* grub-core/lib/crypto.c (grub_crypto_cbc_decrypt): Remove variable

	length arrays.

diff --git a/ChangeLog b/ChangeLog
index 661d4d2e8076b7ee33e176d8d46b08a609104870..269a841e744316e80b10325f218f0aa0a17789e8 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2013-11-12  Vladimir Serbinenko  <phcoder@gmail.com>
+
+       * grub-core/lib/crypto.c (grub_crypto_cbc_decrypt): Remove variable
+       length arrays.
+
 2013-11-12  Vladimir Serbinenko  <phcoder@gmail.com>
 
        * grub-core/disk/AFSplitter.c: Remove variable length arrays.

diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c
index 4d360aa6721c7b226d9242810085cf164b01916a..e31afb745bfe8bd33cd59027c8add2e49fd85ba5 100644 (file)
--- a/grub-core/lib/crypto.c
+++ b/grub-core/lib/crypto.c
@@ -261,11 +261,13 @@ grub_crypto_cbc_decrypt (grub_crypto_cipher_handle_t cipher,
 {
   const grub_uint8_t *inptr;
   grub_uint8_t *outptr, *end;
-  grub_uint8_t ivt[cipher->cipher->blocksize];
+  grub_uint8_t ivt[GRUB_CRYPTO_MAX_CIPHER_BLOCKSIZE];
   if (!cipher->cipher->decrypt)
     return GPG_ERR_NOT_SUPPORTED;
   if (size % cipher->cipher->blocksize != 0)
     return GPG_ERR_INV_ARG;
+  if (cipher->cipher->blocksize > GRUB_CRYPTO_MAX_CIPHER_BLOCKSIZE)
+    return GPG_ERR_INV_ARG;
   end = (grub_uint8_t *) in + size;
   for (inptr = in, outptr = out; inptr < end;
        inptr += cipher->cipher->blocksize, outptr += cipher->cipher->blocksize)