From: Thomas Weißschuh <thomas@t-8ch.de>
Date: Tue, 12 Sep 2023 22:08:39 +0000 (+0200)
Subject: libfdisk: (dos) remove usage of VLA
X-Git-Tag: v2.40-rc1~246^2~6
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=7098e911c4a731a9062b75c6a477cd203042860d;p=thirdparty%2Futil-linux.git

libfdisk: (dos) remove usage of VLA

Variable-length-arrays are susceptible to security issues, avoid them.

Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
---

diff --git a/libfdisk/src/dos.c b/libfdisk/src/dos.c
index 1d17943b89..33dbca8c31 100644
--- a/libfdisk/src/dos.c
+++ b/libfdisk/src/dos.c
@@ -1727,14 +1727,22 @@ static int dos_verify_disklabel(struct fdisk_context *cxt)
 {
 	size_t i, j;
 	fdisk_sector_t total = 1, n_sectors = cxt->total_sectors;
-	fdisk_sector_t first[cxt->label->nparts_max],
-		       last[cxt->label->nparts_max];
+	fdisk_sector_t *first, *last;
 	struct dos_partition *p;
 	struct fdisk_dos_label *l = self_label(cxt);
 	int nerrors = 0;
 
 	assert(fdisk_is_label(cxt, DOS));
 
+	first = calloc(cxt->label->nparts_max, sizeof(*first));
+	last = calloc(cxt->label->nparts_max, sizeof(*first));
+
+	if (!first || !last) {
+		free(first);
+		free(last);
+		return -ENOMEM;
+	}
+
 	fill_bounds(cxt, first, last);
 	for (i = 0; i < cxt->label->nparts_max; i++) {
 		struct pte *pe = self_pte(cxt, i);
@@ -1818,6 +1826,8 @@ static int dos_verify_disklabel(struct fdisk_context *cxt)
 			P_("%d error detected.", "%d errors detected.", nerrors),
 			nerrors);
 
+	free(first);
+	free(last);
 	return nerrors;
 }