* grub-core/lib/pbkdf2.c: Remove variable length arrays.

diff --git a/ChangeLog b/ChangeLog
index 564a1374854eb7b26b016bf136c8a4196923e507..e0052493278b4545af37a0ab5c48131923e51e08 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2013-11-12  Vladimir Serbinenko  <phcoder@gmail.com>
+
+       * grub-core/lib/pbkdf2.c: Remove variable length arrays.
+
 2013-11-12  Vladimir Serbinenko  <phcoder@gmail.com>
 
        * grub-core/tests/pbkdf2_test.c: New test.

diff --git a/grub-core/lib/pbkdf2.c b/grub-core/lib/pbkdf2.c
index b4c69a17919adabf91c50547839e7a93a233b1b3..2fbaa95e8dc78a8939a9783433f4dc7cf9add050 100644 (file)
--- a/grub-core/lib/pbkdf2.c
+++ b/grub-core/lib/pbkdf2.c
@@ -41,8 +41,8 @@ grub_crypto_pbkdf2 (const struct gcry_md_spec *md,
                    grub_uint8_t *DK, grub_size_t dkLen)
 {
   unsigned int hLen = md->mdlen;
-  grub_uint8_t U[md->mdlen];
-  grub_uint8_t T[md->mdlen];
+  grub_uint8_t U[GRUB_CRYPTO_MAX_MDLEN];
+  grub_uint8_t T[GRUB_CRYPTO_MAX_MDLEN];
   unsigned int u;
   unsigned int l;
   unsigned int r;
@@ -52,6 +52,9 @@ grub_crypto_pbkdf2 (const struct gcry_md_spec *md,
   grub_uint8_t *tmp;
   grub_size_t tmplen = Slen + 4;
 
+  if (md->mdlen > GRUB_CRYPTO_MAX_MDLEN)
+    return GPG_ERR_INV_ARG;
+
   if (c == 0)
     return GPG_ERR_INV_ARG;