Re: [PATCH 0/6] Remove several VLAs in the crypto subsystem

From: Kees Cook
Date: Sat Apr 07 2018 - 15:57:22 EST


On Sat, Apr 7, 2018 at 11:38 AM, Salvatore Mesoraca
<s.mesoraca16@xxxxxxxxx> wrote:
> As suggested by Laura Abbott[2], I'm resending my patch with
> MAX_BLOCKSIZE and MAX_ALIGNMASK defined in an header, so they
> can be used in other places.
> I take this opportuinuty to deal with some other VLAs not
> handled in the old patch.
>
> [1] http://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@xxxxxxxxxxxxxx
> [2] http://lkml.kernel.org/r/4e536889-439a-49e6-dd95-2d4286913202@xxxxxxxxxx
>
> Salvatore Mesoraca (6):
> crypto: api - laying macros for statically allocated buffers
> crypto: ctr - avoid VLA use
> crypto: api - avoid VLA use
> crypto: pcbc - avoid VLA use
> crypto: cts - avoid VLA use
> crypto: cfb - avoid VLA use
>
> crypto/cfb.c | 14 ++++++++++----
> crypto/cipher.c | 7 ++++++-
> crypto/ctr.c | 13 +++++++++++--
> crypto/cts.c | 8 ++++++--
> crypto/internal.h | 8 ++++++++
> crypto/pcbc.c | 9 +++++++--
> 6 files changed, 48 insertions(+), 11 deletions(-)

These all look good to me! Thanks for the refactoring. :)

Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx>

-Kees

--
Kees Cook
Pixel Security