On Sun, Jul 26, 2020 at 9:34 AM Bruno Haible <[email protected]> wrote: > > Hi Jeffrey, > > > All alloca() code should be removed; not just CRAY. > > alloca() is a dangerous compiler builtin. > > I disagree: when you use it with bounded allocation size only (e.g. through > the module 'malloca'), there is no danger.
Intel has banned the function: https://github.com/intel/safestringlib/wiki/SDL-List-of-Banned-Functions Microsoft has banned the function: https://docs.microsoft.com/en-us/previous-versions/bb288454(v=msdn.10)?redirectedfrom=MSDN Apple has banned the function: https://developer.apple.com/library/archive/documentation/Security/Conceptual/SecureCodingGuide/Introduction.html The manufacturer tells you not to use it on their platforms > > It does not convey failure > > A plain function entry does not convey failure either. ? > Note that the module 'scratch_buffer' is overkill for these cases: > if you can determine the allocation size ahead, and it is less than 1 KB, > why should the code waste 1 KB of stack space? It is not about size. It is about reducing attack surface and risk. It is a Certification & Accreditation (C&A) item. It's about passing an audit. Jeff
