SUNRPC: Don't use variable length automatic arrays in kernel code
authorTrond Myklebust <Trond.Myklebust@netapp.com>
Mon, 12 Mar 2012 17:29:05 +0000 (13:29 -0400)
committerTrond Myklebust <Trond.Myklebust@netapp.com>
Mon, 12 Mar 2012 17:37:16 +0000 (13:37 -0400)
Replace the variable length array in the RPCSEC_GSS crypto code with
a fixed length one. The size should be bounded by the variable
GSS_KRB5_MAX_BLOCKSIZE, so use that.

Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
net/sunrpc/auth_gss/gss_krb5_crypto.c

index 9576f35ab7014f2c506dfdd306d4201e3535b7a7..0f43e894bc0a47e913ca5999afc69d392cc6e6ad 100644 (file)
@@ -600,11 +600,14 @@ gss_krb5_cts_crypt(struct crypto_blkcipher *cipher, struct xdr_buf *buf,
        u32 ret;
        struct scatterlist sg[1];
        struct blkcipher_desc desc = { .tfm = cipher, .info = iv };
-       u8 data[crypto_blkcipher_blocksize(cipher) * 2];
+       u8 data[GSS_KRB5_MAX_BLOCKSIZE * 2];
        struct page **save_pages;
        u32 len = buf->len - offset;
 
-       BUG_ON(len > crypto_blkcipher_blocksize(cipher) * 2);
+       if (len > ARRAY_SIZE(data)) {
+               WARN_ON(0);
+               return -ENOMEM;
+       }
 
        /*
         * For encryption, we want to read from the cleartext