Fix checking bounds of array index after using it; improper sizeof

This patch fixes two problems pointed out by a static analysis tool.

* In chan_dahdi, when an event is handled the index of the sub channel is first
  obtained.  In very off nominal cases, the method that determines the index
  can return a negative value.  In the event handling code, whether or not
  the index returned is valid was being checked after that value was used to
  index into an array.  This patch makes it so the value is checked before
  any indexing is done.

* In res_calendar_ews, sizeof was being passed a pointer instead of the struct to
  determine the amount of memory to allocate.

(issue ASTERISK-19651)
Reported by: Matt Jordan

(closes issue ASTERISK-19671)
Reported by: Matt Jordan
........

Merged revisions 366740 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 366741 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@366746 65c4cc65-6c06-0410-ace0-fbb531ad65f3

channels/chan_dahdi.c

@@ -7956,6 +7956,9 @@ static struct ast_frame *dahdi_handle_event(struct ast_channel *ast)
 	struct ast_frame *f;
 	idx = dahdi_get_index(ast, p, 0);
+	if (idx < 0) {
+		return &ast_null_frame;
+	}
 	mysig = p->sig;
 	if (p->outsigmod > -1)
 		mysig = p->outsigmod;
@@ -7969,8 +7972,6 @@ static struct ast_frame *dahdi_handle_event(struct ast_channel *ast)
 	p->subs[idx].f.data.ptr = NULL;
 	f = &p->subs[idx].f;
-	if (idx < 0)
-		return &p->subs[idx].f;
 	if (p->fake_event) {
 		res = p->fake_event;
 		p->fake_event = 0;

res/res_calendar_ews.c

@@ -233,7 +233,7 @@ static int startelm(void *userdata, int parent, const char *nspace, const char *
 		/* Event UID */
 		if (ctx->op == XML_OP_FIND) {
 			struct calendar_id *id;
-			if (!(id = ast_calloc(1, sizeof(id)))) {
+			if (!(id = ast_calloc(1, sizeof(*id)))) {
 				return NE_XML_ABORT;
 			}
 			if (!(id->id = ast_str_create(256))) {