event] = scalloc(len + 1, 1);
     memcpy(client->events[event], s, len);
 
     DLOG("client is now subscribed to:\n");
@@ -1060,13 +1060,13 @@ void ipc_new_client(EV_P_ struct ev_io *w, int revents) {
 
     set_nonblock(client);
 
-    struct ev_io *package = scalloc(sizeof(struct ev_io));
+    struct ev_io *package = scalloc(1, sizeof(struct ev_io));
     ev_io_init(package, ipc_receive_message, client, EV_READ);
     ev_io_start(EV_A_ package);
 
     DLOG("IPC: new client connected on fd %d\n", w->fd);
 
-    ipc_client *new = scalloc(sizeof(ipc_client));
+    ipc_client *new = scalloc(1, sizeof(ipc_client));
     new->fd = client;
 
     TAILQ_INSERT_TAIL(&all_clients, new, clients);
diff --git a/src/load_layout.c b/src/load_layout.c
index e4c4531d..fa0d2e5a 100644
--- a/src/load_layout.c
+++ b/src/load_layout.c
@@ -167,7 +167,7 @@ static int json_end_array(void *ctx) {
 static int json_key(void *ctx, const unsigned char *val, size_t len) {
     LOG("key: %.*s\n", (int)len, val);
     FREE(last_key);
-    last_key = scalloc((len + 1) * sizeof(char));
+    last_key = scalloc(len + 1, 1);
     memcpy(last_key, val, len);
     if (strcasecmp(last_key, "swallows") == 0)
         parsing_swallows = true;
@@ -209,10 +209,10 @@ static int json_string(void *ctx, const unsigned char *val, size_t len) {
         free(sval);
     } else {
         if (strcasecmp(last_key, "name") == 0) {
-            json_node->name = scalloc((len + 1) * sizeof(char));
+            json_node->name = scalloc(len + 1, 1);
             memcpy(json_node->name, val, len);
         } else if (strcasecmp(last_key, "sticky_group") == 0) {
-            json_node->sticky_group = scalloc((len + 1) * sizeof(char));
+            json_node->sticky_group = scalloc(len + 1, 1);
             memcpy(json_node->sticky_group, val, len);
             LOG("sticky_group of this container is %s\n", json_node->sticky_group);
         } else if (strcasecmp(last_key, "orientation") == 0) {
@@ -361,7 +361,7 @@ static int json_int(void *ctx, long long val) {
         json_node->old_id = val;
 
     if (parsing_focus) {
-        struct focus_mapping *focus_mapping = scalloc(sizeof(struct focus_mapping));
+        struct focus_mapping *focus_mapping = scalloc(1, sizeof(struct focus_mapping));
         focus_mapping->old_id = val;
         TAILQ_INSERT_TAIL(&focus_mappings, focus_mapping, focus_mappings);
     }
diff --git a/src/main.c b/src/main.c
index 4c5b5f18..5281d19c 100644
--- a/src/main.c
+++ b/src/main.c
@@ -635,7 +635,7 @@ int main(int argc, char *argv[]) {
     if (ipc_socket == -1) {
         ELOG("Could not create the IPC socket, IPC disabled\n");
     } else {
-        struct ev_io *ipc_io = scalloc(sizeof(struct ev_io));
+        struct ev_io *ipc_io = scalloc(1, sizeof(struct ev_io));
         ev_io_init(ipc_io, ipc_new_client, ipc_socket, EV_READ);
         ev_io_start(main_loop, ipc_io);
     }
@@ -663,7 +663,7 @@ int main(int argc, char *argv[]) {
                 ELOG("Could not disable FD_CLOEXEC on fd %d\n", fd);
             }
 
-            struct ev_io *ipc_io = scalloc(sizeof(struct ev_io));
+            struct ev_io *ipc_io = scalloc(1, sizeof(struct ev_io));
             ev_io_init(ipc_io, ipc_new_client, fd, EV_READ);
             ev_io_start(main_loop, ipc_io);
         }
@@ -679,9 +679,9 @@ int main(int argc, char *argv[]) {
     ewmh_update_desktop_names();
     ewmh_update_desktop_viewport();
 
