Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / libpldm / 5c49f162bab068e988736880b18e0fa4be6489d7^! / .
commit5c49f162bab068e988736880b18e0fa4be6489d7[log] [tgz]
authorAndrew Jeffery <andrew@codeconstruct.com.au>Sun Sep 22 15:45:35 2024 +0930
committerAndrew Jeffery <andrew@codeconstruct.com.au>Mon Sep 23 21:46:34 2024 +0930
tree0bf5b50ed169acf3fa9b0d9be70704d6b5357c67
parent8b53ad9d76bffe9d219fa476a003fd91f78e5708 [diff]
meson: Ban variable length arrays

Caller-controlled sizes for variable length arrays are bad for the
reasons outlined in the SEI CERT C Coding Standard[1]

Enable -Wvla to prevent future use.

[1]: https://wiki.sei.cmu.edu/confluence/display/c/MEM05-C.+Avoid+large+stack+allocations

Change-Id: Id587bd1432255cff11b419cb5a7f454fc64e2054
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>

diff --git a/meson.build b/meson.build
index 88969ae..560effb 100644
--- a/meson.build
+++ b/meson.build

@@ -23,6 +23,10 @@
 add_project_arguments('-D_GNU_SOURCE', language: ['c'])
 
 compiler = meson.get_compiler('c')
+if compiler.has_argument('-Wvla')
+    add_project_arguments('-Wvla', language: ['c'])
+endif
+
 conf = configuration_data()
 if compiler.has_header('poll.h')
     conf.set('PLDM_HAS_POLL', 1)

diff --git a/src/dsp/pdr.c b/src/dsp/pdr.c
index 407e04a..5c0318b 100644
--- a/src/dsp/pdr.c
+++ b/src/dsp/pdr.c

@@ -295,9 +295,8 @@
 		return -EINVAL;
 	}
 
-	uint32_t size = sizeof(struct pldm_pdr_hdr) +
-			sizeof(struct pldm_pdr_fru_record_set);
-	uint8_t data[size];
+	uint8_t data[sizeof(struct pldm_pdr_hdr) +
+		     sizeof(struct pldm_pdr_fru_record_set)];
 
 	struct pldm_pdr_hdr *hdr = (struct pldm_pdr_hdr *)&data;
 	hdr->version = 1;
@@ -314,7 +313,7 @@
 	fru->entity_instance_num = htole16(entity_instance_num);
 	fru->container_id = htole16(container_id);
 
-	return pldm_pdr_add(repo, data, size, false, terminus_handle,
+	return pldm_pdr_add(repo, data, sizeof(data), false, terminus_handle,
 			    bmc_record_handle);
 }
 
@@ -798,8 +797,16 @@
 	uint8_t contained_count, uint8_t association_type, bool is_remote,
 	uint16_t terminus_handle, uint32_t record_handle)
 {
-	uint8_t pdr[size];
-	uint8_t *start = pdr;
+	uint8_t *start;
+	uint8_t *pdr;
+	int rc;
+
+	pdr = calloc(1, size);
+	if (!pdr) {
+		return -ENOMEM;
+	}
+
+	start = pdr;
 
 	struct pldm_pdr_hdr *hdr = (struct pldm_pdr_hdr *)start;
 	hdr->version = 1;
@@ -838,8 +845,10 @@
 		node = node->next_sibling;
 	}
 
-	return pldm_pdr_add(repo, pdr, size, is_remote, terminus_handle,
-			    &record_handle);
+	rc = pldm_pdr_add(repo, pdr, size, is_remote, terminus_handle,
+			  &record_handle);
+	free(pdr);
+	return rc;
 }
 
 static int entity_association_pdr_add_entry(pldm_entity_node *curr,