diff -up yubihsm-shell-2.0.0/pkcs11/tests/ecdh_derive_test.c.gcc9 yubihsm-shell-2.0.0/pkcs11/tests/ecdh_derive_test.c
--- yubihsm-shell-2.0.0/pkcs11/tests/ecdh_derive_test.c.gcc9 2019-02-13 14:40:19.972274817 +0100
+++ yubihsm-shell-2.0.0/pkcs11/tests/ecdh_derive_test.c 2019-02-13 14:40:54.957601833 +0100
@@ -365,7 +365,10 @@ static bool test_ecdh_value(const char *
}
// Compare values
- unsigned char ecdh1_bytes[ecdh1_len]; // public key in DER
+ unsigned char *ecdh1_bytes = malloc(ecdh1_len); // public key in DER
+ if (ecdh1_bytes == NULL) {
+ return false;
+ }
if (get_yhvalue(*ecdh1, ecdh1_bytes, ecdh1_len) == 0) {
fail("Failed to retrieve derived key from Yubi library");
return false;
@@ -378,6 +381,7 @@ static bool test_ecdh_value(const char *
break;
}
}
+ free(ecdh1_bytes);
if (!equal) {
fail("ECDH keys derived with yubi library and with openssl do not have the "
"same value");
@@ -416,7 +420,11 @@ static bool test_dublicate_ecdh(const ch
return false;
}
- unsigned char ecdh1_value[ecdh1_len], ecdh2_value[ecdh2_len];
+ unsigned char *ecdh1_value = malloc(ecdh1_len);
+ unsigned char *ecdh2_value = malloc(ecdh2_len);
+ if (ecdh1_value == NULL || ecdh2_value == NULL) {
+ return false;
+ }
if (get_yhvalue(*ecdh2, ecdh1_value, ecdh1_len) == 0) {
return false;
}