From: Vladimir Serbinenko <phcoder@gmail.com>
Date: Tue, 12 Nov 2013 00:52:55 +0000 (+0100)
Subject: 	* grub-core/lib/pbkdf2.c: Remove variable length arrays.
X-Git-Tag: grub-2.02-beta1~385
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9c6482b8d60cc518b0fd1b93c9d1e36a548fe195;p=thirdparty%2Fgrub.git

	* grub-core/lib/pbkdf2.c: Remove variable length arrays.
---

diff --git a/ChangeLog b/ChangeLog
index 564a13748..e00524932 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2013-11-12  Vladimir Serbinenko  <phcoder@gmail.com>
+
+	* grub-core/lib/pbkdf2.c: Remove variable length arrays.
+
 2013-11-12  Vladimir Serbinenko  <phcoder@gmail.com>
 
 	* grub-core/tests/pbkdf2_test.c: New test.
diff --git a/grub-core/lib/pbkdf2.c b/grub-core/lib/pbkdf2.c
index b4c69a179..2fbaa95e8 100644
--- a/grub-core/lib/pbkdf2.c
+++ b/grub-core/lib/pbkdf2.c
@@ -41,8 +41,8 @@ grub_crypto_pbkdf2 (const struct gcry_md_spec *md,
 		    grub_uint8_t *DK, grub_size_t dkLen)
 {
   unsigned int hLen = md->mdlen;
-  grub_uint8_t U[md->mdlen];
-  grub_uint8_t T[md->mdlen];
+  grub_uint8_t U[GRUB_CRYPTO_MAX_MDLEN];
+  grub_uint8_t T[GRUB_CRYPTO_MAX_MDLEN];
   unsigned int u;
   unsigned int l;
   unsigned int r;
@@ -52,6 +52,9 @@ grub_crypto_pbkdf2 (const struct gcry_md_spec *md,
   grub_uint8_t *tmp;
   grub_size_t tmplen = Slen + 4;
 
+  if (md->mdlen > GRUB_CRYPTO_MAX_MDLEN)
+    return GPG_ERR_INV_ARG;
+
   if (c == 0)
     return GPG_ERR_INV_ARG;