You don't have to use the sizeof operator in the malloc() call, especially if you're just allocating arrays of char (sizeof (char) == 1 by definition). However, if you're allocating arrays of types other than char, it makes life a lot simpler.
The canonical form for using malloc() is
Code:
#include <stdlib.h>
...
T *p = malloc(sizeof *p * number_of_elements);
for any type T (although it's redundant if T is char).
This way, we only have to worry about the number of elements in p, not the number of bytes. We will always allocate the correct number of bytes for those elements based on the type of p.
Compare this to something like
Code:
int *p = malloc(11);
Unless sizeof (int) == 1, this will create a problem, since we haven't allocated enough bytes for the last element in the array.