Le 20/07/2021 à 22:08, Dr. Nikolaus Klepp a écrit :
> Just in case sombody missed it:
>
> https://www.zdnet.com/article/nasty-linux-systemd-security-bug-revealed/
>
>
> "Systemd, the Linux system and service manager that has largely
> replaced init as the master Linux startup and control program, has
> always had its critics. Now, with Qualys's discovery of a new systemd
> security bug, systemd will have fewer friends. Successful exploitation
> of this newest vulnerability enables any unprivileged user to cause a
> denial of service via a kernel panic.
> In a phrase, "that's bad, that's really bad." [...]
> "
>
> Nik
>
I want to add to the comments that this alloca() function has been
added (by gcc ?) to work around a missing feature of the C language:
dynamic allocation on the stack. This lack has disapeared many years ago
( don't know with which version of the C standard) , with the following
form of allocation:
...
n = 2x+1;
{
int array[n];
...
}
And, therefore, alloca() should be removed.
delenda est alloca !
-- Didier