2 files changed, 13 insertions, 2 deletions

diff --git a/libebl/ChangeLog b/libebl/ChangeLog
index 3655e72c..9ca7b47f 100644
--- a/libebl/ChangeLog
+++ b/libebl/ChangeLog
@@ -1,3 +1,8 @@
+2015-05-17  Mark Wielaard  <[email protected]>
+
+	* eblopenbackend.c (MAX_PREFIX_LEN): New define (16).
+	(openbackend): Stack allocate symname array using MAX_PREFIX_LEN.
+
 2015-01-27  Mark Wielaard  <[email protected]>
 
 	* libebl.h: Add comment from README that this is completely
diff --git a/libebl/eblopenbackend.c b/libebl/eblopenbackend.c
index 3a22f53d..2766e7b0 100644
--- a/libebl/eblopenbackend.c
+++ b/libebl/eblopenbackend.c
@@ -1,5 +1,5 @@
 /* Generate ELF backend handle.
-   Copyright (C) 2000-2014 Red Hat, Inc.
+   Copyright (C) 2000-2015 Red Hat, Inc.
    This file is part of elfutils.
 
    This file is free software; you can redistribute it and/or modify
@@ -135,6 +135,8 @@ static const struct
 };
 #define nmachines (sizeof (machines) / sizeof (machines[0]))
 
+/* No machine prefix should be larger than this.  */
+#define MAX_PREFIX_LEN 16
 
 /* Default callbacks.  Mostly they just return the error value.  */
 static const char *default_object_type_name (int ignore, char *buf,
@@ -343,7 +345,11 @@ openbackend (elf, emulation, machine)
 	    static const char version[] = MODVERSION;
 	    const char *modversion;
 	    ebl_bhinit_t initp;
-	    char symname[machines[cnt].prefix_len + sizeof "_init"];
+
+	    // We use a static number to help the compiler see we don't
+	    // overflow the stack with an arbitrary number.
+	    assert (machines[cnt].prefix_len <= MAX_PREFIX_LEN);
+	    char symname[MAX_PREFIX_LEN + sizeof "_init"];
 
 	    strcpy (mempcpy (symname, machines[cnt].prefix,
 			     machines[cnt].prefix_len), "_init");