Uninteded Variable Length Array in ec-nist.c

Ian Goldberg ian at cypherpunks.ca
Fri Sep 30 13:36:06 CEST 2022


On Fri, Sep 30, 2022 at 05:14:16PM +0900, NIIBE Yutaka wrote:
> Thank you for your quick response.
> 
> Jussi Kivilinna <jussi.kivilinna at iki.fi> wrote:
> > How about instead define arrays with wanted size and define 'wsize' with
> > sizeof the array. This would avoid having macros. For example like this:
> >
> > index 69b05a6d..0de41e48 100644
> > --- a/mpi/ec-nist.c
> > +++ b/mpi/ec-nist.c
> > @@ -94,9 +94,9 @@ _gcry_mpi_ec_nist192_mod (gcry_mpi_t w, mpi_ec_t ctx)
> >     };
> >     const mpi_limb64_t zero = LIMB_TO64(0);
> >     mpi_ptr_t wp;
> > -  mpi_size_t wsize = 192 / BITS_PER_MPI_LIMB64;
> > -  mpi_limb64_t s[wsize + 1];
> > -  mpi_limb64_t o[wsize + 1];
> > +  mpi_limb64_t s[192 / BITS_PER_MPI_LIMB64 + 1];
> > +  mpi_limb64_t o[sizeof(s)];

Note that sizeof(s) is the number of *bytes* of s, not the number of
*elements* of s, so the above new code will declare o to be much larger
than the old code did.



More information about the Gcrypt-devel mailing list