diff --git a/common/t-iobuf.c b/common/t-iobuf.c index 0e6f508a5..bdeab99a4 100644 --- a/common/t-iobuf.c +++ b/common/t-iobuf.c @@ -362,10 +362,12 @@ main (int argc, char *argv[]) { iobuf_t iobuf; int rc; - char *content = "0123456789"; + char content[] = "0123456789"; int n; int c; - char buffer[strlen (content)]; + char buffer[10]; + + assert (sizeof buffer == sizeof content - 1); iobuf = iobuf_temp_with_content (content, strlen (content)); assert (iobuf); diff --git a/g10/gpgcompose.c b/g10/gpgcompose.c index 512cb450a..fafbfd274 100644 --- a/g10/gpgcompose.c +++ b/g10/gpgcompose.c @@ -1654,13 +1654,17 @@ mksubpkt_callback (PKT_signature *sig, void *cookie) if (si->reason_for_revocation) { - int l = 1 + strlen (si->reason_for_revocation); - char buf[l]; + int len = 1 + strlen (si->reason_for_revocation); + char *buf; + + buf = xmalloc (len); buf[0] = si->reason_for_revocation_code; - memcpy (&buf[1], si->reason_for_revocation, l - 1); + memcpy (&buf[1], si->reason_for_revocation, len - 1); - build_sig_subpkt (sig, SIGSUBPKT_REVOC_REASON, buf, l); + build_sig_subpkt (sig, SIGSUBPKT_REVOC_REASON, buf, len); + + xfree (buf); } if (si->features) @@ -2540,10 +2544,13 @@ encrypted (const char *option, int argc, char *argv[], void *cookie) if (do_debug) { - char buf[2 * session_key.keylen + 1]; + char *buf; + + buf = xmalloc (2 * session_key.keylen + 1); debug ("session key: algo: %d; keylen: %d; key: %s\n", session_key.algo, session_key.keylen, bin2hex (session_key.key, session_key.keylen, buf)); + xfree (buf); } if (strcmp (option, "--encrypted-mdc") == 0) diff --git a/g10/t-stutter.c b/g10/t-stutter.c index a2e9666bf..359cdf622 100644 --- a/g10/t-stutter.c +++ b/g10/t-stutter.c @@ -68,8 +68,8 @@ log_hexdump (byte *buffer, int length) { int have = length > 16 ? 16 : length; int i; - char formatted[2 * have + 1]; - char text[have + 1]; + char formatted[2 * 16 + 1]; + char text[16 + 1]; fprintf (stderr, "%-8d ", written); bin2hex (buffer, have, formatted); @@ -87,10 +87,12 @@ log_hexdump (byte *buffer, int length) } for (i = 0; i < have; i ++) - if (isprint (buffer[i])) - text[i] = buffer[i]; - else - text[i] = '.'; + { + if (isprint (buffer[i])) + text[i] = buffer[i]; + else + text[i] = '.'; + } text[i] = 0; fprintf (stderr, " "); @@ -347,8 +349,9 @@ oracle (int debug, byte *ciphertext, int len, byte **plaintextp, byte **cfbp) static int oracle_test (unsigned int d, int b, int debug) { - byte probe[blocksize + 2]; + byte probe[32 + 2]; + log_assert (blocksize + 2 <= sizeof probe); log_assert (d < 256 * 256); if (b == 1) diff --git a/g10/tofu.c b/g10/tofu.c index 2bded9e8d..8d535fa6c 100644 --- a/g10/tofu.c +++ b/g10/tofu.c @@ -2457,16 +2457,16 @@ get_policy (tofu_dbs_t dbs, PKT_public_key *pk, /* See if the key is signed by an ultimately trusted key. */ { int fingerprint_raw_len = strlen (fingerprint) / 2; - char fingerprint_raw[fingerprint_raw_len]; + char fingerprint_raw[20]; int len = 0; - if (fingerprint_raw_len != 20 + if (fingerprint_raw_len != sizeof fingerprint_raw || ((len = hex2bin (fingerprint, fingerprint_raw, fingerprint_raw_len)) != strlen (fingerprint))) { if (DBG_TRUST) - log_debug ("TOFU: Bad fingerprint: %s (len: %zd, parsed: %d)\n", + log_debug ("TOFU: Bad fingerprint: %s (len: %zu, parsed: %d)\n", fingerprint, strlen (fingerprint), len); } else diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c index 5fa4fd294..4d8b1bc9e 100644 --- a/scd/app-openpgp.c +++ b/scd/app-openpgp.c @@ -3580,11 +3580,23 @@ ecc_writekey (app_t app, gpg_error_t (*pincb)(void*, const char *, char **), { if (app->app_local->extcap.algo_attr_change) { - unsigned char keyattr[oid_len]; + unsigned char *keyattr; + if (!oid_len) + { + err = gpg_error (GPG_ERR_INTERNAL); + goto leave; + } + keyattr = xtrymalloc (oid_len); + if (!keyattr) + { + err = gpg_error_from_syserror (); + goto leave; + } keyattr[0] = algo; memcpy (keyattr+1, oidbuf+1, oid_len-1); err = change_keyattr (app, keyno, keyattr, oid_len, pincb, pincb_arg); + xfree (keyattr); if (err) goto leave; }