-    struct ev_io *xcb_watcher = scalloc(sizeof(struct ev_io));
-    xcb_check = scalloc(sizeof(struct ev_check));
-    struct ev_prepare *xcb_prepare = scalloc(sizeof(struct ev_prepare));
+    struct ev_io *xcb_watcher = scalloc(1, sizeof(struct ev_io));
+    xcb_check = scalloc(1, sizeof(struct ev_check));
+    struct ev_prepare *xcb_prepare = scalloc(1, sizeof(struct ev_prepare));
 
     ev_io_init(xcb_watcher, xcb_got_event, xcb_get_file_descriptor(conn), EV_READ);
     ev_io_start(main_loop, xcb_watcher);
diff --git a/src/manage.c b/src/manage.c
index 5512602e..002a7c78 100644
--- a/src/manage.c
+++ b/src/manage.c
@@ -164,7 +164,7 @@ void manage_window(xcb_window_t window, xcb_get_window_attributes_cookie_t cooki
 
     DLOG("Managing window 0x%08x\n", window);
 
-    i3Window *cwindow = scalloc(sizeof(i3Window));
+    i3Window *cwindow = scalloc(1, sizeof(i3Window));
     cwindow->id = window;
     cwindow->depth = get_visual_depth(attr->visual);
 
diff --git a/src/randr.c b/src/randr.c
index 1bd99931..96f2f233 100644
--- a/src/randr.c
+++ b/src/randr.c
@@ -227,7 +227,7 @@ Output *get_output_next(direction_t direction, Output *current, output_close_far
 void disable_randr(xcb_connection_t *conn) {
     DLOG("RandR extension unusable, disabling.\n");
 
-    Output *s = scalloc(sizeof(Output));
+    Output *s = scalloc(1, sizeof(Output));
 
     s->active = true;
     s->rect.x = 0;
@@ -292,7 +292,7 @@ void output_init_con(Output *output) {
     topdock->type = CT_DOCKAREA;
     topdock->layout = L_DOCKAREA;
     /* this container swallows dock clients */
-    Match *match = scalloc(sizeof(Match));
+    Match *match = scalloc(1, sizeof(Match));
     match_init(match);
     match->dock = M_DOCK_TOP;
     match->insert_where = M_BELOW;
@@ -326,7 +326,7 @@ void output_init_con(Output *output) {
     bottomdock->type = CT_DOCKAREA;
     bottomdock->layout = L_DOCKAREA;
     /* this container swallows dock clients */
-    match = scalloc(sizeof(Match));
+    match = scalloc(1, sizeof(Match));
     match_init(match);
     match->dock = M_DOCK_BOTTOM;
     match->insert_where = M_BELOW;
@@ -522,7 +522,7 @@ static void handle_output(xcb_connection_t *conn, xcb_randr_output_t id,
     Output *new = get_output_by_id(id);
     bool existing = (new != NULL);
     if (!existing)
-        new = scalloc(sizeof(Output));
+        new = scalloc(1, sizeof(Output));
     new->id = id;
     new->primary = (primary && primary->output == id);
     FREE(new->name);
diff --git a/src/regex.c b/src/regex.c
index 9549a98b..913519be 100644
--- a/src/regex.c
+++ b/src/regex.c
@@ -25,7 +25,7 @@ struct regex *regex_new(const char *pattern) {
     const char *error;
     int errorcode, offset;
 
-    struct regex *re = scalloc(sizeof(struct regex));
+    struct regex *re = scalloc(1, sizeof(struct regex));
     re->pattern = sstrdup(pattern);
     int options = PCRE_UTF8;
 #ifdef PCRE_HAS_UCP
diff --git a/src/restore_layout.c b/src/restore_layout.c
index f56372a6..439d23cc 100644
--- a/src/restore_layout.c
+++ b/src/restore_layout.c
@@ -109,9 +109,9 @@ void restore_connect(void) {
     if (restore_conn == NULL || xcb_connection_has_error(restore_conn))
         errx(EXIT_FAILURE, "Cannot open display\n");
 
