Received: by 10.192.165.148 with SMTP id m20csp41557imm; Tue, 24 Apr 2018 16:48:24 -0700 (PDT) X-Google-Smtp-Source: AB8JxZqsFvjTSR1urEMiYJfOUcT0oVjezxDocy7FtwlOVcnuflZd/fYIcpttO8iqlOmhHBiibBKp X-Received: by 10.98.62.194 with SMTP id y63mr2027680pfj.102.1524613704354; Tue, 24 Apr 2018 16:48:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1524613704; cv=none; d=google.com; s=arc-20160816; b=WTw7wz2XYLw0FfpVKNjE1yCPyNv5Tw0WXyMPqumGg1DVQZ8Qw13oVc2Fpw5VJvZ06Y rBBGqQFZLIuw/reaUilh2YvZb4Dzo3Qv6mvwr5d4Gnlwcffb5BAgZo48mspJCTBLGvTy 56xOaw4PVIcbP9eGJ2cxdAShnBv67xauMyP49tZYFKo5K+9lkp27TNTd5krtVP6x2lCf 9gOUh1cPrm9ULlYmaSpjPGJx/+m9rtt0BGjdQnVm6FmKbmQwIJ4v1axZn9O3OxvvuEwx DP03r/1ViVf9WxU8duaY7gaVrWMPu68YVb0OFXjErQBq+++ByAhX47WX4hkotAe2pNv7 wkhw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-disposition:mime-version :message-id:subject:cc:to:from:date:dkim-signature :arc-authentication-results; bh=rLqPTM14KUrVSYqU+/iO1vPmNuFVMIrEdGPtuePmyEw=; b=1HHOuliqKWViqQFhax/a8sOWebktbEKPLXvDDPSIFOiWM/gt+I2bKMqRtA1/qemOoZ aHJygreOvVyD6IxkMPEC5ouMjVQXM7+2i37F+UqOtjU81wYhAS6Ijkye7DbYatFhFx3e 2E4BVD645NUhiuIkLTwds8J3mzVEkDp6iBQm3iyRHB1cMMaWgGSbTIFtVDNHrmNhLjes +9WFn0IndEpp4NbcU88awacp5mq+1MsAoxqxSAMr6bqXkMnSsLk0dvo2nfpO2QKeAozc pyZYlwlUWI26X0qvF1gY+MsIHy0t57jInfCFRbR+5fgLkWrBsqpyRl6YbjagkmIrk87J O40w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=NQC9ygiu; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id q127si13955883pfb.1.2018.04.24.16.48.08; Tue, 24 Apr 2018 16:48:24 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=NQC9ygiu; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751242AbeDXXq6 (ORCPT + 99 others); Tue, 24 Apr 2018 19:46:58 -0400 Received: from mail-pg0-f66.google.com ([74.125.83.66]:33904 "EHLO mail-pg0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750902AbeDXXqy (ORCPT ); Tue, 24 Apr 2018 19:46:54 -0400 Received: by mail-pg0-f66.google.com with SMTP id p10so11992532pgn.1 for ; Tue, 24 Apr 2018 16:46:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=date:from:to:cc:subject:message-id:mime-version:content-disposition; bh=rLqPTM14KUrVSYqU+/iO1vPmNuFVMIrEdGPtuePmyEw=; b=NQC9ygiutjnNDaWxNnA3aP5GXyaOaAHLe56fqWnIXoxTaRzqOQscn/AUN7IJ9wrNOf omdHG9Iz+oNZhiHtt+AS1A4la6c4IhrD5WGIWVLNXrewS54UpZr6PS+iS0MxEyrHpfQI Lixh4MCRz94isjMlCs+EcPtCVI1fppTlu1bgw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:mime-version :content-disposition; bh=rLqPTM14KUrVSYqU+/iO1vPmNuFVMIrEdGPtuePmyEw=; b=cKvs70Zxkj1zHaZd8BxoXRqGT3FrFzj/dcSR8RF4+Sjjl0SBlUMHBmxxBUwKnhATtY QvqjTrptPIvxvjN5RjQD8txC0IhGxZvVwTuAo99wGcoYBubxqn4w9CVrXk7HXu48SZiJ Ib++FlK4EY0Uh20ag3gJ+9T39YxD4+lVGBKPgaLYTIPj5cVpE6SlVKHKfQzdkuzTIUnB WuH6Ukcvg93mCcw2bUVZkioncw3ISH0z4un+Czafci/xYtjHxyaVE135GSysAPWAJnva 9f0apeXSQoJMRxJdUw5tclVybIfWVgh/JowJICoNUjVMYnfBol48KRIJDLgnMqzzzRIq Q2hQ== X-Gm-Message-State: ALQs6tA+x42IKNybA7iGLm7lleTbs/7oJgV3YYLgNP5fAu5bo3vGbDOB YRgz5S4/kHjhwLfjDo4dCWIdhA== X-Received: by 2002:a17:902:2a43:: with SMTP id i61-v6mr27284651plb.54.1524613613799; Tue, 24 Apr 2018 16:46:53 -0700 (PDT) Received: from www.outflux.net (173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133]) by smtp.gmail.com with ESMTPSA id q9sm30657517pgs.5.2018.04.24.16.46.51 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 24 Apr 2018 16:46:52 -0700 (PDT) Date: Tue, 24 Apr 2018 16:46:51 -0700 From: Kees Cook To: Stefano Brivio Cc: Andreas Christoforou , kernel-hardening@lists.openwall.com, Steffen Klassert , Herbert Xu , "David S. Miller" , Alexey Kuznetsov , Hideaki YOSHIFUJI , netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v3 ipsec-next] xfrm: remove VLA usage in __xfrm6_sort() Message-ID: <20180424234651.GA30225@beast> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org In the quest to remove all stack VLA usage removed from the kernel[1], just use XFRM_MAX_DEPTH as already done for the "class" array. In one case, it'll do this loop up to 5, the other caller up to 6. [1] https://lkml.org/lkml/2018/3/7/621 Co-developed-by: Andreas Christoforou Signed-off-by: Kees Cook --- v3: - adjust Subject and commit log (Steffen) - use "= { }" instead of memset() (Stefano) - reorder variables (Stefano) v2: - use XFRM_MAX_DEPTH for "count" array (Steffen and Mathias). --- net/ipv6/xfrm6_state.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/ipv6/xfrm6_state.c b/net/ipv6/xfrm6_state.c index 16f434791763..eeb44b64ae7f 100644 --- a/net/ipv6/xfrm6_state.c +++ b/net/ipv6/xfrm6_state.c @@ -60,9 +60,9 @@ xfrm6_init_temprop(struct xfrm_state *x, const struct xfrm_tmpl *tmpl, static int __xfrm6_sort(void **dst, void **src, int n, int (*cmp)(void *p), int maxclass) { - int i; + int count[XFRM_MAX_DEPTH] = { }; int class[XFRM_MAX_DEPTH]; - int count[maxclass]; + int i; memset(count, 0, sizeof(count)); -- 2.7.4 -- Kees Cook Pixel Security