著者: Andreas Messer 日付: To: dng 題目: Re: [DNG] Nasty Linux systemd security bug revealed
On Wed, Jul 21, 2021 at 02:36:16PM +0200, Didier Kryn wrote: > added (by gcc ?) to work around a missing feature of the C language:
> dynamic allocation on the stack. This lack has disapeared many years ago
> ( don't know with which version of the C standard) , with the following
> form of allocation:
>
> ...
>
> n = 2x+1;
>
> {
>
> int array[n];
>
> ...
>
> }
>
> And, therefore, alloca() should be removed.
Well, alloca(n*sizeof(int)) and your suggestion both do the same in that
they allocate memory from stack without any checking. Thus both will
show the same failure mode of possible stack overflow.
In any case, the implementation should put some limit on n before
executing alloca() or int array[n].
To be honest, I really don't seesomething against using alloca() despite
its not Posix. Especially, there is no advantage of array[n]
regarding the stack overflow issue.
Of course, critical software should not rely on dynamic stack allocation
since its unpredictable. (but also not on runtime heap allocation too)