:: Re: [DNG] Nasty Linux systemd secur…
Página superior
Eliminar este mensaje
Responder a este mensaje
Autor: Didier Kryn
Fecha:  
A: dng
Asunto: Re: [DNG] Nasty Linux systemd security bug revealed
Le 21/07/2021 à 15:47, William Gallafent via Dng a écrit :
> According to a man page I happen to have in front of me, “alloca()
> appeared in Version 32V AT&T UNIX.”
>
> I've certainly seen it in use on code originally written during the
> last millennium for SGI IRIX, and then ported to several other
> systems, many years ago.
>
> It was C99 that introduced variable-length arrays, which is, as you
> say, also many years ago :)
>
> According to the same man page:
>
> ==B<==
> BUGS
>      alloca() is machine and compiler dependent; its use is discouraged.

>
>      alloca() is slightly unsafe because it cannot ensure that the
> pointer returned points to a valid and usable block of memory.  The
>      allocation made may exceed the bounds of the stack, or even go
> further into other objects in memory, and alloca() cannot determine
>      such an error.  Avoid alloca() with large unbounded allocations.

>
>      The use of C99 variable-length arrays and alloca() in the same
> function will cause the lifetime of alloca's storage to be limited
>      to the block containing the alloca()
> ==B<==

>
> Here endeth the lesson, certainly. I like the use of “slightly” in
> front of the word “unsafe”. Humorous.


    Slightly humorous (~:

--     Didier