-    xcb_watcher = scalloc(sizeof(struct ev_io));
-    xcb_check = scalloc(sizeof(struct ev_check));
-    xcb_prepare = scalloc(sizeof(struct ev_prepare));
+    xcb_watcher = scalloc(1, sizeof(struct ev_io));
+    xcb_check = scalloc(1, sizeof(struct ev_check));
+    xcb_prepare = scalloc(1, sizeof(struct ev_prepare));
 
     ev_io_init(xcb_watcher, restore_xcb_got_event, xcb_get_file_descriptor(restore_conn), EV_READ);
     ev_io_start(main_loop, xcb_watcher);
@@ -210,7 +210,7 @@ static void open_placeholder_window(Con *con) {
         DLOG("Created placeholder window 0x%08x for leaf container %p / %s\n",
              placeholder, con, con->name);
 
-        placeholder_state *state = scalloc(sizeof(placeholder_state));
+        placeholder_state *state = scalloc(1, sizeof(placeholder_state));
         state->window = placeholder;
         state->con = con;
         state->rect = con->rect;
diff --git a/src/startup.c b/src/startup.c
index b062ea8b..400d3192 100644
--- a/src/startup.c
+++ b/src/startup.c
@@ -149,7 +149,7 @@ void start_application(const char *command, bool no_startup_id) {
         free(first_word);
 
         /* Trigger a timeout after 60 seconds */
-        struct ev_timer *timeout = scalloc(sizeof(struct ev_timer));
+        struct ev_timer *timeout = scalloc(1, sizeof(struct ev_timer));
         ev_timer_init(timeout, startup_timeout, 60.0, 0.);
         timeout->data = context;
         ev_timer_start(main_loop, timeout);
@@ -159,7 +159,7 @@ void start_application(const char *command, bool no_startup_id) {
         /* Save the ID and current workspace in our internal list of startup
          * sequences */
         Con *ws = con_get_workspace(focused);
-        struct Startup_Sequence *sequence = scalloc(sizeof(struct Startup_Sequence));
+        struct Startup_Sequence *sequence = scalloc(1, sizeof(struct Startup_Sequence));
         sequence->id = sstrdup(sn_launcher_context_get_startup_id(context));
         sequence->workspace = sstrdup(ws->name);
         sequence->context = context;
@@ -316,14 +316,8 @@ struct Startup_Sequence *startup_sequence_get(i3Window *cwindow,
     }
 
     char *startup_id;
-    if (asprintf(&startup_id, "%.*s", xcb_get_property_value_length(startup_id_reply),
-                 (char *)xcb_get_property_value(startup_id_reply)) == -1) {
-        perror("asprintf()");
-        DLOG("Could not get _NET_STARTUP_ID\n");
-        free(startup_id_reply);
-        return NULL;
-    }
-
+    sasprintf(&startup_id, "%.*s", xcb_get_property_value_length(startup_id_reply),
+              (char *)xcb_get_property_value(startup_id_reply));
     struct Startup_Sequence *current, *sequence = NULL;
     TAILQ_FOREACH(current, &startup_sequences, sequences) {
         if (strcmp(current->id, startup_id) != 0)
diff --git a/src/util.c b/src/util.c
index 0a8ba6e2..5a95e67c 100644
--- a/src/util.c
+++ b/src/util.c
@@ -122,7 +122,7 @@ void exec_i3_utility(char *name, char *argv[]) {
     /* if the script is not in path, maybe the user installed to a strange
      * location and runs the i3 binary with an absolute path. We use
      * argv[0]’s dirname */
-    char *pathbuf = strdup(start_argv[0]);
+    char *pathbuf = sstrdup(start_argv[0]);
     char *dir = dirname(pathbuf);
     sasprintf(&migratepath, "%s/%s", dir, name);
     argv[0] = migratepath;
@@ -276,7 +276,7 @@ void i3_restart(bool forget_layout) {
         int num_args;
         for (num_args = 0; start_argv[num_args] != NULL; num_args++)
             ;
-        char **new_argv = scalloc((num_args + 3) * sizeof(char *));
+        char **new_argv = scalloc(num_args + 3, sizeof(char *));
 
