diff options
author | Trond Myklebust <Trond.Myklebust@netapp.com> | 2012-03-12 13:29:05 -0400 |
---|---|---|
committer | Trond Myklebust <Trond.Myklebust@netapp.com> | 2012-03-12 13:37:16 -0400 |
commit | 0097143c12e279f5d454e0f636a02afff102cc6a (patch) | |
tree | 4c8c6bc4d3901f1d210d5d3d900368be1705f217 /net/sunrpc/auth_gss/gss_krb5_crypto.c | |
parent | 11588f493a2441f09ceb2088d07cc012b53cbf75 (diff) |
SUNRPC: Don't use variable length automatic arrays in kernel code
Replace the variable length array in the RPCSEC_GSS crypto code with
a fixed length one. The size should be bounded by the variable
GSS_KRB5_MAX_BLOCKSIZE, so use that.
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Diffstat (limited to 'net/sunrpc/auth_gss/gss_krb5_crypto.c')
-rw-r--r-- | net/sunrpc/auth_gss/gss_krb5_crypto.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/net/sunrpc/auth_gss/gss_krb5_crypto.c b/net/sunrpc/auth_gss/gss_krb5_crypto.c index 9576f35ab701..0f43e894bc0a 100644 --- a/net/sunrpc/auth_gss/gss_krb5_crypto.c +++ b/net/sunrpc/auth_gss/gss_krb5_crypto.c | |||
@@ -600,11 +600,14 @@ gss_krb5_cts_crypt(struct crypto_blkcipher *cipher, struct xdr_buf *buf, | |||
600 | u32 ret; | 600 | u32 ret; |
601 | struct scatterlist sg[1]; | 601 | struct scatterlist sg[1]; |
602 | struct blkcipher_desc desc = { .tfm = cipher, .info = iv }; | 602 | struct blkcipher_desc desc = { .tfm = cipher, .info = iv }; |
603 | u8 data[crypto_blkcipher_blocksize(cipher) * 2]; | 603 | u8 data[GSS_KRB5_MAX_BLOCKSIZE * 2]; |
604 | struct page **save_pages; | 604 | struct page **save_pages; |
605 | u32 len = buf->len - offset; | 605 | u32 len = buf->len - offset; |
606 | 606 | ||
607 | BUG_ON(len > crypto_blkcipher_blocksize(cipher) * 2); | 607 | if (len > ARRAY_SIZE(data)) { |
608 | WARN_ON(0); | ||
609 | return -ENOMEM; | ||
610 | } | ||
608 | 611 | ||
609 | /* | 612 | /* |
610 | * For encryption, we want to read from the cleartext | 613 | * For encryption, we want to read from the cleartext |