X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?a=blobdiff_plain;f=debian%2Fpatches%2F0017-Replace-use-of-variable-length-arrays.patch;fp=debian%2Fpatches%2F0017-Replace-use-of-variable-length-arrays.patch;h=3e3a2a7e33fc8eaeaf45bc531ae886e8cf9f5679;hb=ec7411146b283f9271f7d087bb7a58e2dba45fea;hp=0000000000000000000000000000000000000000;hpb=05a815d61965daf3a01ffb3b50fdb8aa7c7df81e;p=gnupg2.git diff --git a/debian/patches/0017-Replace-use-of-variable-length-arrays.patch b/debian/patches/0017-Replace-use-of-variable-length-arrays.patch new file mode 100644 index 0000000..3e3a2a7 --- /dev/null +++ b/debian/patches/0017-Replace-use-of-variable-length-arrays.patch @@ -0,0 +1,179 @@ +From: Werner Koch +Date: Mon, 2 Jan 2017 13:29:18 +0100 +Subject: Replace use of variable-length-arrays. + +* common/t-iobuf.c (main): Replace variable-length-array. +* g10/gpgcompose.c (mksubpkt_callback): Ditto. +(encrypted): Ditto. +* g10/t-stutter.c (log_hexdump): Ditto. +(oracle_test): Ditto. +* g10/tofu.c (get_policy): Ditto. Use "%zu" for size_t. +* scd/app-openpgp.c (ecc_writekey): Replace variable-length-array. +Check for zero length OID_LEN. + +Signed-off-by: Werner Koch +(cherry picked from commit 6b84ecbf312d98ac8cce9fe5facdc815bc742fa1) +--- + common/t-iobuf.c | 6 ++++-- + g10/gpgcompose.c | 17 ++++++++++++----- + g10/t-stutter.c | 17 ++++++++++------- + g10/tofu.c | 6 +++--- + scd/app-openpgp.c | 14 +++++++++++++- + 5 files changed, 42 insertions(+), 18 deletions(-) + +diff --git a/common/t-iobuf.c b/common/t-iobuf.c +index 0e6f508a5..bdeab99a4 100644 +--- a/common/t-iobuf.c ++++ b/common/t-iobuf.c +@@ -362,10 +362,12 @@ main (int argc, char *argv[]) + { + iobuf_t iobuf; + int rc; +- char *content = "0123456789"; ++ char content[] = "0123456789"; + int n; + int c; +- char buffer[strlen (content)]; ++ char buffer[10]; ++ ++ assert (sizeof buffer == sizeof content - 1); + + iobuf = iobuf_temp_with_content (content, strlen (content)); + assert (iobuf); +diff --git a/g10/gpgcompose.c b/g10/gpgcompose.c +index 512cb450a..fafbfd274 100644 +--- a/g10/gpgcompose.c ++++ b/g10/gpgcompose.c +@@ -1654,13 +1654,17 @@ mksubpkt_callback (PKT_signature *sig, void *cookie) + + if (si->reason_for_revocation) + { +- int l = 1 + strlen (si->reason_for_revocation); +- char buf[l]; ++ int len = 1 + strlen (si->reason_for_revocation); ++ char *buf; ++ ++ buf = xmalloc (len); + + buf[0] = si->reason_for_revocation_code; +- memcpy (&buf[1], si->reason_for_revocation, l - 1); ++ memcpy (&buf[1], si->reason_for_revocation, len - 1); ++ ++ build_sig_subpkt (sig, SIGSUBPKT_REVOC_REASON, buf, len); + +- build_sig_subpkt (sig, SIGSUBPKT_REVOC_REASON, buf, l); ++ xfree (buf); + } + + if (si->features) +@@ -2540,10 +2544,13 @@ encrypted (const char *option, int argc, char *argv[], void *cookie) + + if (do_debug) + { +- char buf[2 * session_key.keylen + 1]; ++ char *buf; ++ ++ buf = xmalloc (2 * session_key.keylen + 1); + debug ("session key: algo: %d; keylen: %d; key: %s\n", + session_key.algo, session_key.keylen, + bin2hex (session_key.key, session_key.keylen, buf)); ++ xfree (buf); + } + + if (strcmp (option, "--encrypted-mdc") == 0) +diff --git a/g10/t-stutter.c b/g10/t-stutter.c +index a2e9666bf..359cdf622 100644 +--- a/g10/t-stutter.c ++++ b/g10/t-stutter.c +@@ -68,8 +68,8 @@ log_hexdump (byte *buffer, int length) + { + int have = length > 16 ? 16 : length; + int i; +- char formatted[2 * have + 1]; +- char text[have + 1]; ++ char formatted[2 * 16 + 1]; ++ char text[16 + 1]; + + fprintf (stderr, "%-8d ", written); + bin2hex (buffer, have, formatted); +@@ -87,10 +87,12 @@ log_hexdump (byte *buffer, int length) + } + + for (i = 0; i < have; i ++) +- if (isprint (buffer[i])) +- text[i] = buffer[i]; +- else +- text[i] = '.'; ++ { ++ if (isprint (buffer[i])) ++ text[i] = buffer[i]; ++ else ++ text[i] = '.'; ++ } + text[i] = 0; + + fprintf (stderr, " "); +@@ -347,8 +349,9 @@ oracle (int debug, byte *ciphertext, int len, byte **plaintextp, byte **cfbp) + static int + oracle_test (unsigned int d, int b, int debug) + { +- byte probe[blocksize + 2]; ++ byte probe[32 + 2]; + ++ log_assert (blocksize + 2 <= sizeof probe); + log_assert (d < 256 * 256); + + if (b == 1) +diff --git a/g10/tofu.c b/g10/tofu.c +index 2bded9e8d..8d535fa6c 100644 +--- a/g10/tofu.c ++++ b/g10/tofu.c +@@ -2457,16 +2457,16 @@ get_policy (tofu_dbs_t dbs, PKT_public_key *pk, + /* See if the key is signed by an ultimately trusted key. */ + { + int fingerprint_raw_len = strlen (fingerprint) / 2; +- char fingerprint_raw[fingerprint_raw_len]; ++ char fingerprint_raw[20]; + int len = 0; + +- if (fingerprint_raw_len != 20 ++ if (fingerprint_raw_len != sizeof fingerprint_raw + || ((len = hex2bin (fingerprint, + fingerprint_raw, fingerprint_raw_len)) + != strlen (fingerprint))) + { + if (DBG_TRUST) +- log_debug ("TOFU: Bad fingerprint: %s (len: %zd, parsed: %d)\n", ++ log_debug ("TOFU: Bad fingerprint: %s (len: %zu, parsed: %d)\n", + fingerprint, strlen (fingerprint), len); + } + else +diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c +index 5fa4fd294..4d8b1bc9e 100644 +--- a/scd/app-openpgp.c ++++ b/scd/app-openpgp.c +@@ -3580,11 +3580,23 @@ ecc_writekey (app_t app, gpg_error_t (*pincb)(void*, const char *, char **), + { + if (app->app_local->extcap.algo_attr_change) + { +- unsigned char keyattr[oid_len]; ++ unsigned char *keyattr; + ++ if (!oid_len) ++ { ++ err = gpg_error (GPG_ERR_INTERNAL); ++ goto leave; ++ } ++ keyattr = xtrymalloc (oid_len); ++ if (!keyattr) ++ { ++ err = gpg_error_from_syserror (); ++ goto leave; ++ } + keyattr[0] = algo; + memcpy (keyattr+1, oidbuf+1, oid_len-1); + err = change_keyattr (app, keyno, keyattr, oid_len, pincb, pincb_arg); ++ xfree (keyattr); + if (err) + goto leave; + }