From: Lev Stipakov Date: Wed, 21 Oct 2015 07:13:26 +0000 (+0300) Subject: Replace variable length array with malloc X-Git-Tag: v2.4_alpha1~210 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=41e4b67a229e774ebc57a882c386e10d80e10e7e;p=thirdparty%2Fopenvpn.git Replace variable length array with malloc Commit https://github.com/OpenVPN/openvpn/commit/685e486e8b8f70c25f09590c24762ff73 4f94a51 introduced a variable length array. Although C99 supports that, MSVS 2013 still requires size of array to be compiler time constant. As a fix, use malloc/free. v2: Replace OPENSSL_malloc with gc_malloc Signed-off-by: Lev Stipakov Acked-by: Gert Doering Message-Id: <1445411606-13369-1-git-send-email-lstipakov@gmail.com> URL: http://article.gmane.org/gmane.network.openvpn.devel/10344 Signed-off-by: Gert Doering --- diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c index c5543fe1c..f05f95ff5 100644 --- a/src/openvpn/ssl_openssl.c +++ b/src/openvpn/ssl_openssl.c @@ -141,12 +141,12 @@ key_state_export_keying_material(struct key_state_ssl *ssl, { #if (OPENSSL_VERSION_NUMBER >= 0x10001000) unsigned int size = session->opt->ekm_size; - unsigned char ekm[size]; + struct gc_arena gc = gc_new(); + unsigned char* ekm = (unsigned char*) gc_malloc(size, true, &gc); if (SSL_export_keying_material(ssl->ssl, ekm, sizeof(ekm), session->opt->ekm_label, session->opt->ekm_label_size, NULL, 0, 0)) { - struct gc_arena gc = gc_new(); unsigned int len = (size * 2) + 2; const char *key = format_hex_ex (ekm, size, len, 0, NULL, &gc); @@ -154,14 +154,13 @@ key_state_export_keying_material(struct key_state_ssl *ssl, dmsg(D_TLS_DEBUG_MED, "%s: exported keying material: %s", __func__, key); - - gc_free(&gc); } else { msg (M_WARN, "WARNING: Export keying material failed!"); setenv_del (session->opt->es, "exported_keying_material"); } + gc_free(&gc); #endif } }