         /* copy the arguments, but skip the ones we'll replace */
         int write_index = 0;
diff --git a/src/window.c b/src/window.c
index dd04b1b9..764cfca5 100644
--- a/src/window.c
+++ b/src/window.c
@@ -208,13 +208,8 @@ void window_update_role(i3Window *win, xcb_get_property_reply_t *prop, bool befo
     }
 
     char *new_role;
-    if (asprintf(&new_role, "%.*s", xcb_get_property_value_length(prop),
-                 (char *)xcb_get_property_value(prop)) == -1) {
-        perror("asprintf()");
-        DLOG("Could not get WM_WINDOW_ROLE\n");
-        free(prop);
-        return;
-    }
+    sasprintf(&new_role, "%.*s", xcb_get_property_value_length(prop),
+              (char *)xcb_get_property_value(prop));
     FREE(win->role);
     win->role = new_role;
     LOG("WM_WINDOW_ROLE changed to \"%s\"\n", win->role);
diff --git a/src/workspace.c b/src/workspace.c
index 45d031da..70022151 100644
--- a/src/workspace.c
+++ b/src/workspace.c
@@ -397,7 +397,7 @@ static void _workspace_show(Con *workspace) {
         if (focused->urgency_timer == NULL) {
             DLOG("Deferring reset of urgency flag of con %p on newly shown workspace %p\n",
                  focused, workspace);
-            focused->urgency_timer = scalloc(sizeof(struct ev_timer));
+            focused->urgency_timer = scalloc(1, sizeof(struct ev_timer));
             /* use a repeating timer to allow for easy resets */
             ev_timer_init(focused->urgency_timer, workspace_defer_update_urgent_hint_cb,
                           config.workspace_urgency_timer, config.workspace_urgency_timer);
diff --git a/src/x.c b/src/x.c
index ef6c7341..cdfc0f2f 100644
--- a/src/x.c
+++ b/src/x.c
@@ -147,7 +147,7 @@ void x_con_init(Con *con, uint16_t depth) {
     if (win_colormap != XCB_NONE)
         xcb_free_colormap(conn, win_colormap);
 
-    struct con_state *state = scalloc(sizeof(struct con_state));
+    struct con_state *state = scalloc(1, sizeof(struct con_state));
     state->id = con->frame;
     state->mapped = false;
     state->initial = true;
@@ -286,7 +286,7 @@ void x_window_kill(xcb_window_t window, kill_window_t kill_window) {
     /* Every X11 event is 32 bytes long. Therefore, XCB will copy 32 bytes.
      * In order to properly initialize these bytes, we allocate 32 bytes even
      * though we only need less for an xcb_configure_notify_event_t */
-    void *event = scalloc(32);
+    void *event = scalloc(32, 1);
     xcb_client_message_event_t *ev = event;
 
     ev->response_type = XCB_CLIENT_MESSAGE;
@@ -376,7 +376,7 @@ void x_draw_decoration(Con *con) {
         return;
 
     /* 1: build deco_params and compare with cache */
-    struct deco_render_params *p = scalloc(sizeof(struct deco_render_params));
+    struct deco_render_params *p = scalloc(1, sizeof(struct deco_render_params));
 
     /* find out which colors to use */
     if (con->urgent)
diff --git a/src/xcb.c b/src/xcb.c
index 303d6af1..001f6b51 100644
--- a/src/xcb.c
+++ b/src/xcb.c
@@ -114,7 +114,7 @@ void send_take_focus(xcb_window_t window, xcb_timestamp_t timestamp) {
     /* Every X11 event is 32 bytes long. Therefore, XCB will copy 32 bytes.
      * In order to properly initialize these bytes, we allocate 32 bytes even
      * though we only need less for an xcb_configure_notify_event_t */
-    void *event = scalloc(32);
+    void *event = scalloc(32, 1);
     xcb_client_message_event_t *ev = event;
 
     ev->response_type = XCB_CLIENT_MESSAGE;
diff --git a/src/xinerama.c b/src/xinerama.c
index ec030230..cae71fc2 100644
--- a/src/xinerama.c
+++ b/src/xinerama.c
@@ -56,7 +56,7 @@ static void query_screens(xcb_connection_t *conn) {
             s->rect.width = min(s->rect.width, screen_info[screen].width);
             s->rect.height = min(s->rect.height, screen_info[screen].height);
         } else {
-            s = scalloc(sizeof(Output));
+            s = scalloc(1, sizeof(Output));
             sasprintf(&(s->name), "xinerama-%d", num_screens);
             DLOG("Created new Xinerama screen %s (%p)\n", s->name, s);
             s->active = true;