Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 0097143c authored by Trond Myklebust's avatar Trond Myklebust
Browse files

SUNRPC: Don't use variable length automatic arrays in kernel code 



Replace the variable length array in the RPCSEC_GSS crypto code with
a fixed length one. The size should be bounded by the variable
GSS_KRB5_MAX_BLOCKSIZE, so use that.

Signed-off-by: default avatarTrond Myklebust <Trond.Myklebust@netapp.com>
parent 11588f49

net/sunrpc/auth_gss/gss_krb5_crypto.c

+5 −2
Original line number Diff line number Diff line
@@ -600,11 +600,14 @@ gss_krb5_cts_crypt(struct crypto_blkcipher *cipher, struct xdr_buf *buf, 
	u32 ret;

	struct scatterlist sg[1];

	struct blkcipher_desc desc = { .tfm = cipher, .info = iv };

	u8 data[crypto_blkcipher_blocksize(cipher) * 2];

	u8 data[GSS_KRB5_MAX_BLOCKSIZE * 2];

	struct page **save_pages;

	u32 len = buf->len - offset;



	BUG_ON(len > crypto_blkcipher_blocksize(cipher) * 2);

	if (len > ARRAY_SIZE(data)) {

		WARN_ON(0);

		return -ENOMEM;

	}



	/*

	 * For encryption, we want to read from the cleartext