summaryrefslogtreecommitdiffstats
path: root/net/sunrpc/auth_gss
diff options
context:
space:
mode:
authorTrond Myklebust <Trond.Myklebust@netapp.com>2012-03-12 18:29:05 +0100
committerTrond Myklebust <Trond.Myklebust@netapp.com>2012-03-12 18:37:16 +0100
commit0097143c12e279f5d454e0f636a02afff102cc6a (patch)
tree4c8c6bc4d3901f1d210d5d3d900368be1705f217 /net/sunrpc/auth_gss
parentNFS: Check return value from rpc_queue_upcall() (diff)
downloadlinux-0097143c12e279f5d454e0f636a02afff102cc6a.tar.xz
linux-0097143c12e279f5d454e0f636a02afff102cc6a.zip
SUNRPC: Don't use variable length automatic arrays in kernel code
Replace the variable length array in the RPCSEC_GSS crypto code with a fixed length one. The size should be bounded by the variable GSS_KRB5_MAX_BLOCKSIZE, so use that. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Diffstat (limited to 'net/sunrpc/auth_gss')
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_crypto.c7
1 files changed, 5 insertions, 2 deletions
diff --git a/net/sunrpc/auth_gss/gss_krb5_crypto.c b/net/sunrpc/auth_gss/gss_krb5_crypto.c
index 9576f35ab701..0f43e894bc0a 100644
--- a/net/sunrpc/auth_gss/gss_krb5_crypto.c
+++ b/net/sunrpc/auth_gss/gss_krb5_crypto.c
@@ -600,11 +600,14 @@ gss_krb5_cts_crypt(struct crypto_blkcipher *cipher, struct xdr_buf *buf,
u32 ret;
struct scatterlist sg[1];
struct blkcipher_desc desc = { .tfm = cipher, .info = iv };
- u8 data[crypto_blkcipher_blocksize(cipher) * 2];
+ u8 data[GSS_KRB5_MAX_BLOCKSIZE * 2];
struct page **save_pages;
u32 len = buf->len - offset;
- BUG_ON(len > crypto_blkcipher_blocksize(cipher) * 2);
+ if (len > ARRAY_SIZE(data)) {
+ WARN_ON(0);
+ return -ENOMEM;
+ }
/*
* For encryption, we want to read from the cleartext