* common/t-iobuf.c (main): Replace variable-length-array.
* g10/gpgcompose.c (mksubpkt_callback): Ditto.
(encrypted): Ditto.
* g10/t-stutter.c (log_hexdump): Ditto.
(oracle_test): Ditto.
* g10/tofu.c (get_policy): Ditto. Use "%zu" for size_t.
* scd/app-openpgp.c (ecc_writekey): Replace variable-length-array.
Check for zero length OID_LEN.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit
6b84ecbf312d98ac8cce9fe5facdc815bc742fa1)
Gbp-Pq: Name 0017-Replace-use-of-variable-length-arrays.patch
- char *content = "0123456789";
+ char content[] = "0123456789";
- char buffer[strlen (content)];
+ char buffer[10];
+
+ assert (sizeof buffer == sizeof content - 1);
iobuf = iobuf_temp_with_content (content, strlen (content));
assert (iobuf);
iobuf = iobuf_temp_with_content (content, strlen (content));
assert (iobuf);
if (si->reason_for_revocation)
{
if (si->reason_for_revocation)
{
- int l = 1 + strlen (si->reason_for_revocation);
- char buf[l];
+ int len = 1 + strlen (si->reason_for_revocation);
+ char *buf;
+
+ buf = xmalloc (len);
buf[0] = si->reason_for_revocation_code;
buf[0] = si->reason_for_revocation_code;
- memcpy (&buf[1], si->reason_for_revocation, l - 1);
+ memcpy (&buf[1], si->reason_for_revocation, len - 1);
+
+ build_sig_subpkt (sig, SIGSUBPKT_REVOC_REASON, buf, len);
- build_sig_subpkt (sig, SIGSUBPKT_REVOC_REASON, buf, l);
- char buf[2 * session_key.keylen + 1];
+ char *buf;
+
+ buf = xmalloc (2 * session_key.keylen + 1);
debug ("session key: algo: %d; keylen: %d; key: %s\n",
session_key.algo, session_key.keylen,
bin2hex (session_key.key, session_key.keylen, buf));
debug ("session key: algo: %d; keylen: %d; key: %s\n",
session_key.algo, session_key.keylen,
bin2hex (session_key.key, session_key.keylen, buf));
}
if (strcmp (option, "--encrypted-mdc") == 0)
}
if (strcmp (option, "--encrypted-mdc") == 0)
{
int have = length > 16 ? 16 : length;
int i;
{
int have = length > 16 ? 16 : length;
int i;
- char formatted[2 * have + 1];
- char text[have + 1];
+ char formatted[2 * 16 + 1];
+ char text[16 + 1];
fprintf (stderr, "%-8d ", written);
bin2hex (buffer, have, formatted);
fprintf (stderr, "%-8d ", written);
bin2hex (buffer, have, formatted);
}
for (i = 0; i < have; i ++)
}
for (i = 0; i < have; i ++)
- if (isprint (buffer[i]))
- text[i] = buffer[i];
- else
- text[i] = '.';
+ {
+ if (isprint (buffer[i]))
+ text[i] = buffer[i];
+ else
+ text[i] = '.';
+ }
text[i] = 0;
fprintf (stderr, " ");
text[i] = 0;
fprintf (stderr, " ");
static int
oracle_test (unsigned int d, int b, int debug)
{
static int
oracle_test (unsigned int d, int b, int debug)
{
- byte probe[blocksize + 2];
+ log_assert (blocksize + 2 <= sizeof probe);
log_assert (d < 256 * 256);
if (b == 1)
log_assert (d < 256 * 256);
if (b == 1)
/* See if the key is signed by an ultimately trusted key. */
{
int fingerprint_raw_len = strlen (fingerprint) / 2;
/* See if the key is signed by an ultimately trusted key. */
{
int fingerprint_raw_len = strlen (fingerprint) / 2;
- char fingerprint_raw[fingerprint_raw_len];
+ char fingerprint_raw[20];
- if (fingerprint_raw_len != 20
+ if (fingerprint_raw_len != sizeof fingerprint_raw
|| ((len = hex2bin (fingerprint,
fingerprint_raw, fingerprint_raw_len))
!= strlen (fingerprint)))
{
if (DBG_TRUST)
|| ((len = hex2bin (fingerprint,
fingerprint_raw, fingerprint_raw_len))
!= strlen (fingerprint)))
{
if (DBG_TRUST)
- log_debug ("TOFU: Bad fingerprint: %s (len: %zd, parsed: %d)\n",
+ log_debug ("TOFU: Bad fingerprint: %s (len: %zu, parsed: %d)\n",
fingerprint, strlen (fingerprint), len);
}
else
fingerprint, strlen (fingerprint), len);
}
else
{
if (app->app_local->extcap.algo_attr_change)
{
{
if (app->app_local->extcap.algo_attr_change)
{
- unsigned char keyattr[oid_len];
+ unsigned char *keyattr;
+ if (!oid_len)
+ {
+ err = gpg_error (GPG_ERR_INTERNAL);
+ goto leave;
+ }
+ keyattr = xtrymalloc (oid_len);
+ if (!keyattr)
+ {
+ err = gpg_error_from_syserror ();
+ goto leave;
+ }
keyattr[0] = algo;
memcpy (keyattr+1, oidbuf+1, oid_len-1);
err = change_keyattr (app, keyno, keyattr, oid_len, pincb, pincb_arg);
keyattr[0] = algo;
memcpy (keyattr+1, oidbuf+1, oid_len-1);
err = change_keyattr (app, keyno, keyattr, oid_len, pincb, pincb_arg);