sparse: Avoid variable-length arrays

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
author: Miloslav Trmač <mitr@redhat.com> 2010-07-09 12:05:02 +0200
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2010-07-19 09:27:20 +0200
commit: 92ad9a3b4e56f153d9460bef8a06d8705a68b6c6 (patch)
tree: 57bd615ffeb9fedc2c4e9f59a33e974c503d3ce5 /ncr-key-wrap.c
parent: 7d3e97fd97133419ed9cbc3cee857c638519501f (diff)
download: kernel-crypto-92ad9a3b4e56f153d9460bef8a06d8705a68b6c6.tar.gz
kernel-crypto-92ad9a3b4e56f153d9460bef8a06d8705a68b6c6.tar.xz
kernel-crypto-92ad9a3b4e56f153d9460bef8a06d8705a68b6c6.zip
1 files changed, 21 insertions, 4 deletions
diff --git a/ncr-key-wrap.c b/ncr-key-wrap.c
index cec850e5a39..41a7aea431c 100644
--- a/ncr-key-wrap.c
+++ b/ncr-key-wrap.c
@@ -142,8 +142,14 @@ uint8_t iv[8];
 	}
 
 	{
-		val64_t R[n];
+		val64_t *R;
 
+		R = kmalloc(n * sizeof (*R), GFP_KERNEL);
+		if (R == NULL) {
+			err();
+			ret = -ENOMEM;
+			goto cleanup;
+		}
 		/* R = P */
 		for (i=0;i<kdata_size;i++) {
 			R[i/8][i%8] = ((uint8_t*)kdata)[i];
@@ -152,6 +158,7 @@ uint8_t iv[8];
 			R[i/8][i%8] = 0;
 		}
 		ret = rfc3394_wrap( R, n, &ctx, output, iv);
+		kfree(R);
 		if (ret < 0) {
 			err();
 			goto cleanup;
@@ -207,16 +214,24 @@ size_t size;
 	}
 
 	{
-		val64_t R[n], A;
+		val64_t *R, A;
 
+		R = kmalloc(n * sizeof (*R), GFP_KERNEL);
+		if (R == NULL) {
+			err();
+			ret = -ENOMEM;
+			goto cleanup;
+		}
 		ret = rfc3394_unwrap(wrapped_key, R, n, A, &ctx);
 		if (ret < 0) {
 			err();
+			kfree(R);
 			return ret;
 		}
 
 		if (memcmp(A, iv, 4)!= 0) {
 			err();
+			kfree(R);
 			ret = -EINVAL;
 			goto cleanup;
 		}
@@ -224,6 +239,7 @@ size_t size;
 		size = (A[4] << 24) | (A[5] << 16) | (A[6] << 8) | A[7];
 		if (size > n*8 || size < (n-1)*8 || *kdata_size < size) {
 			err();
+			kfree(R);
 			ret = -EINVAL;
 			goto cleanup;
 		}
@@ -233,6 +249,7 @@ size_t size;
 		for (i=0;i<size;i++) {
 			((uint8_t*)kdata)[i] = R[i/8][i%8];
 		}
+		kfree(R);
 	}
 
 
@@ -306,7 +323,7 @@ struct cipher_data ctx;
 
 
 	{
-		val64_t R[n];
+		val64_t R[(NCR_CIPHER_MAX_KEY_LEN + 7) / 8];
 
 		/* R = P */
 		for (i=0;i<n;i++) {
@@ -381,7 +398,7 @@ struct cipher_data ctx;
 	}
 
 	{
-		val64_t R[n];
+		val64_t R[sizeof(output->key.secret.data)/8 + 1];
 
 		ret = rfc3394_unwrap(wrapped_key, R, n, A, &ctx);
 		if (ret < 0) {
author	Miloslav Trmač <mitr@redhat.com>	2010-07-09 12:05:02 +0200
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2010-07-19 09:27:20 +0200
commit	92ad9a3b4e56f153d9460bef8a06d8705a68b6c6 (patch)
tree	57bd615ffeb9fedc2c4e9f59a33e974c503d3ce5 /ncr-key-wrap.c
parent	7d3e97fd97133419ed9cbc3cee857c638519501f (diff)
download	kernel-crypto-92ad9a3b4e56f153d9460bef8a06d8705a68b6c6.tar.gz kernel-crypto-92ad9a3b4e56f153d9460bef8a06d8705a68b6c6.tar.xz kernel-crypto-92ad9a3b4e56f153d9460bef8a06d8705a68b6c6.zip